SlideShare a Scribd company logo

Applying ML for Log Analysis

Download as PPTX, PDF
DoiT International
DoiT International

We already trust artificial intelligence to drive our car, but we still configure thresholds and thrift through logs manually. In this talk, Ronny Lehmann, Loom CTO will discuss how he spent months analyzing modern-ops work, until he finally was able to extract the common-basis practices; and how we used this understanding to build a machine that complements ops teams, automating much of the work which is more suitable for machines - leaving for "humans" just the parts which require humans. What we built saves you time spent on parsers, on configuring and tuning rules and alerts, on conducting root-cause analysis and triage - and finally - on figuring out what to do.

Internet
1 of 27
Applying AI for Log Analysis July 2017
Confidential and Proprietary July 2017 Hi! Ronny Lehmann CTO & Founder – Loom Systems Formerly 8200, BioCatch Machine-Learning | High-performance Cloud-Computing @ronnyle_mann
Confidential and Proprietary July 2017 Founded in April 2015 30 people (5 in San Francisco) Bootstrap for 2 first years, recently funded Hiring very much
Confidential and Proprietary July 2017 Today’s Big-Data Bottleneck: You are. 2000’s Big-Data Bottlenecks: ✓ Storing ✓ Querying ✓ Real-time processing
Confidential and Proprietary July 2017 Good dev(ops) are hard-to-find Employee tenure very low (<3yrs. Source: PayScale) Operations is Tribal Knowledge Machines are very loyal, never ask for a raise and have excellent memory. Can (some) of this be done with machines?
Confidential and Proprietary July 2017 ➜“I’ve been hearing this for 20 years” Total Recall, a movie based on a book from 1966, featuring a self-driving car as science fiction. If Artificial-Intelligence has matured enough to drive your car, it can probably also help with your IT. Skeptic?!
Confidential and Proprietary July 2017 • Real-time trend detection • Pattern Recognition • Large Dimensionality • Complex State • Strict Methodology HUMANS Good at top-down tasks BOTS Superior at bottom-up tasks • Deep reasoning • Contextual thinking • Tired • Bored • Lazy • Frustrated • Married
Confidential and Proprietary July 2017 That’s what we do @ Loom Systems AIOps - Algorithmic IT operations Use Big Data and Machine Learning Technologies to Achieve a Data-Centric Approach to Availability and Performance Monitoring. Extend the Data-Centric Approach to Other ITOM (IT Operations Monitoring) Disciplines, and Seek to Exploit the Linkages It Allows Between ITOM, SIEM and Business Analytics
Confidential and Proprietary July 2017 Action •Remedy •Recommendation •Insight •Knowledge Root-Cause Analysis •Aggregation •Correlation •Causality Data Modelling •Visualizations •Define KPIs •Reporting •Rules & Thresholds Data Preparation •Collection •Normalization •Sanitizing •Preprocessing Cracking the science behind data-science
Confidential and Proprietary July 2017 Loom Ops – real-time AIOps Processing Semi-structured -> Structured Data MLP & Pattern Recognition Measure-All Analysis Behavior Tracking Anomaly Detection & Trend Prediction Correlation Engine Alerting Incident Enrichment Insights Engine Routing
Confidential and Proprietary July 2017 Three layers of context Generic Context Something being mentioned more than normal, or is appearing after long absence Something stopped/started happening Common Business Context Semantical words (timeout, Trojan, failure) Common Software Proprietary Business Context Names of business products, servers, applications..
Confidential and Proprietary July 2017 Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port 48278 ssh2 Processing Generic context – rate of this pattern in the logs Common Business Context – ➜ Contextual words (Warn, Failed) ➜ Common Entities (User, IP, ssh) Proprietary Business Context – ➜ Server Name Real-time Sturcturing, Clustering Token & Entity Extraction and Classification HistogrammegatronServer MetersshdApplication MeterronnyUser Meter192.168.118.1source_IP Random48278source_port Failed password for user [user] from [source_IP] port [source_port] ssh2
Confidential and Proprietary July 2017 Automatic Structuring
Confidential and Proprietary July 2017 Loom Ops – real-time AIOps Processing Semi-structured -> Structured Data MLP & Pattern Recognition Measure-All Analysis Behavior Tracking Anomaly Detection & Trend Prediction Correlation Engine Alerting Incident Enrichment Insights Engine Routing
Confidential and Proprietary July 2017 - This is not (only) anomaly-detection (!) Algorithms 3σ Baseline ARIMA Feature extraction Detection & Alerting History Scoring Self Feedback User Direct and Indirect Feedback Detection When tracking up to 1M signals -> must automatically determine what kind of detections are interesting for every signal (examples: website response time, ad- click rate)
Confidential and Proprietary July 2017 Root-Cause Analysis When something breaks, anomalies are everywhere. How do you know what to fix?
Confidential and Proprietary July 2017 Root-Cause Analysis When something breaks, everything starts complaining. How do you know what to fix?
Confidential and Proprietary July 2017 Automated Root-Cause Analysis. Aggregating the detections, correlating and determining causality between them. How?: ➜ Time-based causality ➜ Relationship-based analysis ➜ Graphs-based analysis Root-Cause Analysis
Confidential and Proprietary July 2017 Examples
Confidential and Proprietary July 2017 Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:57 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.16 port… Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user dror from 192.168.118.4 port… Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user john from 192.168.118.14 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user dan from 192.168.118.121 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user gab from 192.168.118.51 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user anna from 192.168.118.66 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user dan from 192.168.118.123 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user jim from 192.168.118.133 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user nate from 192.168.118.201 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user stan from 192.168.118.194 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user paul from 192.168.118.144 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user avi from 192.168.118.81 port… Sep 27 14:25:57 megatron sshd[7498]: WARN - Failed password for user stas from 192.168.118.54 port… ronny is mentioned more than normal in the context of ssh failures The context of ssh failures is mentioned more than normal Root-Cause Analysis – Relationship Based
Confidential and Proprietary July 2017 Root-Cause Analysis- Graph Based
Confidential and Proprietary July 2017 Root-Cause Analysis- Graph Based
Confidential and Proprietary July 2017 Correlated Incidents
Confidential and Proprietary July 2017 Processing Semi-structured -> Structured Data MLP & Pattern Recognition Measure-All Analysis Behavior Tracking Anomaly Detection & Trend Prediction Correlation Engine Alerting Incident Enrichment Insights Engine Routing Real-Time AIOps
Confidential and Proprietary July 2017 Countering Alert Flooding / Alert Fatigue ➜ Overall rate of incidents ➜ Quality of an incident An incident report: ➜ Root-Cause Analysis ➜ History of similar incidents ➜ Insights & Recommendations Incident Enrichments
Confidential and Proprietary July 2017 Incident Enrichments
Thank you! (still hiring very much)

