Ontological approach to automated analysis of enterprise data storage systems log files
Enterprise data storage is usually designed to operate as a highly available system, which needs continuous monitoring and diagnosing of a system state. However, applying the traditional approach to administration tasks with manual analysis of event log files is infeasible due to the complexity of such systems. Multiple levels of monitoring and the heterogeneous nature of diagnostic data require an autonomous solution that provides a combination of model-based, knowledge-based and data-based approaches. An ontology-based diagnostic model, that integrates an expert knowledge of diagnostic parameters, typical storage configurations, and common failure modes, can be considered a promising solution for this task. The implementation goal for such an autonomous diagnostic approach would be not to substitute, but to complement existing diagnostic infrastructure. Hence, software and system event log files can be viewed as additional diagnostic data to be analyzed. This paper presents a new approach to event log analysis, which is supported by the ontology-based diagnostic model: structure of supporting ontology classes, text preparation algorithm, key implementation points, and assessments of the data mining algorithm suitability for the task.
Data mining, data storage system, diagnostic model, event log, knowledge-based systems, ontology