Synoptic: Summarizing System Logs with Refinement
نویسندگان
چکیده
Distributed systems are often difficult to debug and understand. A typical way of gaining insight into system behavior is by inspecting execution logs. However, manual inspection of logs is an arduous process. To support this task we developed Synoptic. Synoptic outputs a concise graph representation of logged events that captures temporal invariants mined from the log. We applied Synoptic to synthetic and real distributed system logs and found that it augmented a distributed system designer’s understanding of system behavior with reasonable overhead for an offline analysis tool. In contrast to prior approaches, Synoptic uses a combination of refinement and coarsening to explore the space of representations. Additionally, it infers temporal event invariants to capture distributed system semantics. These invariants drive the exploration process and are satisfied by the final representation.
منابع مشابه
EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning
Mandatory protection systems such as SELinux and SEAndroid harden operating system integrity. Unfortunately, policy development is error prone and requires lengthy refinement using audit logs from deployed systems. While prior work has studied SELinux policy in detail, SEAndroid is relatively new and has received little attention. SEAndroid policy engineering differs significantly from SELinux:...
متن کاملUniversity of Essex at LogCLEF 2011: Studying Query Refinement
This paper describes the analysis we performed for the query success task of LogCLEF 2011. In particular, we address the issue of query refinement. The motivating assumption of our work is that query success can be improved by a system that can make good query refinement suggestions. We investigate how log files as provided in LogCLEF can assist in learning good suggestions. We used the distrib...
متن کاملCombined Log System
Busy Internet archives generate large logs for each access method being used. These raw log files can be difficult to process and to search. This paper describes a system for reading these growing logs, a combined log file format into which they are rewritten and a system that automates this building and integration for multiple access methods. Automated summarizing of the information is also p...
متن کاملAuditing with Incomplete Logs
The protection of sensitive information is of utmost importance for organizations. The complexity and dynamism of modern businesses are forcing a re-think of traditional protection mechanisms. In particular, a priori policy enforcement mechanisms are often complemented with auditing mechanisms that rely on an a posteriori analysis of logs recording users’ activities to prove conformity to polic...
متن کاملSummarizing and Querying Logs of OLAP Queries
Leveraging query logs benefits the users analyzing large data warehouses with OLAP queries. But so far nothing exists to allow the user to have concise and usable representations of what is in the log. In this article, we present a framework for summarizing and querying OLAP query logs. The basic idea is that a query summarizes another query and that a log, which is a sequence of queries, summa...
متن کامل