att_abstract={{Router syslogs are messages that a router logs to describe
a wide range of events observed by it. They are considered
one of the most valuable data sources for monitoring
network health and for troubleshooting network faults and
performance anomalies. However, router syslog messages
are essentially free-form text with only a minimal structure,
and their formats vary among different vendors and router
OSes. Furthermore, since router syslogs are aimed for tracking
and debugging router software/hardware problems, they
are often too low-level from network service management
perspectives. Due to their sheer volume (e.g., millions per
day in a large ISP network), router syslog messages are typically
examined (manually by a network administrator) only
when required by an on-going troubleshooting investigation
or when given a narrow time range and a specific router
under suspicion. In this project, we design a SyslogDigest
system that can automatically transform and compress such
low-level minimally-structured syslog messages into meaningful
and prioritized high-level network events, using powerful
data mining techniques tailored to our problem domain.
These events are three orders of magnitude fewer in number
and have much better usability than raw syslog messages.
We demonstrate that they provide critical input to network
troubleshooting, and network health monitoring and visualization.}},
	att_authors={jw2129, zg2325, dp8327, tq188f},
	att_copyright_notice={{(c) ACM, 2010. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution.
The definitive version was published in ACM Internet Measurement Conference  {{, 2010-11-01}}}},
	author={Jia Wang and Zihui Ge and Dan Pei and  Tongqing Qiu and Jun Xu},
	institution={{ACM/USENIX Interent Measurement Conference}},
	title={{What Happened in my Network? Mining Network Events from Router Syslogs}},