Presentation 2015-11-27
An Automated Whitelist Generator for Log Monitoring
Atsushi Sasaki, Toyonori Fujiura, Tetsuaki Kamata, Yuzuru Mori,
PDF Download Page PDF download Page Link
Abstract(in Japanese) (See Japanese page)
Abstract(in English) We have traditionally monitored log messages in system managements mainly with a blacklist, whether the log messages coincide with regular expressions in the blacklist. However, the blacklist can only alert log messages known as failures in advance. On the other hand, there is a log monitoring with a whitelist in order to exclude log messages known as normal in advance from the alerts. We expect it to find failures which have not been known in advance. A whitelist generally contains much more regular expressions than a blacklist, thus it is harder to write regular expressions in the whitelist by human efforts than to write those in the blacklist. Therefore we achieved an automated whitelist generator to reduce human efforts. Since system failures should not be missed, the whitelist should achieve recall ratio of 100%. Thus we propose a whitelist generator which converts numbers to regular expressions, which achieves recall ratio of 100%.
Keyword(in Japanese) (See Japanese page)
Keyword(in English) Log Monitoring / Whitelist / Failure detection
Paper # ICM2015-22
Date of Issue 2015-11-19 (ICM)

Conference Information
Committee CQ / ICM / NS
Conference Date 2015/11/26(2days)
Place (in Japanese) (See Japanese page)
Place (in English) Niigata University
Topics (in Japanese) (See Japanese page)
Topics (in English) Network Quality, Network Measurement and Management, Network Virtualization, Network Service, General
Chair Kyoko Yamori(Asahi Univ.) / Shingo Ata(Osaka City Univ.) / Atsushi Hiramatsu(NTT-AT)
Vice Chair Takanori Hayashi(NTT) / Hideyuki Shimonishi(NEC) / Kiyohito Yoshihara(KDDI R&D Labs.) / Manabu Nakagawa(NTT Communications) / Hideki Tode(Osaka Pref. Univ.)
Secretary Takanori Hayashi(NEC) / Hideyuki Shimonishi(Osaka Univ.) / Kiyohito Yoshihara(Hitachi) / Manabu Nakagawa(NEC) / Hideki Tode(Univ. of Fukui)
Assistant Masahiro Yamamoto(OKI) / Bo GU(Waseda Univ.) / Hirantha Abeysekera(NTT) / Masao Murata(Fujitsu) / Shohei Kamamura(NTT)

Paper Information
Registration To Technical Committee on Communication Quality / Technical Committee on Information and Communication Management / Technical Committee on Network Systems
Language JPN
Title (in Japanese) (See Japanese page)
Sub Title (in Japanese) (See Japanese page)
Title (in English) An Automated Whitelist Generator for Log Monitoring
Sub Title (in English)
Keyword(1) Log Monitoring
Keyword(2) Whitelist
Keyword(3) Failure detection
1st Author's Name Atsushi Sasaki
1st Author's Affiliation Nippon Telegraph and Telephone Corporation(NTT)
2nd Author's Name Toyonori Fujiura
2nd Author's Affiliation Nippon Telegraph and Telephone Corporation(NTT)
3rd Author's Name Tetsuaki Kamata
3rd Author's Affiliation Nippon Telegraph and Telephone Corporation(NTT)
4th Author's Name Yuzuru Mori
4th Author's Affiliation Nippon Telegraph and Telephone Corporation(NTT)
Date 2015-11-27
Paper # ICM2015-22
Volume (vol) vol.115
Number (no) ICM-328
Page pp.pp.27-32(ICM),
#Pages 6
Date of Issue 2015-11-19 (ICM)