논문 상세보기

시스템 결함 분석을 위한 이벤트 로그 연관성에 관한 연구 KCI 등재

Correlation Analysis of Event Logs for System Fault Detection

  • 언어KOR
  • URLhttps://db.koreascholar.com/Article/Detail/319979
구독 기관 인증 시 무료 이용이 가능합니다. 4,000원
한국산업경영시스템학회지 (Journal of Society of Korea Industrial and Systems Engineering)
한국산업경영시스템학회 (Society of Korea Industrial and Systems Engineering)
초록

To identify the cause of the error and maintain the health of system, an administrator usually analyzes event log data since it contains useful information to infer the cause of the error. However, because today’s systems are huge and complex, it is almost impossible for administrators to manually analyze event log files to identify the cause of an error. In particular, as OpenStack, which is being widely used as cloud management system, operates with various service modules being linked to multiple servers, it is hard to access each node and analyze event log messages for each service module in the case of an error. For this, in this paper, we propose a novel message-based log analysis method that enables the administrator to find the cause of an error quickly. Specifically, the proposed method 1) consolidates event log data generated from system level and application service level, 2) clusters the consolidated data based on messages, and 3) analyzes interrelations among message groups in order to promptly identify the cause of a system error. This study has great significance in the following three aspects. First, the root cause of the error can be identified by collecting event logs of both system level and application service level and analyzing interrelations among the logs. Second, administrators do not need to classify messages for training since unsupervised learning of event log messages is applied. Third, using Dynamic Time Warping, an algorithm for measuring similarity of dynamic patterns over time increases accuracy of analysis on patterns generated from distributed system in which time synchronization is not exactly consistent.

목차
1. 서 론
 2. 관련 연구
  2.1 오픈스택
  2.2 로그 메시지 포맷
  2.3 머신 러닝 기반 시스템 로그 분석 기법
 3. 제안 기법
 4. 구 현
  4.1 로그 수집
  4.2 전처리
  4.3 메시지 기반 군집화
  4.4 DTW 기법을 통한 군집화된 메시지 그룹 간연관성 분석
 5. 실험 결과
  5.1 실험 환경
  5.2 메시지 기반 군집화 결과
  5.2 DTW를 통한 군집화된 메시지간 연관성 분석 결과
 6. 결 론
 References
저자
  • 박주원(한국과학기술정보연구원 슈퍼컴퓨팅본부) | Ju-Won Park Corresponding Author
  • 김은혜(한국전자통신연구원 초연결통신연구소) | Eunhye Kim
  • 염재근(한국과학기술정보연구원 슈퍼컴퓨팅본부) | Jaekeun Yeom
  • 김성호(한국과학기술정보연구원 슈퍼컴퓨팅본부) | Sungho Kim