Priolog: Mining important logs via temporal analysis and prioritization

Byungchul Tak; Seorin Park; Prabhakar Kudva

doi:10.3390/su11226306

Priolog: Mining important logs via temporal analysis and prioritization

Byungchul Tak, Seorin Park, Prabhakar Kudva

Research output: Contribution to journal › Article › peer-review

5 Scopus citations

Abstract

Log analytics are a critical part of the operational management in today's IT services. However, the growing software complexity and volume of logs make it increasingly challenging to mine useful insights from logs for problem diagnosis. In this paper, we propose a novel technique, Priolog, that can narrow down the volume of logs into a small set of important and most relevant logs. Priolog uses a combination of log template temporal analysis, log template frequency analysis, and word frequency analysis, which complement each other to generate an accurately ranked list of important logs.We have implemented this technique and applied to the problem diagnosis task of the popular OpenStack platform. Our evaluation indicates that Priolog can effectively find the important logs that hold direct hints to the failure cause in several scenarios. We demonstrate the concepts, design, and evaluation results using actual logs.

Original language	English
Article number	6306
Journal	Sustainability (Switzerland)
Volume	11
Issue number	22
DOIs	https://doi.org/10.3390/su11226306
State	Published - 1 Nov 2019

Keywords

Hierarchical clustering
Log analysis
Log template
Problem diagnosis
Temporal correlation

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.3390/su11226306

Cite this

@article{3380067ffdce47c4ae0c0220a0ff83db,

title = "Priolog: Mining important logs via temporal analysis and prioritization",

abstract = "Log analytics are a critical part of the operational management in today's IT services. However, the growing software complexity and volume of logs make it increasingly challenging to mine useful insights from logs for problem diagnosis. In this paper, we propose a novel technique, Priolog, that can narrow down the volume of logs into a small set of important and most relevant logs. Priolog uses a combination of log template temporal analysis, log template frequency analysis, and word frequency analysis, which complement each other to generate an accurately ranked list of important logs.We have implemented this technique and applied to the problem diagnosis task of the popular OpenStack platform. Our evaluation indicates that Priolog can effectively find the important logs that hold direct hints to the failure cause in several scenarios. We demonstrate the concepts, design, and evaluation results using actual logs.",

keywords = "Hierarchical clustering, Log analysis, Log template, Problem diagnosis, Temporal correlation",

author = "Byungchul Tak and Seorin Park and Prabhakar Kudva",

note = "Publisher Copyright: {\textcopyright} 2019 by the authors.",

year = "2019",

month = nov,

day = "1",

doi = "10.3390/su11226306",

language = "English",

volume = "11",

journal = "Sustainability (Switzerland)",

issn = "2071-1050",

publisher = "Multidisciplinary Digital Publishing Institute (MDPI)",

number = "22",

}

TY - JOUR

T1 - Priolog

T2 - Mining important logs via temporal analysis and prioritization

AU - Tak, Byungchul

AU - Park, Seorin

AU - Kudva, Prabhakar

PY - 2019/11/1

Y1 - 2019/11/1

N2 - Log analytics are a critical part of the operational management in today's IT services. However, the growing software complexity and volume of logs make it increasingly challenging to mine useful insights from logs for problem diagnosis. In this paper, we propose a novel technique, Priolog, that can narrow down the volume of logs into a small set of important and most relevant logs. Priolog uses a combination of log template temporal analysis, log template frequency analysis, and word frequency analysis, which complement each other to generate an accurately ranked list of important logs.We have implemented this technique and applied to the problem diagnosis task of the popular OpenStack platform. Our evaluation indicates that Priolog can effectively find the important logs that hold direct hints to the failure cause in several scenarios. We demonstrate the concepts, design, and evaluation results using actual logs.

AB - Log analytics are a critical part of the operational management in today's IT services. However, the growing software complexity and volume of logs make it increasingly challenging to mine useful insights from logs for problem diagnosis. In this paper, we propose a novel technique, Priolog, that can narrow down the volume of logs into a small set of important and most relevant logs. Priolog uses a combination of log template temporal analysis, log template frequency analysis, and word frequency analysis, which complement each other to generate an accurately ranked list of important logs.We have implemented this technique and applied to the problem diagnosis task of the popular OpenStack platform. Our evaluation indicates that Priolog can effectively find the important logs that hold direct hints to the failure cause in several scenarios. We demonstrate the concepts, design, and evaluation results using actual logs.

KW - Hierarchical clustering

KW - Log analysis

KW - Log template

KW - Problem diagnosis

KW - Temporal correlation

UR - http://www.scopus.com/inward/record.url?scp=85075869543&partnerID=8YFLogxK

U2 - 10.3390/su11226306

DO - 10.3390/su11226306

M3 - Article

AN - SCOPUS:85075869543

SN - 2071-1050

VL - 11

JO - Sustainability (Switzerland)

JF - Sustainability (Switzerland)

IS - 22

M1 - 6306

ER -

Priolog: Mining important logs via temporal analysis and prioritization

Abstract

Keywords

UN SDGs

Access to Document

Other files and links

Fingerprint

Cite this