Rule Induction of Computer Events

Ricardo Vilalta, Joseph L. Hellerstein, Sheng Ma

Research output: Chapter in Book/Report/Conference proceedingConference contributionProfessional

4 Downloads (Pure)

Abstract

Monitoring systems are able to capture thousands of events from a computer network. Some of those events may be particularly informative to ensure the correct operation of an application. We assume the user is interested in a specific class of events, called target events (e.g., communication link is down). We propose a system that generates a set of rules correlating each target event with events occurring previous to the target event within a specified time window interval. Such rules can be extremely helpful in elucidating the origin of target events. We conduct experiments to assess the accuracy of the induced rules for different types of target events in a real-world network environment. Our results show the accuracy of the induced rules generally above 80% when the time window interval is at least 20 minutes wide. Such results give strong empirical support to the validity of our approach.
Original languageEnglish
Title of host publicationOperations & Management
Subtitle of host publication12th International Workshop on Distributed Systems, DSOM 2001, Nancy, France, October 15-17, 2001: Proceedings
EditorsOlivier Festor, Aiko Pras
Place of PublicationRocquencourt
PublisherINRIA
Pages75-86
Number of pages11
ISBN (Print)9782726111901
DOIs
Publication statusPublished - 2001
Externally publishedYes
Event12th IEEE/IFIP International Workshop on Distributed Systems, DSOM 2001: Internet Services: Management Beyond the Element - Nancy, France
Duration: 15 Oct 200117 Oct 2001
Conference number: 12
https://www.simpleweb.org/ifip/Conferences/DSOM/2001/DSOM2001/index-2.html

Conference

Conference12th IEEE/IFIP International Workshop on Distributed Systems, DSOM 2001
Abbreviated titleDSOM
Country/TerritoryFrance
CityNancy
Period15/10/0117/10/01
Internet address

Fingerprint

Dive into the research topics of 'Rule Induction of Computer Events'. Together they form a unique fingerprint.

Cite this