TAMI II for System Logs


  1. Problem and Motivation


Log files can be viewed as a systematic record keeping of activities perform on a particular computer system, these logs can be examined to monitor, or audit subsystems, users and networks, files transfer, network activities, intrusion detection, hardware and software errors. All Linux and Unix servers possess logging capability and generate log messages that informs the user of server health and used to help diagnose the server whenever problems arise or has the potential to, and also used to help in the prognosis to determine the corrective action. Considering how thorough a log management system can perform, it can collect more data than can be reasonably analyzed by human effort and in many situations, analysis is only performed after some computer problem has occurred. Log management and log analysis is an integral part of maintaining server health. The volume, quantity, and variety of logs aforementioned can become so large on just one server that it could take hours, days, and even weeks to manually parse to adjudicate the server’s condition.


What’s more, if that in an enterprise environment there’s a multitude of servers, some with multiple roles. These servers run day and night nonstop, which means logs are generated on a continuous basis. This makes the adjudication process even more problematic. This may often require external data-mining and analytics as the only feasible course for analysis. In many situations, whatever analysis is performed is done only after some computer problem has occurred. 

  1. M.I.S.S.  (Mission Integration Stress State) Histories 


Analysis of M.I.S.S. Histories uses basic epistemic logging file analysis while considering an organization's mission and use cases. M.I.S.S. Histories Analysis can be used to facilitate:


  1.    Use Case Audits

  2.     Computer Forensics

  3.     Computer System Usage

  4.     Inter-related Log file Interpretations


by producing such deliverables as MISS and CSRL Metrics, TUF  Ratings, and UML Deployment, Component and Use Case Diagrams.


Read more ...

SAMPLE SYSLOG FILES

WHAT IS TAMI ?

(Transcript Analysis Mining Interpretation Software System)


We perform content analysis on digital transcripts of structured and semi-structured documents such as trial transcripts, surveys, hearings, interviews, interrogations, emails, and system logs (Epistemic Logging). By using text and data mining, concept/entity identification, sophisticated natural language processing, and knowledge representation methods, our TAMI software systems extract propositional knowledge, relationships and classifications then creates high quality visual summaries and visualizations.