In the case of a relatively large organization such as a corporation or the like, it is known that such an organization may have relatively large and extensive computing operations. For example, a multi-national corporation that performs a large amount of its business by way of the Internet or the like typically has such relatively large and extensive computing operations. Moreover, any organization or business or the like that maintains large amounts of data, such as for example customer data or operations data, likewise typically has such relatively large and extensive computing operations.
Such relatively large and extensive computing operations may be performed for the organization at one or more computing operations centers. As may be appreciated, such a computing operations center is usually at a single physical location, although such a center may also be geographically dispersed if necessary and/or desired. At any rate, such a computing operations center may have systems including various servers, data stores, communications equipment, databases, interfaces, and other systems relating to the operations of the organization. Significantly, each such system may from time to time issue a system message regarding the operations of such system.
As is known, each such system message may encompass most any notifying message deemed necessary or desirable, and typically includes error messages, maintenance messages, status messages, and the like. Thus, each such system message may be of most any type or variety, and in fact may be relatively serious, such as for example that data has been lost or the system is going to shut down, relatively insignificant, such as for example that a particular user has logged in, or somewhere in between, such as for example that regular maintenance should be performed soon.
Notably, all system messages as sent from most any system of a computing operations center may be gathered and stored in a centralized location so that such messages may be reviewed as necessary in a dedicated fashion. One example of such a centralized location is a message logging database, as is known. Such a message logging database for a relatively large organization may receive and store a relatively large number of system messages from the computing operations center thereof, perhaps on the order of 1000 or even 10000 messages per minute. Accordingly, manually reviewing each such message may be relatively difficult if not impossible. Nevertheless, the information incumbent in the many messages may be particularly useful, and accordingly the message logging database may be accessed by a system operator or the like by way of an appropriate interface in order to glean such information. However, such a message logging database typically does not proactively acting on any of the systems messages received and stored thereat in order to prevent any ‘bad’ system event, such as for example a server crash, a data loss, loss of a communications link, etc. Instead, the database is reviewed only after such a ‘bad’ system event has occurred in order to glean any information relating to related events that preceded the ‘bad’ system event.
Accordingly, a need exists for systems and methods for proactively acting on systems messages received and stored at a message logging database or the like. More particularly, a need exists for such systems and methods that discern trends from the systems messages in the database and that take appropriate action in response to discerning such a trend. Even more particularly, a need exists for such systems and methods that look for predetermined patterns in the logged systems messages and upon identifying such predetermined trends take corresponding actions.