"LISA is where professionals share what's hot in designing, building, and maintaining critical systems."
Tom Limoncelli, author, speaker, and system administrator
"Information from LISA helps us push the envelope on automation and scaling, allowing a team of four to manage over 3000 Firefox build and test systems running 15 different operating systems."
Amy Rich, Manager of Release Engineering Operations at Mozilla
"LISA is where I find direction for evolving the my core professional skills."
LISA '13 Attendee
"LISA is where professionals share what's hot in designing, building, and maintaining critical systems."
Tom Limoncelli, author, speaker, and system administrator
"I use LISA to benchmark the SA activities in my company."
LISA '13 Attendee
"LISA is the place where industry best practices and cutting-edge research come together to advance system administration."
Nicole Forsgren Velasquez, Utah State University
"LISA is the conference that I send my system administrators to so they can bring the latest tools and techniques back to the rest of the team. Much of our current environment can be traced directly back to LISA."
Cory Lueninghoener, Deputy Group Leader of Production High Performance Computing at Los Alamos National Laboratory
"I keep coming back for the technical content and the personal networking opportunities. I attend for career development."
LISA '13 Attendee
"LISA is the conference that I send my system administrators to so they can bring the latest tools and techniques back to the rest of the team. Much of our current environment can be traced directly back to LISA."
Cory Lueninghoener, Deputy Group Leader of Production High Performance Computing at Los Alamos National Laboratory
Analyzing Log Analysis: An Empirical Study of User Log Mining
Refereed Paper
Wednesday, November 12, 2014 - 2:45pm-3:00pm
Authors:
S. Alspaugh, University of California, Berkeley and Splunk Inc.; Beidi Chen and Jessica Lin, University of California, Berkeley; Archana Ganapathi, Splunk Inc.; Marti A. Hearst and Randy Katz, University of California, Berkeley
Awarded Best Student Paper!
Abstract:
We present an in-depth study of over 200K log analysis queries from Splunk, a platform for data analytics. Using these queries, we quantitatively describe log analysis behavior to inform the design of analysis tools. This study includes state machine based descriptions of typical log analysis pipelines, cluster analysis of the most common transformation types, and survey data about Splunk user roles, use cases, and skill sets. We find that log analysis primarily involves filtering, reformatting, and summarizing data and that non-technical users increasingly need data from logs to drive their decision making. We conclude with a number of suggestions for future research.
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
BibTeX
@inproceedings {186535,
author = {S. Alspaugh and Beidi Chen and Jessica Lin and Archana Ganapathi and Marti Hearst and Randy Katz},
title = {Analyzing Log Analysis: An Empirical Study of User Log Mining},
booktitle = {28th Large Installation System Administration Conference (LISA14)},
year = {2014},
isbn = {978-1-931971-17-1},
address = {Seattle, WA},
pages = {62--77},
url = {https://www.usenix.org/conference/lisa14/conference-program/presentation/alspaugh},
publisher = {{USENIX} Association},
month = nov,
}
Twitter
Facebook
LinkedIn
Google+
YouTube
connect with us