Proceedings Article10.1109/ICWS.2017.13
Drain: An Online Log Parsing Approach with Fixed Depth Tree
Pinjia He,Jieming Zhu,Zibin Zheng,Michael R. Lyu +3 more
- 25 Jun 2017
- pp 33-40
708
TL;DR: This work proposes an online log parsing method, namely Drain, that can parse logs in a streaming and timely manner, and uses a fixed depth parse tree, which encodes specially designed rules for parsing.
read more
Abstract: Logs, which record valuable system runtime information, have been widely employed in Web service management by service providers and users. A typical log analysis based Web service management procedure is to first parse raw log messages because of their unstructured format, and then apply data mining models to extract critical system behavior information, which can assist Web service management. Most of the existing log parsing methods focus on offline, batch processing of logs. However, as the volume of logs increases rapidly, model training of offline log parsing methods, which employs all existing logs after log collection, becomes time consuming. To address this problem, we propose an online log parsing method, namely Drain, that can parse logs in a streaming and timely manner. To accelerate the parsing process, Drain uses a fixed depth parse tree, which encodes specially designed rules for parsing. We evaluate Drain on five real-world log data sets with more than 10 million raw log messages. The experimental results show that Drain has the highest accuracy on four data sets, and comparable accuracy on the remaining one. Besides, Drain obtains 51.85%~81.47% improvement in running time compared with the state-of-the-art online parser. We also conduct a case study on an anomaly detection task using Drain in the parsing step, which determines the effectiveness of Drain in log analysis.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
•Posted Content
A Directed Acyclic Graph Approach to Online Log Parsing.
TL;DR: An online log parsing method, namely Drain, based on directed acyclic graph, which encodes specially designed rules for parsing, which has the highest accuracy on all 11 datasets and frees developers from the burden of parameter tuning by allowing them use Drain with no pre-defined parameters.
31
Anomaly Detection using Distributed Log Data: A Lightweight Federated Learning Approach
Yalan Guo,Yulei Wu,Yanchao Zhu,Bingqiang Yang,Chunjing Han +4 more
- 18 Jul 2021
TL;DR: In this paper, a lightweight federated learning method for anomaly detection, named FLOGCNN, using distributed log data, was proposed, which aggregates gradient updates according to the sample size of participants to generate an integrated model.
30
LogPrompt: Prompt Engineering Towards Zero-Shot and Interpretable Log Analysis
Yilun Liu,Shimin Tao,Weibin Meng,Jingyu Wang,Wenbing Ma,Yan-Qing Zhao,Yuhang Chen,Hao Yang,Yanfei Jiang,Xun Chen +9 more
TL;DR: Experiments demonstrate that LogPrompt, despite requiring no in-domain training, outperforms existing approaches trained on thousands of logs by up to 55.9% and conduct a human evaluation of LogPrompt's interpretability.
Anomaly Detection via Mining Numerical Workflow Relations from Logs
Bo Zhang,Hongyu Zhang,Pablo Moscato,Aozhong Zhang +3 more
- 26 Jun 2020
TL;DR: A novel approach named ADR (stands for Anomaly Detection by workflow Relations), which employs matrix nullspace to mine numerical relations from log data, which is effective for both offline and online anomaly detection.
29
An Overview of Data-Driven Techniques for IT-Service-Management
Patrick Kubiak,Stefan Rass +1 more
TL;DR: An overview of data-driven techniques, which can be used in addition to the standards of best practice frameworks to improve reactive and proactive maintenance tasks, and a systematic guide for practitioners to select the proper method for their setting.
28
References
•Book
Introduction to Information Retrieval
Christopher D. Manning,Prabhakar Raghavan,Hinrich Schütze +2 more
- 01 Jan 2008
TL;DR: In this article, the authors present an up-to-date treatment of all aspects of the design and implementation of systems for gathering, indexing, and searching documents; methods for evaluating systems; and an introduction to the use of machine learning methods on text collections.
Term Weighting Approaches in Automatic Text Retrieval
Gerard Salton,Chris Buckley +1 more
TL;DR: This paper summarizes the insights gained in automatic term weighting, and provides baseline single term indexing models with which other more elaborate content analysis procedures can be compared.
Detecting large-scale system problems by mining console logs
Wei Xu,Ling Huang,Armando Fox,David A. Patterson,Michael I. Jordan +4 more
- 11 Oct 2009
TL;DR: In this article, a general methodology to mine this rich source of information to automatically detect system runtime problems was proposed, combining source code analysis with information retrieval to create composite features and then analyze these features using machine learning to detect operational problems.
1K
•Proceedings Article
Detecting Large-Scale System Problems by Mining Console Logs
Wei Xu,Ling Huang,Armando Fox,David A. Patterson,Michael I. Jordan +4 more
- 21 Jun 2010
TL;DR: This work first parse console logs by combining source code analysis with information retrieval to create composite features, and then analyzes these features using machine learning to detect operational problems to automatically detect system runtime problems.
What Supercomputers Say: A Study of Five System Logs
Adam J. Oliner,Jon Stearley +1 more
- 25 Jun 2007
TL;DR: This paper examines system logs from five supercomputers with the aim of providing useful insight and direction for future research into the use of such logs, and proposes a simpler and more effective filtering algorithm.