	US 11,743,139 B2
	IT monitoring recommendation service
Gal Tamir, Avichayil (IL); Rachel Lemberg, Herzliya (IL); Zakie Mashiah, Qiryat Ono (IL); Shane Hu, Seattle, WA (US); Tamar Agmon, Ramat Gan (IL); and Navendu Jain, Snohomish, WA (US)
Assigned to Microsoft Technology Licensing, LLC, Redmond, WA (US)
Filed by Microsoft Technology Licensing, LLC, Redmond, WA (US)
Filed on Nov. 29, 2021, as Appl. No. 17/537,387.
Application 17/537,387 is a continuation of application No. 17/019,187, filed on Sep. 11, 2020, granted, now 11,212,195.
Prior Publication US 2022/0086060 A1, Mar. 17, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 41/5009 (2022.01); G06N 20/00 (2019.01); H04L 41/16 (2022.01)

CPC H04L 41/5009 (2013.01) [G06N 20/00 (2019.01); H04L 41/16 (2013.01)]

20 Claims

1. A computer-implemented method, comprising:

accessing an operational metric that is correlated to a cloud incident occurring at an incident time in a cloud environment comprising a cloud server configured to provide a cloud service;

identifying first instances of the operational metric exceeding a metric threshold associated with the operational metric within a timeframe of the cloud incident as true positives;

identifying second instances of the operational metric exceeding the metric threshold outside of the timeframe of the cloud incident as false positives;

calculating a correlation score for the operational metric based, at least in part, on a quantity of the true positives and a quantity of the false positives; and

based on the correlation score, determining that the operational metric correlates to the cloud incident.