The instant disclosure relates to error logging in computer systems. More specifically, the disclosure relates to systems and methods for communicating information between different layers of a computer system.
In computer systems as illustrated in
In modern computer systems, as illustrated in
Because communications attempts are handled in the interface processor 234, which is outside of the operating system 240, the operating system 240 may not receive information regarding communications attempts. For example, if an inbound secure connection handshake fails, the operating system 240 would not receive an indication of the failure communications attempt. Thus, the error information would be unavailable for access by an administrator for diagnosing failed connection attempts or obtaining information regarding successful connection attempts.
According to one embodiment, a method includes receiving, at an interface, a connection attempt to an operating system. The method also includes logging the connection attempt in a first log at the interface. The method further includes sending, to the operating system, an indication of the connection attempt.
According to another embodiment, a computer program product includes a computer readable medium having code to receive, at an interface, a connection attempt to an operating system. The medium also includes code to log the connection attempt in a first log at the interface. The medium further includes code to send, to the operating system, an indication of the connection attempt.
According to yet another embodiment, a system includes a network interface card. The system also includes a system architecture interface layer (SAIL) coupled to the network interface card. The system further includes an operating system coupled to the SAIL. The operating system includes a pass-through communications processor. The SAIL includes an interface processor for indicating to the communications processor communications attempts received through the network interface card.
The foregoing has outlined rather broadly the features and technical advantages of the present invention in order that the detailed description of the invention that follows may be better understood. Additional features and advantages of the invention will be described hereinafter which form the subject of the claims of the invention. It should be appreciated by those skilled in the art that the conception and specific embodiment disclosed may be readily utilized as a basis for modifying or designing other structures for carrying out the same purposes of the present invention. It should also be realized by those skilled in the art that such equivalent constructions do not depart from the spirit and scope of the invention as set forth in the appended claims. The novel features which are believed to be characteristic of the invention, both as to its organization and method of operation, together with further objects and advantages will be better understood from the following description when considered in connection with the accompanying figures. It is to be expressly understood, however, that each of the figures is provided for the purpose of illustration and description only and is not intended as a definition of the limits of the present invention.
For a more complete understanding of the disclosed system and methods, reference is now made to the following descriptions taken in conjunction with the accompanying drawings.
In one embodiment, the user interface device 310 is referred to broadly and is intended to encompass a suitable processor-based device such as a desktop computer, a laptop computer, a personal digital assistant (PDA) or table computer, a smartphone or other a mobile communication device or organizer device having access to the network 308. In a further embodiment, the user interface device 310 may access the Internet or other wide area or local area network to access a web application or web service hosted by the server 302 and provide a user interface for enabling a user to enter or receive information. For example, the server 302 may allow access to communications log files stored in the data storage 306.
The network 308 may facilitate communications of data between the server 302 and the user interface device 310. The network 308 may include any type of communications network including, but not limited to, a direct PC-to-PC connection, a local area network (LAN), a wide area network (WAN), a modem-to-modem connection, the Internet, a combination of the above, or any other communications network now known or later developed within the networking arts which permits two or more computers to communicate, one with another.
In one embodiment, the server 302 is configured to respond to communication attempts and log communications attempts in the data storage 306. Additionally, the server may access data stored in the data storage device 306 via a Storage Area Network (SAN) connection, a LAN, a data bus, or the like.
The data storage device 306 may include a hard disk, including hard disks arranged in an Redundant Array of Independent Disks (RAID) array, a tape storage drive comprising a magnetic tape data storage device, an optical storage device, or the like. In one embodiment, the data storage device 306 may store communications logs. The data may be arranged in a database and accessible through Structured Query Language (SQL) queries, or other data base query languages or operations.
In one embodiment, the server 302 may submit a query to selected data storage devices 404, 406 to store or retrieve communication attempts. The server 302 may store the consolidated data set of logged communications in a consolidated data storage device 410. In such an embodiment, the server 302 may refer back to the consolidated data storage device 410 to obtain a set of data elements associated with a communications attempts. Alternatively, the server 302 may query each of the data storage devices 404, 406, 408 independently or in a distributed query to obtain the set of data elements associated with a communications attempt. In another alternative embodiment, multiple databases may be stored on a single consolidated data storage device 410.
The data management system 400 may also include files for accessing and/or processing the communications logs. In various embodiments, the server 302 may communicate with the data storage devices 404, 406, 408 over the data-bus 402. The data-bus 402 may comprise a SAN, a LAN, or the like. The communication infrastructure may include Ethernet, Fibre-Chanel Arbitrated Loop (FC-AL), Small Computer System Interface (SCSI), Serial Advanced Technology Attachment (SATA), Advanced Technology Attachment (ATA), and/or other similar data communication schemes associated with data storage and communication. For example, the server 302 may communicate indirectly with the data storage devices 404, 406, 408, 410; the server 302 first communicating with a storage server or the storage controller 404.
