Computer system performance problem detection using time series models
作者: Jay Lepreau , Peter Hoogenboom
DOI:
关键词: Data mining 、 Expert system 、 Unix 、 Task (computing) 、 Workload 、 Process (computing) 、 Real-time computing 、 Scalability 、 Host (network) 、 Workstation 、 Computer science
摘要: Computer systems require monitoring to detect performance anomalies such as runaway processes, but problem detection and diagnosis is a complex task requiring skilled attention. Although human attention was never ideal for this task, networks of computers grow larger their interactions more complex, it falls far short. Existing computer-aided management the administrator manually specify fixed "trouble" thresholds. In paper we report on an expert system that automatically sets thresholds, detects diagnoses problems network Unix computers. Key success scalability are time series models developed model variations in workload each host. Analysis load average records 50 machines yielded which show, workstations with simulated injection, false positive negative rates less than 1%. The server most difficult still gave positive/negative only 6%/32%. Observed values exceeding expected range particular host cause focus machine. There applies tools finer resolution discrimination, including per-command profiles gleaned from process accounting records. It makes one 18 specific notifies administrator, optionally user [a].
acm.org 参考文章(11)
Edward D. Lazowska, G. Scott Graham, John Zahorjan, Kenneth C. Sevcik, Quantitative system performance: computer system analysis using queueing network models Int. CMG Conference. pp. 468- 470 ,(1984)
Alessandro Zeigner, Giuseppe Serazzi, Domenico Ferrari, Measurement and tuning of computer systems ,(1983)
Donald Arthur Waterman, A Guide to Expert Systems ,(1985)
B. L. Hitson, Knowledge-based monitoring and control: an approach to understanding behavior of TCP/IP network protocols Symposium proceedings on Communications architectures and protocols - SIGCOMM '88. ,vol. 18, pp. 210- 221 ,(1988) , 10.1145/52324.52346
Jerome H. Saltzer, John W. Gintell, The instrumentation of multics Communications of the ACM. ,vol. 13, pp. 495- 500 ,(1970) , 10.1145/362705.362711
D.E. Denning, An Intrusion-Detection Model IEEE Transactions on Software Engineering. ,vol. 13, pp. 222- 232 ,(1987) , 10.1109/TSE.1987.232894
T.F. Lunt, R. Jagannathan, A prototype real-time intrusion-detection expert system ieee symposium on security and privacy. pp. 59- 66 ,(1988) , 10.1109/SECPRI.1988.8098
Peter R. Winters, Forecasting Sales by Exponentially Weighted Moving Averages Management Science. ,vol. 6, pp. 324- 342 ,(1960) , 10.1287/MNSC.6.3.324
R. Jagannathan, Ann Tamaru, Thomas D. Garvey, Teresa F. Lunt, Caveh Jalali, Fred Gilham, Harold S. Javitz, Peter G. Neumann, A REAL-TIME INTRUSION-DETECTION EXPERT SYSTEM (IDES) ,(1992)
Peter J. Hoogenboom, Semantic definition of a subset of the structured query language (SQL) ,(1991)