Adaptively collecting network event forensic data

Assignee

• Cisco Technology, Inc. · US

Inventors

• L. Alexander Clemm · Los Gatos, US
• Carlos M. Pignataro · Cary, US
• Rodney Dunn · Benson, US
• Steve Chen-Lin Chang · Cupertino, US
• Shyyunn Sheran Lin · San Jose, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2201/86
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

In an embodiment, a data processing system comprises a repository configured to store a plurality of event message definitions for error messages, syslog messages, or other notification messages that may be emitted by one or more managed network elements; event annotation logic coupled to the data repository and configured to receive and store one or more annotations to each of the event message definitions, wherein each of the annotations specifies event context information to be collected in the managed network elements when an associated event message occurs; event forensics definitions generator logic coupled to the event annotation logic and configured to generate an event forensics definitions file capable of interpretation by one or more managed network elements and comprising event type identifiers and context information identifiers for context information to be collected, and configured to cause distributing the event forensics definitions file to the one or more managed network elements.