| | |
Summary: Alert Detection in System Logs
Adam J. Oliner
, Alex Aiken
Stanford University
Stanford, CA 94305-9025 USA
{oliner,aiken}@cs.stanford.edu
Jon Stearley
Sandia National Laboratories
Albuquerque, NM 87111 USA
jrstear@sandia.gov
Abstract
We present Nodeinfo, an unsupervised algorithm for
anomaly detection in system logs. We demonstrate Node-
info's effectiveness on data from four of the world's most
powerful supercomputers: using logs representing over 746
million processor-hours, in which anomalous events called
alerts were manually tagged for scoring, we aim to auto-
matically identify the regions of the log containing those
alerts. We formalize the alert detection task in these terms,
describe how Nodeinfo uses the information entropy of mes-
|
