Abstract
Information Technology systems generate system log messages to allow for the monitoring of the system. In increasingly large and complex systems the volume of log data can overwhelm the analysts tasked with monitoring these systems. A system was developed that utilizes Principal Component Analysis to assist the analyst in the characterization of system health and events. Once trained, the system was able to accurately identify a state of heavy load on a device with a low false positive rate. The system was also able to accurately identify an error condition when trained on a single event. The method employed is able to assist in the real time monitoring of large complex systems, increasing the efficiency of trained analysts.
Degree
MS
College and Department
Ira A. Fulton College of Engineering and Technology; Technology
Rights
http://lib.byu.edu/about/copyright/
BYU ScholarsArchive Citation
Broadbent, Lane David, "Recognition of Infrastructure Events Using Principal Component Analysis" (2016). Theses and Dissertations. 6197.
https://scholarsarchive.byu.edu/etd/6197
Date Submitted
2016-12-01
Document Type
Thesis
Handle
http://hdl.lib.byu.edu/1877/etd9015
Keywords
syslog, log analysis, principal component analysis
Language
english
Technology Emphasis
Information Technology (IT)