Check out the new USENIX Web site. next up previous
Next: Acknowledgement Up: Analyzing System Logs: A Previous: Testing Different Feature Construction


Summary

We presented a novel approach to ranking log messages based on sampling a population of computer systems and using a new feature construction scheme that proves to be highly appropriate for the ranking objective. The results show that an interesting structure is revealed in populations of systems based on the behavior of their log messages. This structure can also be used for purposes other than ranking log messages, such as identifying similar systems for the sake of assisting in problem diagnosis. Using the Spearman correlation matrix opens the door for using kernel methods on machine learning tasks that use system logs as input. Further research is required to answer questions such as how to choose the best number of clusters for the log ranking application, and how to incorporate the ranked log view with other approaches for log analysis that take time-dependency into consideration.

2007-03-12