Presentation is loading. Please wait.

Presentation is loading. Please wait.

Analyzing System Logs: A New View of What's Important Sivan Sabato Elad Yom-Tov Aviad Tsherniak Saharon Rosset IBM Research SysML07 (Second Workshop on.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Analyzing System Logs: A New View of What's Important Sivan Sabato Elad Yom-Tov Aviad Tsherniak Saharon Rosset IBM Research SysML07 (Second Workshop on."— Presentation transcript:

1 Analyzing System Logs: A New View of What's Important Sivan Sabato Elad Yom-Tov Aviad Tsherniak Saharon Rosset IBM Research SysML07 (Second Workshop on Tackling Computer Systems Problems with Machine Learning Techniques )‏ Presented By Hassan Wassel

2 Introduction System logs is a critical tool for system administrators. They are massive in amount We need to rank them according to importance. Previous work:  Ranking using expert rules  Visualization  One machine log

3 What is Important? This paper propose that an important message is the message appears in a probability higher than the expected. Represent messages of the same type by one message type. Calculate the empirical distribution of probabilities and rank them. Systems are not homogeneous.

4 Algorithm Using K-means clustering to divide system logs into classes. Estimate the empirical distribution of each class. Given a system log, identify a class and rank messages according to its P

5 Clustering K-Means tries to minimize an objective function J=Sum j Sum i d 2 (X i, Z j )‏ Inputs:  Number of Clusters  Distance Matrix Outputs:  Membership matrix  Objective function value Features Clusters Patterns

6 Dimensionality Problem The data was 3000 system log with 15,000 message type. However, it is sparse Distance measurement using these 15,000 feature is computationally intensive. Solution: Dimensionality reduction

7 Feature Construction Using Spearman Correlation between every two system logs  Corr(x,y) = 1 – (6 || r x – r y || 2 )/(N(N-1))‏ From k logs X n message types to k X k similarity matrix. Question: How to calculate rank vectors?

8 Evaluation Compare Spearman Correlation to other feature construction schemes.  Histogram of Pairwise distance  Maximal Mutual Information  Improvement in Score

9 Comment Future Work  Correlation based clustering  Feature extraction + choice of distance measure  Bi-clustering  Fuzzy Clustering Evaluation  Use of human expertise to evaluate the ranking.  Clustering index

10 Thank you! Pros and Cons!

Download ppt "Analyzing System Logs: A New View of What's Important Sivan Sabato Elad Yom-Tov Aviad Tsherniak Saharon Rosset IBM Research SysML07 (Second Workshop on."

Similar presentations

Applications of one-class classification

Applications of one-class classification
Relevance Feedback and User Interaction for CBIR Hai Le Supervisor: Dr. Sid Ray.

Relevance Feedback and User Interaction for CBIR Hai Le Supervisor: Dr. Sid Ray.
Mustafa Cayci INFS 795 An Evaluation on Feature Selection for Text Clustering.

Mustafa Cayci INFS 795 An Evaluation on Feature Selection for Text Clustering.
Aggregating local image descriptors into compact codes

Aggregating local image descriptors into compact codes
Linear discriminant analysis (LDA) Katarina Berta

Linear discriminant analysis (LDA) Katarina Berta
Dimensionality Reduction PCA -- SVD

Dimensionality Reduction PCA -- SVD
電腦視覺 Computer and Robot Vision I Chapter2: Binary Machine Vision: Thresholding and Segmentation Instructor: Shih-Shinh Huang 1.

電腦視覺 Computer and Robot Vision I Chapter2: Binary Machine Vision: Thresholding and Segmentation Instructor: Shih-Shinh Huang 1.
Discriminative Segment Annotation in Weakly Labeled Video Kevin Tang, Rahul Sukthankar Appeared in CVPR 2013 (Oral)

Discriminative Segment Annotation in Weakly Labeled Video Kevin Tang, Rahul Sukthankar Appeared in CVPR 2013 (Oral)
Unsupervised Feature Selection for Multi-Cluster Data Deng Cai et al, KDD 2010 Presenter: Yunchao Gong Dept. Computer Science, UNC Chapel Hill.

Unsupervised Feature Selection for Multi-Cluster Data Deng Cai et al, KDD 2010 Presenter: Yunchao Gong Dept. Computer Science, UNC Chapel Hill.
A New Biclustering Algorithm for Analyzing Biological Data Prashant Paymal Advisor: Dr. Hesham Ali.

A New Biclustering Algorithm for Analyzing Biological Data Prashant Paymal Advisor: Dr. Hesham Ali.
Post Silicon Test Optimization Ron Zeira 13.7.11.

Post Silicon Test Optimization Ron Zeira
DIMENSIONALITY REDUCTION BY RANDOM PROJECTION AND LATENT SEMANTIC INDEXING Jessica Lin and Dimitrios Gunopulos Ângelo Cardoso IST/UTL December 2009 1.

DIMENSIONALITY REDUCTION BY RANDOM PROJECTION AND LATENT SEMANTIC INDEXING Jessica Lin and Dimitrios Gunopulos Ângelo Cardoso IST/UTL December
Mutual Information Mathematical Biology Seminar 23.5.2005.

Mutual Information Mathematical Biology Seminar
Content-based Image Retrieval CE 264 Xiaoguang Feng March 14, 2002 Based on: J. Huang. Color-Spatial Image Indexing and Applications. Ph.D thesis, Cornell.

Content-based Image Retrieval CE 264 Xiaoguang Feng March 14, 2002 Based on: J. Huang. Color-Spatial Image Indexing and Applications. Ph.D thesis, Cornell.
1 Learning to Detect Objects in Images via a Sparse, Part-Based Representation S. Agarwal, A. Awan and D. Roth IEEE Transactions on Pattern Analysis and.

1 Learning to Detect Objects in Images via a Sparse, Part-Based Representation S. Agarwal, A. Awan and D. Roth IEEE Transactions on Pattern Analysis and.
University at BuffaloThe State University of New York Cluster Validation Cluster validation q Assess the quality and reliability of clustering results.

University at BuffaloThe State University of New York Cluster Validation Cluster validation q Assess the quality and reliability of clustering results.
Expectation Maximization Method Effective Image Retrieval Based on Hidden Concept Discovery in Image Database By Sanket Korgaonkar Masters Computer Science.

Expectation Maximization Method Effective Image Retrieval Based on Hidden Concept Discovery in Image Database By Sanket Korgaonkar Masters Computer Science.
1 An Empirical Study on Large-Scale Content-Based Image Retrieval Group Meeting Presented by Wyman 23-1-2007.

1 An Empirical Study on Large-Scale Content-Based Image Retrieval Group Meeting Presented by Wyman
What is Cluster Analysis?

What is Cluster Analysis?
Microarray analysis 2 Golan Yona. 2) Analysis of co-expression Search for similarly expressed genes experiment1 experiment2 experiment3 ……….. Gene i:

Microarray analysis 2 Golan Yona. 2) Analysis of co-expression Search for similarly expressed genes experiment1 experiment2 experiment3 ……….. Gene i:

Similar presentations

Ads by Google