Coordinated analysis of heterogeneous monitor data in enterprise clouds for incident response

Uttam Thakore; Harigovind V. Ramasamy; William H. Sanders

doi:10.1109/ISSREW.2019.00042

Coordinated analysis of heterogeneous monitor data in enterprise clouds for incident response

Uttam Thakore, Harigovind V. Ramasamy, William H. Sanders

Electrical and Computer Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

During incident analysis and response, enterprise cloud administrators want to use as much of their generated monitor data as possible. However, the reality is that decisions are often dictated by the tools actually available to automatically process the monitor data, rather than by an understanding of the relevance of the data for incident response. The significant manual effort and domain expertise required to process diverse cloud monitors means that much monitor data remain unexamined. We propose a framework for simplifying the complexity of data analysis for incident response. Our framework enables coordinated analysis of both metric (numerical) data and log (semi-structured, textual) data and exposes salient features within those data. As a foundation for the framework, we define a taxonomy for fields within monitor data based on insights gained from analyzing logs and metrics collected from all levels of an experimental platform-As-A-service (PaaS) cloud (EPC). Using the taxonomy, we lay out a method for semi-Automated feature extraction and discovery across heterogeneous monitors. We then describe a method for feature clustering to promote effective analysis of the data, and to remove redundant and uninformative features. We discuss the application of our framework for incident response within the EPC, including root cause analysis.

Original language	English (US)
Title of host publication	Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019
Editors	Katinka Wolter, Ina Schieferdecker, Barbara Gallina, Michel Cukier, Roberto Natella, Naghmeh Ivaki, Nuno Laranjeiro
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	53-58
Number of pages	6
ISBN (Electronic)	9781728151380
DOIs	https://doi.org/10.1109/ISSREW.2019.00042
State	Published - Oct 2019
Event	30th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2019 - Berlin, Germany Duration: Oct 28 2019 → Oct 31 2019

Publication series

Name	Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019

Conference

Conference	30th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2019
Country/Territory	Germany
City	Berlin
Period	10/28/19 → 10/31/19

Keywords

AIOps
cloud computing
incident response
log analysis
log clustering
reliability

ASJC Scopus subject areas

Software
Safety, Risk, Reliability and Quality

Online availability

10.1109/ISSREW.2019.00042

Library availability

Discover UIUC Full Text

Cite this

Thakore, U., Ramasamy, H. V., & Sanders, W. H. (2019). Coordinated analysis of heterogeneous monitor data in enterprise clouds for incident response. In K. Wolter, I. Schieferdecker, B. Gallina, M. Cukier, R. Natella, N. Ivaki, & N. Laranjeiro (Eds.), Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019 (pp. 53-58). Article 8990307 (Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ISSREW.2019.00042

Coordinated analysis of heterogeneous monitor data in enterprise clouds for incident response. / Thakore, Uttam; Ramasamy, Harigovind V.; Sanders, William H.
Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019. ed. / Katinka Wolter; Ina Schieferdecker; Barbara Gallina; Michel Cukier; Roberto Natella; Naghmeh Ivaki; Nuno Laranjeiro. Institute of Electrical and Electronics Engineers Inc., 2019. p. 53-58 8990307 (Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Thakore, U, Ramasamy, HV & Sanders, WH 2019, Coordinated analysis of heterogeneous monitor data in enterprise clouds for incident response. in K Wolter, I Schieferdecker, B Gallina, M Cukier, R Natella, N Ivaki & N Laranjeiro (eds), Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019., 8990307, Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019, Institute of Electrical and Electronics Engineers Inc., pp. 53-58, 30th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2019, Berlin, Germany, 10/28/19. https://doi.org/10.1109/ISSREW.2019.00042

Thakore U, Ramasamy HV, Sanders WH. Coordinated analysis of heterogeneous monitor data in enterprise clouds for incident response. In Wolter K, Schieferdecker I, Gallina B, Cukier M, Natella R, Ivaki N, Laranjeiro N, editors, Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 53-58. 8990307. (Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019). doi: 10.1109/ISSREW.2019.00042

Thakore, Uttam ; Ramasamy, Harigovind V. ; Sanders, William H. / Coordinated analysis of heterogeneous monitor data in enterprise clouds for incident response. Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019. editor / Katinka Wolter ; Ina Schieferdecker ; Barbara Gallina ; Michel Cukier ; Roberto Natella ; Naghmeh Ivaki ; Nuno Laranjeiro. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 53-58 (Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019).

