TAMI II for System Logs

  1. Problem and Motivation

Log files can be viewed as a systematic record keeping of activities perform on a particular computer system, these logs can be examined to monitor, or audit subsystems, users and networks, files transfer, network activities, intrusion detection, hardware and software errors. All Linux and Unix servers possess logging capability and generate log messages that informs the user of server health and used to help diagnose the server whenever problems arise or has the potential to, and also used to help in the prognosis to determine the corrective action. Considering how thorough a log management system can perform, it can collect more data than can be reasonably analyzed by human effort and in many situations, analysis is only performed after some computer problem has occurred. Log management and log analysis is an integral part of maintaining server health. The volume, quantity, and variety of logs aforementioned can become so large on just one server that it could take hours, days, and even weeks to manually parse to adjudicate the server’s condition.

What’s more, if that in an enterprise environment there’s a multitude of servers, some with multiple roles. These servers run day and night nonstop, which means logs are generated on a continuous basis. This makes the adjudication process even more problematic. This may often require external data-mining and analytics as the only feasible course for analysis. In many situations, whatever analysis is performed is done only after some computer problem has occurred. 


(Transcript Analysis Mining Interpretation Software System)

We perform content analysis on digital transcripts of structured and semi-structured documents such as trial transcripts, surveys, hearings, interviews, interrogations, emails, and system logs (Epistemic Logging). By using text and data mining, concept/entity identification, sophisticated natural language processing, and knowledge representation methods, our TAMI software systems extract propositional knowledge, relationships and classifications then creates high quality visual summaries and visualizations.

  1. S.O.S (System Operational Status) Histories

Analysis of S.O.S. Histories uses basic epistemic logging file analysis to determine if negative or positive scenarios exist for your hardware and software. S.O.S. If any problems or potential problems identified in the SOS history are reflected in the current state of the system, TAMI II will  produce self-regulating cron agents and other such deliverables as 2nd Level Log Filtering used for Disaster Recovery. TAMI II will produce a Visual Summary of Negative and Positive Scenarios of hardware and software statuses that can be used for computer forensics and audits. Histories Analysis can be used to facilitate:

  1.    Preventative Maintenance

  2.     Disaster Recovery

  3.     Computer Forensics

  4.     Computer System Audits

  5.     Computer System Diagnostics

Read more ...