The server 302 may host a software application configured for responding to communications attempts and/or logging communications attempts. The software application may further include modules for interfacing with the data storage devices 404, 406, 408, 410, interfacing a network 308, interfacing with a user through the user interface device 310, and the like. In a further embodiment, the server 302 may host an engine, application plug-in, or application programming interface (API).
The computer system 500 also may include random access memory (RAM) 508, which may be SRAM, DRAM, SDRAM, or the like. The computer system 500 may utilize RAM 508 to store the various data structures used by a software application having code to store and/or analyze communications logs. The computer system 500 may also include read only memory (ROM) 506 which may be PROM, EPROM, EEPROM, optical storage, or the like. The ROM may store configuration information for booting the computer system 500. The RAM 508 and the ROM 506 hold user and system data.
The computer system 500 may also include an input/output (I/O) adapter 510, a communications adapter 514, a user interface adapter 516, and a display adapter 522. The I/O adapter 510 and/or the user interface adapter 516 may, in certain embodiments, enable a user to interact with the computer system 500 in order to attempt communications sessions. In a further embodiment, the display adapter 522 may display a graphical user interface associated with a software or web-based application for analyzing and/or reviewing communications logs.
The I/O adapter 510 may connect one or more storage devices 512, such as one or more of a hard drive, a compact disk (CD) drive, a floppy disk drive, and a tape drive, to the computer system 500. The communications adapter 514 may be adapted to couple the computer system 500 to the network 308, which may be one or more of a LAN, WAN, and/or the Internet. The user interface adapter 516 couples user input devices, such as a keyboard 520 and a pointing device 518, to the computer system 500. The display adapter 522 may be driven by the CPU 502 to control the display on the display device 524.
The applications of the present disclosure are not limited to the architecture of computer system 500. Rather the computer system 500 is provided as an example of one type of computing device that may be adapted to perform the functions of a server 302 and/or the user interface device 310. For example, any suitable processor-based device may be utilized including without limitation, including personal data assistants (PDAs), tablet computers, smartphones, computer game consoles, and multi-processor servers. Moreover, the systems and methods of the present disclosure may be implemented on application specific integrated circuits (ASIC), very large scale integrated (VLSI) circuits, or other circuitry. In fact, persons of ordinary skill in the art may utilize any number of suitable structures capable of executing logical operations according to the described embodiments.
The communications attempts to be indicated by the interface processor 234 at block 606 may be configurable. According to one embodiment, an administrator may set indications to occur only when communications attempts fail to establish a communications session. According to another embodiment, an administrator may set indications to occur when communications attempts successfully establish a communications session. Additionally, indications may be configured to be turned on and off. For example, during a debug mode the indications of communications attempts may be turned on and reported to the operating system 240. After debugging has completed, normal mode is entered and the indications may be turned off.
Having the interface processor 234 report the communications attempts to the communications processor 242 allows the operating system 240 to maintain a communications log file including information regarding communications errors. For example, if a SSL and/or TLS handshake fails at the interface processor 234 the operating system 240 receives an indication of the error and stores the indication in a log file accessible by an administrator of the operating system 240. The log files of the operating system 240 may be reviewed and/or analyzed with, for example, a log trace analysis (LTA) application.
The communications log may be accessed through the operating system of a server.
In another embodiment, the communications processor may be terminated to allow access to the communications log of the operating system.
After the log trace analyzer has executed the log file may be analyzed.
Another example log file entry is illustrated in
The method described above is advantageous to reduce the number of steps for an administrator to view communications log files and subsequently to analyze failed communication attempts. In conventional solutions, after a remote client failed to establish a communication session with the server the pass-through communications processor (e.g., CPCommOS) did not receive notification of the failure. Thus, the remote client would have to manually report the error to the administrator of the server. According to the present disclosure, when a communication attempt is made to the server an indication is provided to the communications processor including information about the communications attempt. The communications processor in the operating system creates a communications log with the information, which is available to administrators to quickly and easily diagnose failed communications attempts. The method disclosed may be particularly advantageous when diagnosing SSL and/or TLS communications attempts, which often involve the creation and management of certificates, certificate trust, private and public keys, and/or cipher suites. Having information about which of these steps in the SSL and/or TLS handshake failed allows the administrator to quickly resolve communications issues affecting the server.
Although the present disclosure and its advantages have been described in detail, it should be understood that various changes, substitutions and alterations can be made herein without departing from the spirit and scope of the disclosure as defined by the appended claims. Moreover, the scope of the present application is not intended to be limited to the particular embodiments of the process, machine, manufacture, composition of matter, means, methods and steps described in the specification. As one of ordinary skill in the art will readily appreciate from the present invention, disclosure, machines, manufacture, compositions of matter, means, methods, or steps, presently existing or later to be developed that perform substantially the same function or achieve substantially the same result as the corresponding embodiments described herein may be utilized according to the present disclosure. Accordingly, the appended claims are intended to include within their scope such processes, machines, manufacture, compositions of matter, means, methods, or steps.