Philip T Tee

US Patent:

20190097871, Mar 28, 2019

Filed:

Nov 29, 2018

Appl. No.:

16/204096

Inventors:

- San Francisco CA, US
Philip Tee - San Francisco CA, US

International Classification:

H04L 12/24
H04L 29/06
G06F 21/60
G06F 21/62
G06K 9/62

Abstract:

A system is in communication with a managed infrastructure. An extraction engine is in communication with a managed infrastructure. The extraction engine is configured to receive managed infrastructure data and produces events as well as populates an entropy database with a dictionary of event entropy that can be included in the entropy database. A signalizer engine that includes one or more of an NMF engine, a k-means clustering engine and a topology proximity engine. The signalizer engine inputs a list of devices and a list of connections between components or nodes in the managed infrastructure. The signalizer engine determines one or more common characteristics and produces clusters of events relating to failure or errors in at least one of the devices and connections between components or nodes in the managed infrastructure. The events are converted into words and subsets to group the events into clusters that relate to security of the managed infrastructure. In response to grouping the events, physical changes are made to at least a portion of the physical hardware. In response to production of the clusters, security of the managed infrastructure is maintained.

US Patent:

20190052514, Feb 14, 2019

Filed:

Sep 24, 2018

Appl. No.:

16/140508

Inventors:

- San Francisco CA, US
Philip Tee - San Francisco CA, US

International Classification:

H04L 12/24
H04L 29/08
H04L 29/06
H04L 12/26
G06F 17/30

Abstract:

Methods and system are provided for decomposing events from managed infrastructures. The system decomposes events from a managed infrastructure and includes a first engine that receives data from a managed infrastructure which includes managed infrastructure physical hardware. The infrastructure physical hardware supports the flow and processing of information. A second engine determines common characteristics of events and produces clusters of events relating to the failure of errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to support the flow and processing of information. Events are produced that relate to the managed infrastructure. The events are converted into words and subsets used to group the events that relate to failures or errors in the managed infrastructure, including the managed infrastructure physical hardware. The events have textural context. Semantic meaning is applied to the textual context of the events. A change to a managed infrastructure physical hardware component is made.

US Patent:

20180359135, Dec 13, 2018

Filed:

Jul 22, 2018

Appl. No.:

16/041792

Inventors:

- San Francisco CA, US
Philip Tee - San Francisco CA, US

International Classification:

H04L 12/24
H04L 29/08
H04L 29/06
H04L 12/26
G06F 17/30

Abstract:

A system is provided for clustering events. A first engine configured to receive message data from managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information. The at least one engine is configured to determine common characteristics of events and produce clusters of events relating to failure of errors in the managed infrastructure, where membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information. The at least one engine is configured to create one or more situations that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructure. A second engine is configured to determine one or more common steps from events and produces clusters relating to events. The second engine determines one or more common characteristics of events and produces clusters of events relating to the failure or errors in the managed infrastructure. An anomaly engine is configured to perform bitwise operations. A change to a managed infrastructure physical hardware component is made.

US Patent:

20180336081, Nov 22, 2018

Filed:

Nov 14, 2017

Appl. No.:

15/811715

Inventors:

- San Francisco CA, US
Philip Tee - San Francisco CA, US

International Classification:

G06F 11/07
H04L 12/24
G06F 17/30
G06N 3/08

Abstract:

An event clustering system that has an extraction engine in communication with a managed infrastructure. A signalizer engine includes one or more of an NMF engine, a k-means clustering engine and a topology proximity engine. The signalizer engine determines one or more common characteristics or features from events. The signalizer engine uses the common features of events to produce clusters of events relating to the failure or errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information. A feedback signalizer functor is provided that is a supervised machine learning approach to train to reproduce a situation. In response to production of the clusters one or more physical changes in a managed infrastructure hardware is made, where the hardware supports the flow and processing of information.

US Patent:

20180181665, Jun 28, 2018

Filed:

Dec 26, 2017

Appl. No.:

15/854001

Inventors:

- San Francisco CA, US
Philip Tee - San Francisco CA, US

International Classification:

G06F 17/30
H04L 12/58
H04L 12/24
G06F 17/10
G06Q 10/10

Abstract:

A system is provided for clustering events. A first engine is configured to receive message data from managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information. A second engine determines common characteristics of events and produces clusters of events relating to the failure of errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information. One or more situations is created that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructure. In response to the production of the clusters one or more physical changes is made to at least a portion of the managed infrastructure hardware.

US Patent:

20180181666, Jun 28, 2018

Filed:

Dec 26, 2017

Appl. No.:

15/854091

Inventors:

- San Francisco CA, US
Philip Tee - San Francisco CA, US

International Classification:

G06F 17/30
H04L 12/58
H04L 12/24
G06F 17/10
G06Q 10/10

Abstract:

A system is provided for clustering events. At least one engine is configured to receive message data from managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information. The at least one engine is configured to determine common characteristics of events and produce clusters of events relating to the failure of errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information. The at least one engine is configured to create one or more situations that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructure. A situation room includes a collaborative interface (UI) for decomposing events from managed infrastructures. In response to the production of the clusters one or more physical changes is made in managed infrastructure hardware. A reference tool provides for a decomposition of events.

US Patent:

20180157762, Jun 7, 2018

Filed:

Dec 6, 2017

Appl. No.:

15/833046

Inventors:

- San Francisco CA, US
Philip Tee - San Francisco CA, US

International Classification:

G06F 17/30
H04L 12/24
G06Q 10/10
H04L 12/58
G06F 17/10

Abstract:

An event clustering system includes an extraction engine and a signalizer engine. The extraction engine is in communication with a managed infrastructure. In operation the extraction engine receives messages from the managed infrastructure and produces events that relate to the managed infrastructure. The events are converted into words and subtexts that are used to group the events into clusters relating to failures or errors in the managed infrastructure physical hardware. The managed infrastructure supports the flow and processing of information. The signalizer engine determines one or more common characteristics of events and produces clusters of events relating to the failure or errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware of the managed infrastructure directed to supporting the flow and processing of information. In response to production of the clusters of events one or more physical changes in a managed infrastructure hardware is made.

US Patent:

20170250854, Aug 31, 2017

Filed:

May 16, 2017

Appl. No.:

15/596648

Inventors:

- San Francisco CA, US
Philip Tee - San Francisco CA, US

International Classification:

H04L 12/24
H04L 29/06
G06F 17/30
H04L 12/26
H04L 29/08

Abstract:

A distributed system includes a plurality of managed devices of an infrastructure with a plurality of system parameters; at least one agent in communication with the managed devices. The at least one agent is configured to determine which of a managed device it runs on. A first server is in communication with the at least one agent, with the at least one agent communicating over a subscribed bus. A portal bridge is in communication with the bus and communicates through a client's firewall to a Network System. The system is configured to be in communication with a second server with a database of anomies and time series. A repository of system parameters run on the second server.