@inproceedings{2fef922aba3246db91a3136dd33e2be5,

title = "Coordinated analysis of heterogeneous monitor data in enterprise clouds for incident response",

abstract = "During incident analysis and response, enterprise cloud administrators want to use as much of their generated monitor data as possible. However, the reality is that decisions are often dictated by the tools actually available to automatically process the monitor data, rather than by an understanding of the relevance of the data for incident response. The significant manual effort and domain expertise required to process diverse cloud monitors means that much monitor data remain unexamined. We propose a framework for simplifying the complexity of data analysis for incident response. Our framework enables coordinated analysis of both metric (numerical) data and log (semi-structured, textual) data and exposes salient features within those data. As a foundation for the framework, we define a taxonomy for fields within monitor data based on insights gained from analyzing logs and metrics collected from all levels of an experimental platform-As-A-service (PaaS) cloud (EPC). Using the taxonomy, we lay out a method for semi-Automated feature extraction and discovery across heterogeneous monitors. We then describe a method for feature clustering to promote effective analysis of the data, and to remove redundant and uninformative features. We discuss the application of our framework for incident response within the EPC, including root cause analysis.",

keywords = "AIOps, cloud computing, incident response, log analysis, log clustering, reliability",

author = "Uttam Thakore and Ramasamy, {Harigovind V.} and Sanders, {William H.}",

note = "in part by an IBM Ph.D. Fellowship.; 30th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2019 ; Conference date: 28-10-2019 Through 31-10-2019",

year = "2019",

month = oct,

doi = "10.1109/ISSREW.2019.00042",

language = "English (US)",

series = "Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "53--58",

editor = "Katinka Wolter and Ina Schieferdecker and Barbara Gallina and Michel Cukier and Roberto Natella and Naghmeh Ivaki and Nuno Laranjeiro",

booktitle = "Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019",

address = "United States",

}

TY - GEN

T1 - Coordinated analysis of heterogeneous monitor data in enterprise clouds for incident response

AU - Thakore, Uttam

AU - Ramasamy, Harigovind V.

AU - Sanders, William H.

N1 - in part by an IBM Ph.D. Fellowship.

PY - 2019/10

Y1 - 2019/10

N2 - During incident analysis and response, enterprise cloud administrators want to use as much of their generated monitor data as possible. However, the reality is that decisions are often dictated by the tools actually available to automatically process the monitor data, rather than by an understanding of the relevance of the data for incident response. The significant manual effort and domain expertise required to process diverse cloud monitors means that much monitor data remain unexamined. We propose a framework for simplifying the complexity of data analysis for incident response. Our framework enables coordinated analysis of both metric (numerical) data and log (semi-structured, textual) data and exposes salient features within those data. As a foundation for the framework, we define a taxonomy for fields within monitor data based on insights gained from analyzing logs and metrics collected from all levels of an experimental platform-As-A-service (PaaS) cloud (EPC). Using the taxonomy, we lay out a method for semi-Automated feature extraction and discovery across heterogeneous monitors. We then describe a method for feature clustering to promote effective analysis of the data, and to remove redundant and uninformative features. We discuss the application of our framework for incident response within the EPC, including root cause analysis.

AB - During incident analysis and response, enterprise cloud administrators want to use as much of their generated monitor data as possible. However, the reality is that decisions are often dictated by the tools actually available to automatically process the monitor data, rather than by an understanding of the relevance of the data for incident response. The significant manual effort and domain expertise required to process diverse cloud monitors means that much monitor data remain unexamined. We propose a framework for simplifying the complexity of data analysis for incident response. Our framework enables coordinated analysis of both metric (numerical) data and log (semi-structured, textual) data and exposes salient features within those data. As a foundation for the framework, we define a taxonomy for fields within monitor data based on insights gained from analyzing logs and metrics collected from all levels of an experimental platform-As-A-service (PaaS) cloud (EPC). Using the taxonomy, we lay out a method for semi-Automated feature extraction and discovery across heterogeneous monitors. We then describe a method for feature clustering to promote effective analysis of the data, and to remove redundant and uninformative features. We discuss the application of our framework for incident response within the EPC, including root cause analysis.

KW - AIOps

KW - cloud computing

KW - incident response

KW - log analysis

KW - log clustering

KW - reliability

UR - http://www.scopus.com/inward/record.url?scp=85080898405&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85080898405&partnerID=8YFLogxK

U2 - 10.1109/ISSREW.2019.00042

DO - 10.1109/ISSREW.2019.00042

M3 - Conference contribution

AN - SCOPUS:85080898405

T3 - Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019

SP - 53

EP - 58

BT - Proceedings - 2019 IEEE 30th International Symposium on Software Reliability Engineering Workshops, ISSREW 2019

A2 - Wolter, Katinka

A2 - Schieferdecker, Ina

A2 - Gallina, Barbara

A2 - Cukier, Michel

A2 - Natella, Roberto

A2 - Ivaki, Naghmeh

A2 - Laranjeiro, Nuno

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 30th IEEE International Symposium on Software Reliability Engineering Workshops, ISSREW 2019

Y2 - 28 October 2019 through 31 October 2019

ER -

Coordinated analysis of heterogeneous monitor data in enterprise clouds for incident response

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this