Flexible Log File Parsing Using Hidden Markov Models

Kuhnert N, Maier A (2019)


Publication Language: English

Publication Type: Conference contribution, Conference Contribution

Publication year: 2019

Event location: Kopenhagen DK

DOI: 10.5121/csit.2019.91201

Abstract

We aim to model unknown file processing. As the content of log files often evolves over time, we established a dynamic statistical model which learns and adapts processing and parsing rules. First, we limit the amount of unstructured text by focusing only on those frequent patterns which lead to the desired output table similar to Vaarandi [10]. Second, we transform the found frequent patterns and the output stating the parsed table into a Hidden Markov Model (HMM). We use this HMM as a specific, however, flexible representation of a pattern for log file processing. With changes in the raw log file distorting learned patterns, we aim the model to adapt automatically in order to maintain high quality output. After training our model on one system type, applying the model and the resulting parsing rule to a different system with slightly different log file patterns, we achieve an accuracy over 99%.

Authors with CRIS profile

How to cite

APA:

Kuhnert, N., & Maier, A. (2019). Flexible Log File Parsing Using Hidden Markov Models. Kopenhagen, DK.

MLA:

Kuhnert, Nadine, and Andreas Maier. "Flexible Log File Parsing Using Hidden Markov Models." Kopenhagen 2019.

BibTeX: Download