The Power of Events: An Introduction to Complex Event Processing in Distributed Enterprise Systems
The Power of Events: An Introduction to Complex Event Processing in Distributed Enterprise Systems
Developing Wmi Solutions
Teaching operating systems: the windows case
Proceedings of the 37th SIGCSE technical symposium on Computer science education
Request extraction in Magpie: events, schemas and temporal joins
Proceedings of the 11th workshop on ACM SIGOPS European workshop
Dynamic instrumentation of production systems
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Measuring and characterizing system behavior using kernel-level event logging
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Fine grained kernel logging with KLogger: experience and insights
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
EventScript: an event-processing language based on regular expressions with actions
Proceedings of the 2008 ACM SIGPLAN-SIGBED conference on Languages, compilers, and tools for embedded systems
Efficient pattern matching over event streams
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
| Hi-index | 0.00 |
Different approaches were proposed for the logging of operating system kernel events. In general, the resulting logfiles are huge and have to be analyzed by administrators, who try to identify problems and derive adequate actions. The idea of autonomic computing is to automate such tasks. As an important step towards this vision, computer systems have to be self-aware, i.e. they must be able to detect their runtime state and react if certain problems are detected. In contrast to control-theory based approaches for autonomic computing, the processing of discrete eventstreams offers the possibility of detecting singular events such as attacks or failing components directly. Our proposed runtime environment (1) processes event pattern descriptions, (2) combines events generated by usermode applications and the operating system kernel, (3) can be integrated into the operating system kernel to handle the events as close to their source as possible, (4) adaptively chooses relevant events to keep system disturbance low, and (5) provides an API for the implementation of ideas of autonomic computing in context of reactions to event patterns. In this paper, the event pattern specification language and the runtime environment are described. The described prototype implements the envisioned runtime environment in user-mode and is able to look for event patterns in prerecorded event logfiles. Additionally, an outlook on the planned operating system kernel integration is given.