Title :
Fast entropy based alert detection in super computer logs
Author :
Makanju, Adetokunbo ; Zincir-Heywood, A. Nur ; Milios, Evangelos E.
Author_Institution :
Fac. of Comput. Sci., Dalhousie Univ., Halifax, NS, Canada
fDate :
June 28 2010-July 1 2010
Abstract :
The task of alert detection in event logs is very important in preventing or recovering from downtime events. The ability to do this automatically and accurately provides significant savings in the time and cost of downtime events. The Nodeinfo algorithm, which is currently in production use at Sandia National Laboratories, is an entropy based algorithm for alert detection in event logs. Automatic alert detection needs to be fast for it to be practical in a production environment. In this work we show that with Message Type Indexing (MTI) the computational effort required for alert detection can be reduced by up to 99%. This can be achieved without a drop in detection performance. Our proposed method has special significance because it provides a framework for alert detection which requires little or no human input, due to message type extraction required for MTI being carried out automatically using the Iterative Partitioning Log Mining (IPLoM) algorithm.
Keywords :
data mining; entropy; iterative methods; mainframes; task analysis; text analysis; Nodeinfo algorithm; Sandia National Laboratories; fast entropy based automatic alert detection; iterative partitioning log mining algorithm; message type extraction; message type indexing; super computer logs; Costs; Entropy; Event detection; Humans; Indexing; Iterative algorithms; Iterative methods; Laboratories; Partitioning algorithms; Production;
Conference_Titel :
Dependable Systems and Networks Workshops (DSN-W), 2010 International Conference on
Conference_Location :
Chicago, IL
Print_ISBN :
978-1-4244-7729-6
Electronic_ISBN :
978-1-4244-7728-9
DOI :
10.1109/DSNW.2010.5542621
