Rule Induction of Computer Events

Ricardo Vilalta; Joseph L. Hellerstein; Sheng Ma

doi:10.3990/2.8

Rule Induction of Computer Events

Ricardo Vilalta, Joseph L. Hellerstein, Sheng Ma

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Professional

4 Downloads (Pure)

Abstract

Monitoring systems are able to capture thousands of events from a computer network. Some of those events may be particularly informative to ensure the correct operation of an application. We assume the user is interested in a specific class of events, called target events (e.g., communication link is down). We propose a system that generates a set of rules correlating each target event with events occurring previous to the target event within a specified time window interval. Such rules can be extremely helpful in elucidating the origin of target events. We conduct experiments to assess the accuracy of the induced rules for different types of target events in a real-world network environment. Our results show the accuracy of the induced rules generally above 80% when the time window interval is at least 20 minutes wide. Such results give strong empirical support to the validity of our approach.

Original language	English
Title of host publication	Operations & Management
Subtitle of host publication	12th International Workshop on Distributed Systems, DSOM 2001, Nancy, France, October 15-17, 2001: Proceedings
Editors	Olivier Festor, Aiko Pras
Place of Publication	Rocquencourt
Publisher	INRIA
Pages	75-86
Number of pages	11
ISBN (Print)	9782726111901
DOIs	https://doi.org/10.3990/2.8
Publication status	Published - 2001
Externally published	Yes
Event	12th IEEE/IFIP International Workshop on Distributed Systems, DSOM 2001: Internet Services: Management Beyond the Element - Nancy, France Duration: 15 Oct 2001 → 17 Oct 2001 Conference number: 12 https://www.simpleweb.org/ifip/Conferences/DSOM/2001/DSOM2001/index-2.html

Conference

Conference	12th IEEE/IFIP International Workshop on Distributed Systems, DSOM 2001
Abbreviated title	DSOM
Country/Territory	France
City	Nancy
Period	15/10/01 → 17/10/01
Internet address	https://www.simpleweb.org/ifip/Conferences/DSOM/2001/DSOM2001/index-2.html

Access to Document

10.3990/2.8

ArticleFinal published version, 136 KB

https://dblp.org/rec/conf/dsom/VilaltaMH01

1 Book

Operations & Management: 12th International Workshop on Distributed Systems, DSOM 2001: proceedings
Festor, O. & Pras, A., 2001, Rocquencourt, France: INRIA . 339 p.
Research output: Book/Report › Book › Academic

Open Access
File

222 Downloads (Pure)

Cite this

@inproceedings{f684e6d908464a039ed8b609d325c75d,

title = "Rule Induction of Computer Events",

abstract = "Monitoring systems are able to capture thousands of events from a computer network. Some of those events may be particularly informative to ensure the correct operation of an application. We assume the user is interested in a specific class of events, called target events (e.g., communication link is down). We propose a system that generates a set of rules correlating each target event with events occurring previous to the target event within a specified time window interval. Such rules can be extremely helpful in elucidating the origin of target events. We conduct experiments to assess the accuracy of the induced rules for different types of target events in a real-world network environment. Our results show the accuracy of the induced rules generally above 80% when the time window interval is at least 20 minutes wide. Such results give strong empirical support to the validity of our approach.",

author = "Ricardo Vilalta and Hellerstein, {Joseph L.} and Sheng Ma",

year = "2001",

doi = "10.3990/2.8",

language = "English",

isbn = "9782726111901",

pages = "75--86",

editor = "Olivier Festor and Aiko Pras",

booktitle = "Operations & Management",

publisher = "INRIA ",

note = "12th IEEE/IFIP International Workshop on Distributed Systems, DSOM 2001 : Internet Services: Management Beyond the Element, DSOM ; Conference date: 15-10-2001 Through 17-10-2001",

url = "https://www.simpleweb.org/ifip/Conferences/DSOM/2001/DSOM2001/index-2.html",

}

Vilalta, R, Hellerstein, JL & Ma, S 2001, Rule Induction of Computer Events. in O Festor & A Pras (eds), Operations & Management: 12th International Workshop on Distributed Systems, DSOM 2001, Nancy, France, October 15-17, 2001: Proceedings. INRIA , Rocquencourt, pp. 75-86, 12th IEEE/IFIP International Workshop on Distributed Systems, DSOM 2001, Nancy, France, 15/10/01. https://doi.org/10.3990/2.8

Rule Induction of Computer Events. / Vilalta, Ricardo; Hellerstein, Joseph L.; Ma, Sheng.

Operations & Management: 12th International Workshop on Distributed Systems, DSOM 2001, Nancy, France, October 15-17, 2001: Proceedings. ed. / Olivier Festor; Aiko Pras. Rocquencourt : INRIA , 2001. p. 75-86.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Professional

TY - GEN

T1 - Rule Induction of Computer Events

AU - Vilalta, Ricardo

AU - Hellerstein, Joseph L.

AU - Ma, Sheng

N1 - Conference code: 12

PY - 2001

Y1 - 2001

N2 - Monitoring systems are able to capture thousands of events from a computer network. Some of those events may be particularly informative to ensure the correct operation of an application. We assume the user is interested in a specific class of events, called target events (e.g., communication link is down). We propose a system that generates a set of rules correlating each target event with events occurring previous to the target event within a specified time window interval. Such rules can be extremely helpful in elucidating the origin of target events. We conduct experiments to assess the accuracy of the induced rules for different types of target events in a real-world network environment. Our results show the accuracy of the induced rules generally above 80% when the time window interval is at least 20 minutes wide. Such results give strong empirical support to the validity of our approach.

AB - Monitoring systems are able to capture thousands of events from a computer network. Some of those events may be particularly informative to ensure the correct operation of an application. We assume the user is interested in a specific class of events, called target events (e.g., communication link is down). We propose a system that generates a set of rules correlating each target event with events occurring previous to the target event within a specified time window interval. Such rules can be extremely helpful in elucidating the origin of target events. We conduct experiments to assess the accuracy of the induced rules for different types of target events in a real-world network environment. Our results show the accuracy of the induced rules generally above 80% when the time window interval is at least 20 minutes wide. Such results give strong empirical support to the validity of our approach.

U2 - 10.3990/2.8

DO - 10.3990/2.8

M3 - Conference contribution

SN - 9782726111901

SP - 75

EP - 86

BT - Operations & Management

A2 - Festor, Olivier

A2 - Pras, Aiko

PB - INRIA

CY - Rocquencourt

T2 - 12th IEEE/IFIP International Workshop on Distributed Systems, DSOM 2001

Y2 - 15 October 2001 through 17 October 2001

ER -

Rule Induction of Computer Events

Abstract

Conference

Access to Document

Fingerprint

Research output

Operations & Management: 12th International Workshop on Distributed Systems, DSOM 2001: proceedings

Cite this