Abstract
Large software systems comprise of different and tightly interconnected components. Such systems utilize heterogeneous monitoring infrastructures which produce log data at high rates from various sources and in diverse formats. The sheer volume of this data makes almost impossible the real- or near real-time processing of these system logs. In this paper, we present a log schema independent approach that allows for the real time reduction of logged data based on a set of filtering criteria. The approach utilizes a similarity measure between features of the incoming events and a set of filtering features we refer to as beacons. The similarity measure is based on information theory principles and uses caching techniques so that infinite log data streams and log data schema alterations can be handled. The approach has been applied successfully on the KDD-99 intrusion detection benchmark data set. © 2014 Springer International Publishing.
Author supplied keywords
Cite
CITATION STYLE
Kalamatianos, T., & Kontogiannis, K. (2014). Schema independent reduction of streaming log data. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8484 LNCS, pp. 394–408). Springer Verlag. https://doi.org/10.1007/978-3-319-07881-6_27
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
