International Business Machines Corporation
ALERT MANAGEMENT IN DATA PROCESSING SYSTEMS

Abstract:

Several aspects are provided for dynamically updating an alert-management system that uses a master ruleset to match alerts in a data processing system with automata for handling the alerts. A method comprises training a machine learning model to correlate the alerts with the automata using a training dataset comprising alerts which were successfully handled by the automata. The machine learning model is then applied to correlate unmatched alerts with the automata, wherein the unmatched alerts were not matched to the automata by the master ruleset. The method further comprises analyzing operation of the machine learning model in relation to correlation of the unmatched alerts to define a new ruleset for matching the unmatched alerts with the automata and outputting the new ruleset for auditing of each rule in the new ruleset. In response to approval of an audited rule, the audited rule is added to the master ruleset.