Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

Dynamic syslog mining for network failure monitoring

Dynamic syslog mining for network failure monitoring Industry/Government Track Paper Dynamic Syslog Mining for Network Failure Monitoring Kenji Yamanishi NEC Corporation 1753,Shimonumabe,Nakahara-ku, Kawasaki,Kanagawa 216-8666,JAPAN Yuko Maruyama — NEC Corporation 1753,Shimonumabe,Nakahara-ku, Kawasaki,Kanagawa 216-8666,JAPAN k-yamanishi@cw.jp.nec.com ABSTRACT Syslog monitoring technologies have recently received vast attentions in the areas of network management and network monitoring. They are used to address a wide range of important issues including network failure symptom detection and event correlation discovery. Syslogs are intrinsically dynamic in the sense that they form a time series and that their behavior may change over time. This paper proposes a new methodology of dynamic syslog mining in order to detect failure symptoms with higher con dence and to discover sequential alarm patterns among computer devices. The key ideas of dynamic syslog mining are 1) to represent syslog behavior using a mixture of Hidden Markov Models, 2) to adaptively learn the model using an on-line discounting learning algorithm in combination with dynamic selection of the optimal number of mixture components, and 3) to give anomaly scores using universal test statistics with a dynamically optimized threshold. Using real syslog data we demonstrate the validity of our methodology in the scenarios of failure symptom detection, emerging pattern identi cation, and correlation discovery. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png

Dynamic syslog mining for network failure monitoring

Association for Computing Machinery — Aug 21, 2005

Loading next page...
/lp/association-for-computing-machinery/dynamic-syslog-mining-for-network-failure-monitoring-RWlrFDH0zY

References (24)

Datasource
Association for Computing Machinery
Copyright
Copyright © 2005 by ACM Inc.
ISBN
1-59593-135-X
doi
10.1145/1081870.1081927
Publisher site
See Article on Publisher Site

Abstract

Industry/Government Track Paper Dynamic Syslog Mining for Network Failure Monitoring Kenji Yamanishi NEC Corporation 1753,Shimonumabe,Nakahara-ku, Kawasaki,Kanagawa 216-8666,JAPAN Yuko Maruyama — NEC Corporation 1753,Shimonumabe,Nakahara-ku, Kawasaki,Kanagawa 216-8666,JAPAN k-yamanishi@cw.jp.nec.com ABSTRACT Syslog monitoring technologies have recently received vast attentions in the areas of network management and network monitoring. They are used to address a wide range of important issues including network failure symptom detection and event correlation discovery. Syslogs are intrinsically dynamic in the sense that they form a time series and that their behavior may change over time. This paper proposes a new methodology of dynamic syslog mining in order to detect failure symptoms with higher con dence and to discover sequential alarm patterns among computer devices. The key ideas of dynamic syslog mining are 1) to represent syslog behavior using a mixture of Hidden Markov Models, 2) to adaptively learn the model using an on-line discounting learning algorithm in combination with dynamic selection of the optimal number of mixture components, and 3) to give anomaly scores using universal test statistics with a dynamically optimized threshold. Using real syslog data we demonstrate the validity of our methodology in the scenarios of failure symptom detection, emerging pattern identi cation, and correlation discovery.

There are no references for this article.