1 / 13

Event Summarization for System Management

In this presentation, Wei Peng and colleagues from Florida International University and IBM T.J. Watson Research Center discuss the necessity and methods for effective event summarization in system management. They highlight how traditional approaches are labor-intensive and prone to errors, emphasizing a divide-and-conquer method for summarizing events. The process includes preprocessing log data, discovering temporal correlations between events, ranking dependencies, and constructing Event Relationship Networks (ERNs). The study also presents action rules derived from event summaries, ultimately aiming to enhance scalability and efficiency in system management.

charis
Télécharger la présentation

Event Summarization for System Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Event Summarization for System Management Wei Peng†, Chang-shing Perng§, Tao Li†, Haixun Wang§ †Florida International University §IBM T.J.Waston Research Center -presented by: Wei Peng

  2. Introduction • Why Event Summarization? • traditional approaches are cumbersome, labor intensive, and error prone • focus on discovering frequent or interesting patterns, scalability , and efficiency • understanding and interpreting patterns • A divide-and-conquer method

  3. A Motivating Example

  4. Steps for Event Summarization • Preprocess log data and generate events • Discover temporal correlation between events (dependency) • Rank dependencies • Construct Event Relationship Networks (ERNs) • Derive Action Rules from Event Summary

  5. Preprocess Log Data and Generate events • Preprocess the brief log messages • Categorize it into common situations/states • Incorporate time information • An event is a pair <e, t> that e is the situation/state, t is the time stamp of e

  6. Discover Temporal Correlation between Events (Dependency) • b depends on a • If the occurrence of b is predictable by the occurrence of a, then the conditional distribution which models the waiting time of event type b given event type a’s presence would be different from the unconditional one • Estimate two distributions • Dependency test Independent Dependent

  7. Rank Dependencies • Forward Entropy • Backward Entropy

  8. Event Relationship Networks (ERNs)

  9. Derive Action Rules from EventSummary • If condition is true, take action • Event reduction rules • Event correlation rules • Problem avoidance rules

  10. A Case Study State: start, stop, dependency, create, connection, report, request, configuration, other

  11. Decomposition Process in the Case Study

  12. ERN in the Case Study

  13. Thank You !

More Related