| CPC G06F 11/0766 (2013.01) [G06F 11/0709 (2013.01); G06F 11/079 (2013.01); G06F 11/0793 (2013.01)] | 20 Claims |
|
1. An apparatus comprising:
at least one processing device comprising a processor coupled to a memory;
the at least one processing device being configured:
to detect a given issue encountered on a given one of a plurality of computing devices in an information technology infrastructure;
to identify a given one of a set of two or more different clusters of the plurality of computing devices to which the given computing device belongs;
to determine a similarity between the given issue encountered on the given computing device and one or more historical issues encountered on one or more other ones of the plurality of computing devices belonging to the given cluster;
to select, based at least in part on the determined similarity between the given issue encountered on the given computing device and the one or more historical issues encountered on the one or more other ones of the plurality of computing devices belonging to the given cluster, a subset of a plurality of components of the given computing device as one or more target components for log collection, the subset of the plurality of components of the given computing device comprising less than all of the plurality of components of the given computing device;
to collect logs from the subset of the plurality of components of the given computing device;
to determine, utilizing the collected logs, one or more software components of the given computing device that are a source of the given issue; and
to apply one or more patches to update the one or more software components of the given computing device which are determined to be the source of the given issue.
|