An Algorithm for Message Type Discovery in Unstructured Log Data

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F19%3A00110676" target="_blank" >RIV/00216224:14610/19:00110676 - isvavai.cz</a>

Výsledek na webu

<a href="https://www.scitepress.org/PublicationsDetail.aspx?ID=iR8+L9fcM+g%3d&t=1" target="_blank" >https://www.scitepress.org/PublicationsDetail.aspx?ID=iR8+L9fcM+g%3d&t=1</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.5220/0007919806650676" target="_blank" >10.5220/0007919806650676</a>

Jazyk výsledku

angličtina

Název v původním jazyce

An Algorithm for Message Type Discovery in Unstructured Log Data

Popis výsledku v původním jazyce

Log message abstraction is a common way of dealing with the unstructured nature of log data. It refers to the separation of static and dynamic part of the log message, so that both parts can be accessed independently, allowing the message to be abstracted into a more structured representation. To facilitate this task, so-called message types and the corresponding matching patterns must be first discovered, and only after that can be this pattern-set used to pattern-match individual log messages in order to extract dynamic information and impose some structure on them. Because the manual discovery of message types is a tiresome and error-prone process, we have focused our research on data mining algorithms that are able to discover message types in already generated log data. Since we have identified several deficiencies of the existing algorithms, which are limiting their capabilities, we propose a novel algorithm for message type discovery addressing these deficiencies.

Název v anglickém jazyce

An Algorithm for Message Type Discovery in Unstructured Log Data

Popis výsledku anglicky

Log message abstraction is a common way of dealing with the unstructured nature of log data. It refers to the separation of static and dynamic part of the log message, so that both parts can be accessed independently, allowing the message to be abstracted into a more structured representation. To facilitate this task, so-called message types and the corresponding matching patterns must be first discovered, and only after that can be this pattern-set used to pattern-match individual log messages in order to extract dynamic information and impose some structure on them. Because the manual discovery of message types is a tiresome and error-prone process, we have focused our research on data mining algorithms that are able to discover message types in already generated log data. Since we have identified several deficiencies of the existing algorithms, which are limiting their capabilities, we propose a novel algorithm for message type discovery addressing these deficiencies.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

<a href="/cs/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2019

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of the 14th International Conference on Software Technologies - Volume 1: ICSOFT

ISBN

9789897583797

ISSN

2184-2833

e-ISSN

—

Počet stran výsledku

12

Strana od-do

665-676

Název nakladatele

SciTePress

Místo vydání

Prague

Místo konání akce

Prague

Datum konání akce

1. 1. 2019

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

000572825100071