@book{48dbee710a724d2fb2b7cee6c0367d9c,
title = "Anomaly detection from server log data: A case study",
abstract = "This study focuses on the analysis of server log data and the detection and potential prediction of anomalies related to the monitored servers. The issue is relevant in many mission-critical systems consisting of multiple servers. There it is favourable to be able detect and even foresee problems to be able to react promptly and apply required corrections to the system. In this study, we have done off-line analyses based on pre-recorded data. In reality, if the objective is to come up with solutions for detecting anomalies in real-time, additional requirements and constraints would be imposed on the algorithms to be used. For example, in on-line situation, higher requirements on the performance of the algorithm and on the amount of historical data available for the algorithm would exist. However, we do not address those issues in this preliminary study. In addition to the analysis of real data, we have interviewed experts that are working on the server-related issues on a daily basis. Based on those discussions, we have tried to formulate practical cases, for which some algorithms and tools could provide practical utility.",
keywords = "anomaly detection, data mining, machine learning, SOM, self-organizing map, IT monitoring, server log file, CPU, memory, process",
author = "Sami Nousiainen and Jorma Kilpi and Paula Silvonen and Mikko Hiirsalmi",
note = "Project code: 13674 ",
year = "2009",
language = "English",
series = "VTT Tiedotteita - Research Notes",
publisher = "VTT Technical Research Centre of Finland",
number = "2480",
address = "Finland",
}