US Patent 11775375 Automated incident detection and root cause analysis

A system includes a computing platform communicatively coupled to multiple network nodes, the computing platform having processing hardware and a memory storing a software code. The processing hardware is configured to execute the software code to detect multiple anomalous performance indicators originating from one or more of the network nodes, determine, using the anomalous performance indicators in an automated process, the occurrence of an incident, and determine the signature of the incident. The processing hardware is further configured to execute the software code to compare the signature to one or more entries in an incident signature database, perform, when the comparison determines that the signature corresponds to one or more of the entries, a root cause analysis of the incident using the corresponding one or more entries, and generate an incident alert including one or both of a result of the root cause analysis and a description of the incident.