Recommended

平成生まれのための MINIX 講座
平成生まれのための MINIX 講座平成生まれのための MINIX 講座
平成生まれのための MINIX 講座TAKANO Mitsuhiro
 
MySQLアンチパターン
MySQLアンチパターンMySQLアンチパターン
MySQLアンチパターンyoku0825
 
全文検索でRedmineをさらに活用!
全文検索でRedmineをさらに活用!全文検索でRedmineをさらに活用!
全文検索でRedmineをさらに活用!Kouhei Sutou
 
モダン PHP テクニック 12 選 ―PsalmとPHP 8.1で今はこんなこともできる!―
モダン PHP テクニック 12 選 ―PsalmとPHP 8.1で今はこんなこともできる!―モダン PHP テクニック 12 選 ―PsalmとPHP 8.1で今はこんなこともできる!―
モダン PHP テクニック 12 選 ―PsalmとPHP 8.1で今はこんなこともできる!―shinjiigarashi
 
Redmineチューニングの実際と限界(旧資料) - Redmine performance tuning(old), See Below.
Redmineチューニングの実際と限界(旧資料) - Redmine performance tuning(old), See Below.Redmineチューニングの実際と限界(旧資料) - Redmine performance tuning(old), See Below.
Redmineチューニングの実際と限界(旧資料) - Redmine performance tuning(old), See Below.Kuniharu(州晴) AKAHANE(赤羽根)
 
Query Optimization with MySQL 5.6: Old and New Tricks - Percona Live London 2013
Query Optimization with MySQL 5.6: Old and New Tricks - Percona Live London 2013Query Optimization with MySQL 5.6: Old and New Tricks - Percona Live London 2013
Query Optimization with MySQL 5.6: Old and New Tricks - Percona Live London 2013Jaime Crespo
 
PHP で実行中のスクリプトの動作を下から覗き見る
PHP で実行中のスクリプトの動作を下から覗き見るPHP で実行中のスクリプトの動作を下から覗き見る
PHP で実行中のスクリプトの動作を下から覗き見るshinjiigarashi
 
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)Kuniyasu Suzaki
 

Recommended

平成生まれのための MINIX 講座
平成生まれのための MINIX 講座平成生まれのための MINIX 講座
平成生まれのための MINIX 講座TAKANO Mitsuhiro
 
