On Handling Redundancy for Failure Log Analysis of Cluster Systems

Nentawe Gurumdimma; Arshad Jhumka; Maria Liakata; Thuan Chuah; James Browne

On Handling Redundancy for Failure Log Analysis of Cluster Systems

Nentawe Gurumdimma, Arshad Jhumka, Maria Liakata, Thuan Chuah, James Browne

Computing Science

Research output: Chapter in Book/Report/Conference proceeding › Published conference contribution

Abstract

System event logs contain information that capture the sequence of events occurring in the system. They are often the primary source of information from large-scale distributed systems, such as cluster systems, which enable system administrators to determine the causes and detect system failures. Due to the complex interactions between the system hardware and software components, the system event logs are typically huge in size, comprising streams of interleaved log messages. However, only a small fraction of those log messages are relevant for analysis. We thus develop a novel, generic log compression or filtering (i.e., redundancy removal) technique to address this problem. We apply the technique over three different log files obtained from two different production systems and validate the technique through the application of an unsupervised failure detection approach. Our results are positive: (i) our technique achieves good compression, (ii) log analysis yields better results for our filtering method than normal approach. Keywords-Cluster Log Data; Unsupervised learning; Compression; Levenshtein distance; filtering

Original language	English
Title of host publication	DEPEND 2015 : The Eighth International Conference on Dependability
Publisher	University of Jos
ISBN (Print)	978-1-61208-429-9
Publication status	Published - 2015

Access to Document

https://www.semanticscholar.org/paper/On-Handling-Redundancy-for-Failure-Log-Analysis-of-Gurumdimma-Jhumka/ca51c643ade0be4b6eb621ccbc41a40d33e33970

Cite this

Gurumdimma, N., Jhumka, A., Liakata, M., Chuah, T., & Browne, J. (2015). On Handling Redundancy for Failure Log Analysis of Cluster Systems. In DEPEND 2015 : The Eighth International Conference on Dependability University of Jos. https://www.semanticscholar.org/paper/On-Handling-Redundancy-for-Failure-Log-Analysis-of-Gurumdimma-Jhumka/ca51c643ade0be4b6eb621ccbc41a40d33e33970

Gurumdimma, N, Jhumka, A, Liakata, M, Chuah, T & Browne, J 2015, On Handling Redundancy for Failure Log Analysis of Cluster Systems. in DEPEND 2015 : The Eighth International Conference on Dependability. University of Jos. <https://www.semanticscholar.org/paper/On-Handling-Redundancy-for-Failure-Log-Analysis-of-Gurumdimma-Jhumka/ca51c643ade0be4b6eb621ccbc41a40d33e33970>

@inproceedings{dfad5a601b5f499d81bfef5496b6503a,

title = "On Handling Redundancy for Failure Log Analysis of Cluster Systems",

abstract = "System event logs contain information that capture the sequence of events occurring in the system. They are often the primary source of information from large-scale distributed systems, such as cluster systems, which enable system administrators to determine the causes and detect system failures. Due to the complex interactions between the system hardware and software components, the system event logs are typically huge in size, comprising streams of interleaved log messages. However, only a small fraction of those log messages are relevant for analysis. We thus develop a novel, generic log compression or filtering (i.e., redundancy removal) technique to address this problem. We apply the technique over three different log files obtained from two different production systems and validate the technique through the application of an unsupervised failure detection approach. Our results are positive: (i) our technique achieves good compression, (ii) log analysis yields better results for our filtering method than normal approach. Keywords-Cluster Log Data; Unsupervised learning; Compression; Levenshtein distance; filtering",

author = "Nentawe Gurumdimma and Arshad Jhumka and Maria Liakata and Thuan Chuah and James Browne",

note = "The data which was analyzed in this paper was available through the SUPReMM project funded by NSF grant ACI-1023604, and has utilized and enhanced the NSF-funded system Ranger (OCI-0622780). We thank the PTDF Nigeria for partly funding this research. Copyright (c) IARIA, 2015",

year = "2015",

language = "English",

isbn = "978-1-61208-429-9",

booktitle = "DEPEND 2015 : The Eighth International Conference on Dependability",

publisher = "University of Jos",

}

TY - GEN

T1 - On Handling Redundancy for Failure Log Analysis of Cluster Systems

AU - Gurumdimma, Nentawe

AU - Jhumka, Arshad

AU - Liakata, Maria

AU - Chuah, Thuan

AU - Browne, James

N1 - The data which was analyzed in this paper was available through the SUPReMM project funded by NSF grant ACI-1023604, and has utilized and enhanced the NSF-funded system Ranger (OCI-0622780). We thank the PTDF Nigeria for partly funding this research. Copyright (c) IARIA, 2015

PY - 2015

Y1 - 2015

N2 - System event logs contain information that capture the sequence of events occurring in the system. They are often the primary source of information from large-scale distributed systems, such as cluster systems, which enable system administrators to determine the causes and detect system failures. Due to the complex interactions between the system hardware and software components, the system event logs are typically huge in size, comprising streams of interleaved log messages. However, only a small fraction of those log messages are relevant for analysis. We thus develop a novel, generic log compression or filtering (i.e., redundancy removal) technique to address this problem. We apply the technique over three different log files obtained from two different production systems and validate the technique through the application of an unsupervised failure detection approach. Our results are positive: (i) our technique achieves good compression, (ii) log analysis yields better results for our filtering method than normal approach. Keywords-Cluster Log Data; Unsupervised learning; Compression; Levenshtein distance; filtering

AB - System event logs contain information that capture the sequence of events occurring in the system. They are often the primary source of information from large-scale distributed systems, such as cluster systems, which enable system administrators to determine the causes and detect system failures. Due to the complex interactions between the system hardware and software components, the system event logs are typically huge in size, comprising streams of interleaved log messages. However, only a small fraction of those log messages are relevant for analysis. We thus develop a novel, generic log compression or filtering (i.e., redundancy removal) technique to address this problem. We apply the technique over three different log files obtained from two different production systems and validate the technique through the application of an unsupervised failure detection approach. Our results are positive: (i) our technique achieves good compression, (ii) log analysis yields better results for our filtering method than normal approach. Keywords-Cluster Log Data; Unsupervised learning; Compression; Levenshtein distance; filtering

UR - https://irepos.unijos.edu.ng/jspui/handle/123456789/2755

M3 - Published conference contribution

SN - 978-1-61208-429-9

BT - DEPEND 2015 : The Eighth International Conference on Dependability

PB - University of Jos

ER -

On Handling Redundancy for Failure Log Analysis of Cluster Systems

Abstract

Access to Document

Other files and links

Fingerprint

Cite this