Rapid7 has been granted a patent for a computer-implemented method that allows for granular and prioritized visualization of anomalous log data. The method involves generating unique identifiers for each log by hashing one or more fields, converting the logs into a series of unique identifiers, and overlaying timestamps on a time series graph in a graphical user interface (GUI). The method also tracks new instances of each unique identifier and updates the timestamps accordingly. GlobalData’s report on Rapid7 gives a 360-degree view of the company including its patenting strategy. Buy the report here.
Smarter leaders trust GlobalData
According to GlobalData’s company profile on Rapid7, Network traffic analysis was a key innovation area identified from patents. Rapid7's grant share as of September 2023 was 82%. Grant share is based on the ratio of number of grants to total number of patents.
Granular and prioritized visualization of anomalous log data
A recently granted patent (Publication Number: US11777970B1) describes a computer-implemented method for analyzing log data using unique identifiers and timestamps. The method involves accessing a collection of logs and generating a unique identifier for each log by hashing specific fields within the log. These unique identifiers are then converted into a series and appended with timestamps. The method further includes overlaying the list of timestamps on a time series graph in a graphical user interface (GUI).
The patent also covers determining whether a log is a process log or an authentication log and generating the unique identifier accordingly. For process logs, the unique identifier is generated by hashing fields such as user name, host name, executable hashing methodology, executable path, and executable command line. For authentication logs, the unique identifier is generated by hashing fields such as source and destination user, source and destination host, and login type.
The time series graph in the GUI represents a timeline that is smaller in magnitude compared to the log-indicated timeline represented by the list of timestamps. The magnitude can be measured in terms of decades, years, months, days, or hours. The method also involves accessing a set of anomalous log data indicators and identifying unique identifiers that are considered anomalous or outliers based on these indicators.
Additionally, the patent describes extracting the identified unique identifiers and performing a log search operation to find corresponding logs. The search results can be sorted based on the anomalous log data indicators and filtered using a benign parameter that is not part of the set of anomalous log data indicators.
The patent also covers a non-transitory computer-readable storage medium and a system comprising processors and memory that store program instructions for implementing the described method.
Overall, this patent presents a computer-implemented method for analyzing log data using unique identifiers, timestamps, and a time series graph. The method allows for the identification of anomalous log data and provides a means for searching and filtering logs based on these anomalies.
To know more about GlobalData’s detailed insights on Rapid7, buy the report here.
Data Insights
From
The gold standard of business intelligence.
Blending expert knowledge with cutting-edge technology, GlobalData’s unrivalled proprietary data will enable you to decode what’s happening in your market. You can make better informed decisions and gain a future-proof advantage over your competitors.
GlobalData, the leading provider of industry intelligence, provided the underlying data, research, and analysis used to produce this article.
GlobalData Patent Analytics tracks bibliographic data, legal events data, point in time patent ownerships, and backward and forward citations from global patenting offices. Textual analysis and official patent classifications are used to group patents into key thematic areas and link them to specific companies across the world’s largest industries.