MySQLアンチパターン
MySQLアンチパターンMySQLアンチパターン
MySQLアンチパターンyoku0825
 
全文検索でRedmineをさらに活用!
全文検索でRedmineをさらに活用!全文検索でRedmineをさらに活用!
全文検索でRedmineをさらに活用!Kouhei Sutou
 
モダン PHP テクニック 12 選 ―PsalmとPHP 8.1で今はこんなこともできる!―
モダン PHP テクニック 12 選 ―PsalmとPHP 8.1で今はこんなこともできる!―モダン PHP テクニック 12 選 ―PsalmとPHP 8.1で今はこんなこともできる!―
モダン PHP テクニック 12 選 ―PsalmとPHP 8.1で今はこんなこともできる!―shinjiigarashi
 
Redmineチューニングの実際と限界(旧資料) - Redmine performance tuning(old), See Below.
Redmineチューニングの実際と限界(旧資料) - Redmine performance tuning(old), See Below.Redmineチューニングの実際と限界(旧資料) - Redmine performance tuning(old), See Below.
Redmineチューニングの実際と限界(旧資料) - Redmine performance tuning(old), See Below.Kuniharu(州晴) AKAHANE(赤羽根)
 
Query Optimization with MySQL 5.6: Old and New Tricks - Percona Live London 2013
Query Optimization with MySQL 5.6: Old and New Tricks - Percona Live London 2013Query Optimization with MySQL 5.6: Old and New Tricks - Percona Live London 2013
Query Optimization with MySQL 5.6: Old and New Tricks - Percona Live London 2013Jaime Crespo
 
PHP で実行中のスクリプトの動作を下から覗き見る
PHP で実行中のスクリプトの動作を下から覗き見るPHP で実行中のスクリプトの動作を下から覗き見る
PHP で実行中のスクリプトの動作を下から覗き見るshinjiigarashi
 
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)
3種類のTEE比較(Intel SGX, ARM TrustZone, RISC-V Keystone)Kuniyasu Suzaki
 
Athenz + SPIFFE によるアクセス制御
Athenz + SPIFFE によるアクセス制御Athenz + SPIFFE によるアクセス制御
Athenz + SPIFFE によるアクセス制御Yahoo!デベロッパーネットワーク
 
外部キー制約に伴うロックの小話
外部キー制約に伴うロックの小話外部キー制約に伴うロックの小話
外部キー制約に伴うロックの小話ichirin2501
 
JSON SchemaとPHP
JSON SchemaとPHPJSON SchemaとPHP
JSON SchemaとPHPHiraku Nakano
 
OSC東京2013/Spring_JPUG資料
OSC東京2013/Spring_JPUG資料OSC東京2013/Spring_JPUG資料
OSC東京2013/Spring_JPUG資料Chika SATO
 
ジョブ管理でcronは限界があったので”Rundeck”を使ってハッピーになりました
ジョブ管理でcronは限界があったので”Rundeck”を使ってハッピーになりましたジョブ管理でcronは限界があったので”Rundeck”を使ってハッピーになりました
ジョブ管理でcronは限界があったので”Rundeck”を使ってハッピーになりましたYukiya Hayashi
 
Keycloakの実際・翻訳プロジェクト紹介
Keycloakの実際・翻訳プロジェクト紹介Keycloakの実際・翻訳プロジェクト紹介
Keycloakの実際・翻訳プロジェクト紹介Hiroyuki Wada
 
ドメイン駆動設計入門
ドメイン駆動設計入門ドメイン駆動設計入門
ドメイン駆動設計入門Takuya Kitamura
 
Solving PostgreSQL wicked problems
Solving PostgreSQL wicked problemsSolving PostgreSQL wicked problems
Solving PostgreSQL wicked problemsAlexander Korotkov
 
劇的改善 Ci4時間から5分へ〜私がやった10のこと〜
劇的改善 Ci4時間から5分へ〜私がやった10のこと〜劇的改善 Ci4時間から5分へ〜私がやった10のこと〜
劇的改善 Ci4時間から5分へ〜私がやった10のこと〜aha_oretama
 
Splunk 6.4 Administration.pdf
Splunk 6.4 Administration.pdfSplunk 6.4 Administration.pdf
Splunk 6.4 Administration.pdfnitinscribd
 
