Download: implementation.
“Synoptic: Summarizing system logs with refinement” by Sigurd Schneider, Ivan Beschastnikh, Slava Chernyak, Michael D. Ernst, and Yuriy Brun. In Workshop on Managing Systems via Log Analysis and Machine Learning Techniques (SLAML '10), (Vancouver, BC, Canada), October 3, 2010.
Distributed systems are often difficult to debug and understand. A typical way of gaining insight into system behavior is by inspecting its execution logs. Manual inspection of logs is arduous, and few tools can analyze an arbitrary system log out of the box. To support this task we developed Synoptic. Synoptic outputs a concise graph representation of logged events that captures important temporal event invariants mined from the log. Synoptic makes no assumptions about the system, and requires no system modifications.
In contrast to prior approaches, Synoptic uses refinement instead of coarsening to explore the space of representations. Additionally, it infers temporal event invariants to capture distributed system semantics that are often present in system logs. These invariants drive the coarsening process, and are preserved in the final representation.
In experiments on synthetic and real distributed system logs, Synoptic had reasonable overhead for an offline analysis tool, and it augmented a distributed system designer's understanding of system behavior.
Download: implementation.
BibTeX entry:
@inproceedings{BeschastnikhCEB2010,
author = {Sigurd Schneider and Ivan Beschastnikh and Slava Chernyak and
Michael D. Ernst and Yuriy Brun},
title = {Synoptic: Summarizing system logs with refinement},
booktitle = {Workshop on Managing Systems via Log Analysis and Machine
Learning Techniques (SLAML '10)},
address = {Vancouver, BC, Canada},
month = {October~3,},
year = {2010}
}
(This webpage was created with bibtex2web.)
Back to Program Analysis Group publications.