Abstract
This paper describes a novel approach to event correlation in networks based on coding techniques. Observable symptom events are viewed as a code that identifies the problems that caused them; correlation is performed by decoding the set of observed symptoms. The coding approach has been implemented in SMARTS Event Management System (SEMS), as server running under Sun Solaris 2.3. Preliminary benchmarks of the SEMS demonstrate that the coding approach provides a speedup at least two orders of magnitude over other published correlation systems. In addition, it is resilient to high rates of symptom loss and false alarms. Finally, the coding approach scales well to very large domains involving thousands of problems.
Work performed while the author was on sabbatical leave at Systems Management Arts.
This author’s research was supported in part by NSF grant IRI-94-13847
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Dupuy, A., Schwartz, J., Yemini, Y., Barzilai, G. and Cahana, A. (1989) Network Fault Management: A User’s View, in Proc. IFIP Symposium on Integrated Network Management, North Holland.
Feldkuhn, L. and Erickson, J. (1989) Event Management as a Common Functional Area of Open Systems Management, in Proc. IFIP Symposium on Integrated Network Management, North Holland.
Jakobson, G., Weissman, M. (1993) Alarm Correlation, IEEE Network, Vol. 7, No. 6.
Kliger, S., Yemini, Y. and Yemini, S. (1994a) Apparatus and Method for Event Correlation and Problem Reporting, Patent Application.
Kilger, S., Ohsie, D., Yemini, Y., Hwang W. (1994b) Decs Performance Benchmarks Summary, SMARTS Technical Report.
Leinwand, A., Fang, K. (1993) Network Management: A Practical Perspective Addison Wesley.
Lewis, L. (1993) A Case Base Reasoning Approach to The Resolution of Faults in Communications Networks, in Proceedings Third International Symposium on Integrated Network Management.
Nygate, Yossi and Sterling, Leon (1993) ASPEN–Designing Complex Knowledge Based Systems in Proceedings of the 10th Israeli Symposium on Artificial Intelligence, Computer Vision, and Neural Networks, pp. 51–60.
Ohsie, D. and S. Kliger (1993) Network Event Management Survey, SMARTS Technical Report. Roman, Steve (1992) Coding and Information Theory, Springer Verlag.
Stallings, W. (1993) SNMP, SNMPv2, and CMIP The Practical Guide to Network-Management Standards,Addison Wesley.
Yemini, Y., Dupuy, A., Kliger, S., Yemini, S (1993) Semantic Modeling of Managed Information in Second IEEE Workshop on Network Management and Control, Tarrytown, NY.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1995 Springer Science+Business Media Dordrecht
About this chapter
Cite this chapter
Kliger, S., Yemini, S., Yemini, Y., Ohsie, D., Stolfo, S. (1995). A Coding Approach to Event Correlation. In: Sethi, A.S., Raynaud, Y., Faure-Vincent, F. (eds) Integrated Network Management IV. IM 1995. IFIP — The International Federation for Information Processing. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-34890-2_24
Download citation
DOI: https://doi.org/10.1007/978-0-387-34890-2_24
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5517-6
Online ISBN: 978-0-387-34890-2
eBook Packages: Springer Book Archive