1 / 13

Event Summarization for System Management

Event Summarization for System Management. Wei Peng†, Chang-shing Perng§, Tao Li†, Haixun Wang§ †Florida International University §IBM T.J.Waston Research Center -presented by: Wei Peng. Introduction. Why Event Summarization?

charis
Download Presentation

Event Summarization for System Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Event Summarization for System Management Wei Peng†, Chang-shing Perng§, Tao Li†, Haixun Wang§ †Florida International University §IBM T.J.Waston Research Center -presented by: Wei Peng

  2. Introduction • Why Event Summarization? • traditional approaches are cumbersome, labor intensive, and error prone • focus on discovering frequent or interesting patterns, scalability , and efficiency • understanding and interpreting patterns • A divide-and-conquer method

  3. A Motivating Example

  4. Steps for Event Summarization • Preprocess log data and generate events • Discover temporal correlation between events (dependency) • Rank dependencies • Construct Event Relationship Networks (ERNs) • Derive Action Rules from Event Summary

  5. Preprocess Log Data and Generate events • Preprocess the brief log messages • Categorize it into common situations/states • Incorporate time information • An event is a pair <e, t> that e is the situation/state, t is the time stamp of e

  6. Discover Temporal Correlation between Events (Dependency) • b depends on a • If the occurrence of b is predictable by the occurrence of a, then the conditional distribution which models the waiting time of event type b given event type a’s presence would be different from the unconditional one • Estimate two distributions • Dependency test Independent Dependent

  7. Rank Dependencies • Forward Entropy • Backward Entropy

  8. Event Relationship Networks (ERNs)

  9. Derive Action Rules from EventSummary • If condition is true, take action • Event reduction rules • Event correlation rules • Problem avoidance rules

  10. A Case Study State: start, stop, dependency, create, connection, report, request, configuration, other

  11. Decomposition Process in the Case Study

  12. ERN in the Case Study

  13. Thank You !

More Related