Abstract

Information Technology systems generate system log messages to allow for the monitoring of the system. In increasingly large and complex systems the volume of log data can overwhelm the analysts tasked with monitoring these systems. A system was developed that utilizes Principal Component Analysis to assist the analyst in the characterization of system health and events. Once trained, the system was able to accurately identify a state of heavy load on a device with a low false positive rate. The system was also able to accurately identify an error condition when trained on a single event. The method employed is able to assist in the real time monitoring of large complex systems, increasing the efficiency of trained analysts.

Degree

MS

College and Department

Ira A. Fulton College of Engineering and Technology; Technology

Rights

http://lib.byu.edu/about/copyright/

Date Submitted

2016-12-01

Document Type

Thesis

Handle

http://hdl.lib.byu.edu/1877/etd9015

Keywords

syslog, log analysis, principal component analysis

Share

COinS