ドメインロジックに集中せよ 〜ドメイン駆動設計 powered by Spring
ドメインロジックに集中せよ 〜ドメイン駆動設計 powered by Springドメインロジックに集中せよ 〜ドメイン駆動設計 powered by Spring
ドメインロジックに集中せよ 〜ドメイン駆動設計 powered by Spring増田 亨
 
Spring fest2020 spring-security
Spring fest2020 spring-securitySpring fest2020 spring-security
Spring fest2020 spring-security土岐 孝平
 
Domain Driven Design with the F# type System -- F#unctional Londoners 2014
Domain Driven Design with the F# type System -- F#unctional Londoners 2014Domain Driven Design with the F# type System -- F#unctional Londoners 2014
Domain Driven Design with the F# type System -- F#unctional Londoners 2014Scott Wlaschin
 
MySQL Group Replication
MySQL Group ReplicationMySQL Group Replication
MySQL Group ReplicationKenny Gryp
 
とあるメーカーのRedmine活用事例
とあるメーカーのRedmine活用事例とあるメーカーのRedmine活用事例
とあるメーカーのRedmine活用事例agileware_jp
 
Vectors are the new JSON in PostgreSQL
Vectors are the new JSON in PostgreSQLVectors are the new JSON in PostgreSQL
Vectors are the new JSON in PostgreSQLJonathan Katz
 
HTTP/2 入門
HTTP/2 入門HTTP/2 入門
HTTP/2 入門Yahoo!デベロッパーネットワーク
 
ドメインロジックの実装方法とドメイン駆動設計
ドメインロジックの実装方法とドメイン駆動設計ドメインロジックの実装方法とドメイン駆動設計
ドメインロジックの実装方法とドメイン駆動設計Tadayoshi Sato
 
MySQLの文字コード事情 2017春版
MySQLの文字コード事情 2017春版MySQLの文字コード事情 2017春版
MySQLの文字コード事情 2017春版Masahiro Tomita
 
Field collapsing/Result groupingについて
Field collapsing/Result groupingについてField collapsing/Result groupingについて
Field collapsing/Result groupingについてJun Ohtani
 
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...Amazon Web Services
 
"Black Clouds and Silver Linings in Node.js Security" Liran Tal
"Black Clouds and Silver Linings in Node.js Security" Liran Tal"Black Clouds and Silver Linings in Node.js Security" Liran Tal
"Black Clouds and Silver Linings in Node.js Security" Liran TalJulia Cherniak
 

More Related Content

What's hot

外部キー制約に伴うロックの小話
外部キー制約に伴うロックの小話外部キー制約に伴うロックの小話
外部キー制約に伴うロックの小話ichirin2501
 
OSC東京2013/Spring_JPUG資料
OSC東京2013/Spring_JPUG資料OSC東京2013/Spring_JPUG資料
OSC東京2013/Spring_JPUG資料Chika SATO
 
ジョブ管理でcronは限界があったので”Rundeck”を使ってハッピーになりました
ジョブ管理でcronは限界があったので”Rundeck”を使ってハッピーになりましたジョブ管理でcronは限界があったので”Rundeck”を使ってハッピーになりました
ジョブ管理でcronは限界があったので”Rundeck”を使ってハッピーになりましたYukiya Hayashi
 
Keycloakの実際・翻訳プロジェクト紹介
Keycloakの実際・翻訳プロジェクト紹介Keycloakの実際・翻訳プロジェクト紹介
Keycloakの実際・翻訳プロジェクト紹介Hiroyuki Wada
 
ドメイン駆動設計入門
ドメイン駆動設計入門ドメイン駆動設計入門
ドメイン駆動設計入門Takuya Kitamura
 
Solving PostgreSQL wicked problems
Solving PostgreSQL wicked problemsSolving PostgreSQL wicked problems
Solving PostgreSQL wicked problemsAlexander Korotkov
 
劇的改善 Ci4時間から5分へ〜私がやった10のこと〜
劇的改善 Ci4時間から5分へ〜私がやった10のこと〜劇的改善 Ci4時間から5分へ〜私がやった10のこと〜
劇的改善 Ci4時間から5分へ〜私がやった10のこと〜aha_oretama
 
Splunk 6.4 Administration.pdf
Splunk 6.4 Administration.pdfSplunk 6.4 Administration.pdf
Splunk 6.4 Administration.pdfnitinscribd
 
ドメインロジックに集中せよ 〜ドメイン駆動設計 powered by Spring
ドメインロジックに集中せよ 〜ドメイン駆動設計 powered by Springドメインロジックに集中せよ 〜ドメイン駆動設計 powered by Spring
ドメインロジックに集中せよ 〜ドメイン駆動設計 powered by Spring増田 亨
 
