| CPC H04L 41/0631 (2013.01) [H04L 41/069 (2013.01); H04L 43/0823 (2013.01)] | 20 Claims |
|
1. A system comprising:
a processor; and
a memory that stores computer-executable instructions that, when executed by the processor, cause the processor to perform operations comprising
obtaining, from a data lake, an instance of correlated event data, wherein the instance of correlated event data comprises a first event that occurred at a first network device, a second event that occurred at a second network device, and data that correlates the first event to the second event, wherein the first network device publishes the first event to a messaging bus, wherein the second network device publishes the second event to the messaging bus, wherein the first event and the second event are obtained by the data lake via the messaging bus, and wherein the second event results from an occurrence of the first event,
obtaining packet capture data from a troubleshooting server, wherein obtaining the packet capture data comprises accessing, via a link in an event-based monitoring (“EBM”) table, the troubleshooting server via a first application programming interface exposed by the troubleshooting server and pulling, via the first application programming interface, the packet capture data,
obtaining an elasitcsearch, logstash, and kibana (“ELK”) log from a searchable log database comprising an ELK stack, wherein obtaining the ELK log comprises accessing the searchable log database via a second application programming interface exposed by the searchable log database and pulling, via the second application programming interface, the ELK log, and
generating, based on the instance of correlated event data, the packet capture data, and the ELK log, a prediction model that is configured to be fed a future event as input to predict a cause of the future event and to enable proactive and predictive remediation of the cause of the future event.
|