Projects‎ > ‎Information Security‎ > ‎

MieLog: Highly Interactive Visual Log Browser


System administration has become an increasingly important function, with the fundamental task being the inspection of computer log-files. It is not, however, easy to perform such tasks for two reasons. One is the high recognition load of log contents due to the massive amount of textual data. It is a tedious, time-consuming and often error-prone task to read through them. The other problem is the difficulty in extracting unusual messages from the log. If an administrator does not have the knowledge or experience, he or she cannot readily recognize unusual log messages. To help address these issues, we have developed a highly interactive visual log browser called ``MieLog.'' MieLog uses two techniques for manual log inspection tasks: information visualization and statistical analysis. Information visualization is helpful in reducing the recognition load because it provides an alternative method of interpreting textual information without reading. Statistical analysis enables the extraction of unusual log messages without domain specific knowledge. We will give three examples that illustrate the ability of the MieLog system to isolate unusual messages more easily than before.

 

  1. 1.Tetsuji Takada, Hideki Koike, Mielog: a highly interactive visual log browser using information visualization and statistical analysis, proc. of LISA XVI sixteenth systems administration conference, USENIX, pp.133-144, 2002.

Comments