论文信息 - A coding approach to event correlation

A coding approach to event correlation

This paper describes a novel approach to event correlation in networks based on coding techniques. Observable symptom events are viewed as a code that identifies the problems that caused them; correlation is performed by decoding the set of observed symptoms. The coding approach has been implemented in SMARTS Event Management System (SEMS), as server running under Sun Solaris 2.3. Preliminary benchmarks of the SEMS demonstrate that the coding approach provides a speedup at least two orders of magnitude over other published correlation systems. In addition, it is resilient to high rates of symptom loss and false alarms. Finally, the coding approach scales well to very large domains involving thousands of problems.

[1] Richard W. Hamming,et al. Coding and Information Theory , 1980 .

[2] G. Jakobson,et al. Alarm correlation , 1993, IEEE Network.

[3] Allan Leinwand,et al. Network Management: A Practical Perspective , 1993 .

[4] William Stallings. SNMP, SNMPv2, and CMIP: the practical guide to network management , 1993 .

[5] Yechiam Yemini,et al. Semantic Modeling of Managed Information , 1994 .