Simplifying Correlation Rule Creation for Effective Systems Monitoring

  • C. Araujo
  • A. Biazetti
  • A. Bussani
  • J. Dinger
  • M. Feridun
  • A. Tanner
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3278)

Abstract

Event correlation is a necessary component of systems management but is perceived as a difficult function to set up and maintain. We report on our work to develop a set of tools and techniques to simplify event correlation and thereby reduce overall operating costs. The tools prototyped are described and our current plans for future tool development outlined.

References

  1. 1.
  2. 2.
    Hellerstein, J.L., Ma, S., Perng, C.: Discovering actionable patterns from event data. IBM Systems Journal 41(3), 475–493 (2002)CrossRefGoogle Scholar
  3. 3.
    Julisch, K.: Clustering Intrusion Detection Alarms to Support Root Cause Analysis. ACM Transactions on Information and System Security 6(4), 1–29 (2003)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2004

Authors and Affiliations

  • C. Araujo
    • 1
  • A. Biazetti
    • 1
  • A. Bussani
    • 2
  • J. Dinger
    • 1
  • M. Feridun
    • 2
  • A. Tanner
    • 2
  1. 1.IBM Software GroupTivoli Raleigh Development LabRaleighUSA
  2. 2.IBM ResearchZurich Research LaboratoryRueschlikonSwitzerland

Personalised recommendations