US 12,093,146 B2
Method and apparatus for generating log data having increased filterability
Dhanishchandra Harishbhai Patel, Mississauga (CA)
Assigned to Malikie Innovations Limited, Dublin (IE)
Filed by MALIKIE INNOVATIONS LIMITED, Dublin (IE)
Filed on Jul. 7, 2023, as Appl. No. 18/348,898.
Application 18/348,898 is a continuation of application No. 16/226,050, filed on Dec. 19, 2018, granted, now 11,740,981.
Prior Publication US 2023/0350769 A1, Nov. 2, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 11/00 (2006.01); G06F 9/54 (2006.01); G06F 11/14 (2006.01); G06F 11/34 (2006.01); G06F 16/9035 (2019.01); G06F 16/9038 (2019.01)
CPC G06F 11/1471 (2013.01) [G06F 9/542 (2013.01); G06F 11/3476 (2013.01); G06F 16/9035 (2019.01); G06F 16/9038 (2019.01)] 18 Claims
OG exemplary drawing
 
1. A device for detecting and identifying an endpoint management event failure in an endpoint management system, the device comprising:
a processor configured to:
generate event logs associated with the endpoint management system;
store log data comprising the generated event logs in a database;
identify a first set of log data by searching the log data for a first log data type, the first log data type having a data structure that includes:
both an alphanumeric identifier associated with a user and user information, the user information including a user's name, a user's login name, or a user's email address, or
both an alphanumeric event log chain identifier and an action type;
when the first log data type includes both the alphanumeric identifier associated with the user and the user information, identify pairs of the alphanumeric identifier associated with a user and the user information in the first set of log data;
when the first log data type includes both the alphanumeric event log chain identifier and an action type, identify pairs of the alphanumeric event log chain identifier and the action type, in the first set of log data;
for each of the identified pairs:
identify a second set of log data that includes:
when the identified pair includes an alphanumeric identifier associated with the user and user information, the alphanumeric identifier associated with a user but not the corresponding user information, wherein identifying the second set of log data is performed by searching the log data for event logs that include the one of the identifier associated, and
when the identified pair includes an alphanumeric event log chain identifier and an action type, the alphanumeric event log chain identifier but not the corresponding action type, wherein identifying the second set of log data is performed by searching the log data for event logs that include the event log chain identifier; and
update log data stored in the database by adding, for each of the event logs of the identified second set of log data:
the user information when the identified pair includes an alphanumeric identifier associated with the user and user information, and
the action type when the identified pair includes an alphanumeric event log chain identifier and an action type.