Automatic discovery of relationships across multiple network layers

  • Authors:

  • Andrew Turner;Hyong. S. Kim;Tina Wong

  • Affiliations:

  • Carnegie Mellon University, Pittsburgh, PA;Carnegie Mellon University, Pittsburgh, PA;Carnegie Mellon University, Pittsburgh, PA

  • Venue:
  • Proceedings of the 2007 SIGCOMM workshop on Internet network management
  • Year:
  • 2007

Quantified Score

Hi-index 0.00

Visualization

Abstract

As networks become increasingly large and complex the relationships and dependencies between network elements also grow in complexity and size. If an e-mail server goes off-line for ten minutes but never goes off-line again, it might not be a serious problem, and can be forgotten about. But if the e-mail server repeatedly goes off-line, the cause of the problem must be found. The difficulty for network operators is discovering what causes the problem -- we address this issue and formalize a method to make event logs more useful to network operators. In this paper we describe how network events can be correlated across multiple network layers, and utilize the temporal and spatial aspects of the event data to more accurately correlate network events than using the event descriptions alone. Our results show that by statistically analyzing Syslog data, a relationship graph can be automatically generated that shows relationships between network elements. We then go on to discuss how such a relationship graph, in combination with event correlation, can help operators more accurately discover the root cause of problems, and identify hidden relationships and dependencies within their networks.