Spring fest2020 spring-security
Spring fest2020 spring-securitySpring fest2020 spring-security
Spring fest2020 spring-security土岐 孝平
 
Domain Driven Design with the F# type System -- F#unctional Londoners 2014
Domain Driven Design with the F# type System -- F#unctional Londoners 2014Domain Driven Design with the F# type System -- F#unctional Londoners 2014
Domain Driven Design with the F# type System -- F#unctional Londoners 2014Scott Wlaschin
 
MySQL Group Replication
MySQL Group ReplicationMySQL Group Replication
MySQL Group ReplicationKenny Gryp
 
とあるメーカーのRedmine活用事例
とあるメーカーのRedmine活用事例とあるメーカーのRedmine活用事例
とあるメーカーのRedmine活用事例agileware_jp
 
Vectors are the new JSON in PostgreSQL
Vectors are the new JSON in PostgreSQLVectors are the new JSON in PostgreSQL
Vectors are the new JSON in PostgreSQLJonathan Katz
 
ドメインロジックの実装方法とドメイン駆動設計
ドメインロジックの実装方法とドメイン駆動設計ドメインロジックの実装方法とドメイン駆動設計
ドメインロジックの実装方法とドメイン駆動設計Tadayoshi Sato
 
MySQLの文字コード事情 2017春版
MySQLの文字コード事情 2017春版MySQLの文字コード事情 2017春版
MySQLの文字コード事情 2017春版Masahiro Tomita
 
Field collapsing/Result groupingについて
Field collapsing/Result groupingについてField collapsing/Result groupingについて
Field collapsing/Result groupingについてJun Ohtani
 

What's hot (20)

Athenz + SPIFFE によるアクセス制御
Athenz + SPIFFE によるアクセス制御Athenz + SPIFFE によるアクセス制御
Athenz + SPIFFE によるアクセス制御
 
外部キー制約に伴うロックの小話
外部キー制約に伴うロックの小話外部キー制約に伴うロックの小話
外部キー制約に伴うロックの小話
 
JSON SchemaとPHP
JSON SchemaとPHPJSON SchemaとPHP
JSON SchemaとPHP
 
OSC東京2013/Spring_JPUG資料
OSC東京2013/Spring_JPUG資料OSC東京2013/Spring_JPUG資料
OSC東京2013/Spring_JPUG資料
 
ジョブ管理でcronは限界があったので”Rundeck”を使ってハッピーになりました
ジョブ管理でcronは限界があったので”Rundeck”を使ってハッピーになりましたジョブ管理でcronは限界があったので”Rundeck”を使ってハッピーになりました
ジョブ管理でcronは限界があったので”Rundeck”を使ってハッピーになりました
 
Keycloakの実際・翻訳プロジェクト紹介
Keycloakの実際・翻訳プロジェクト紹介Keycloakの実際・翻訳プロジェクト紹介
Keycloakの実際・翻訳プロジェクト紹介
 
ドメイン駆動設計入門
ドメイン駆動設計入門ドメイン駆動設計入門
ドメイン駆動設計入門
 
Solving PostgreSQL wicked problems
Solving PostgreSQL wicked problemsSolving PostgreSQL wicked problems
Solving PostgreSQL wicked problems
 
劇的改善 Ci4時間から5分へ〜私がやった10のこと〜
劇的改善 Ci4時間から5分へ〜私がやった10のこと〜劇的改善 Ci4時間から5分へ〜私がやった10のこと〜
劇的改善 Ci4時間から5分へ〜私がやった10のこと〜
 
Splunk 6.4 Administration.pdf
Splunk 6.4 Administration.pdfSplunk 6.4 Administration.pdf
Splunk 6.4 Administration.pdf
 
ドメインロジックに集中せよ 〜ドメイン駆動設計 powered by Spring
ドメインロジックに集中せよ 〜ドメイン駆動設計 powered by Springドメインロジックに集中せよ 〜ドメイン駆動設計 powered by Spring
ドメインロジックに集中せよ 〜ドメイン駆動設計 powered by Spring
 
Spring fest2020 spring-security
Spring fest2020 spring-securitySpring fest2020 spring-security
Spring fest2020 spring-security
 
Domain Driven Design with the F# type System -- F#unctional Londoners 2014
Domain Driven Design with the F# type System -- F#unctional Londoners 2014Domain Driven Design with the F# type System -- F#unctional Londoners 2014
Domain Driven Design with the F# type System -- F#unctional Londoners 2014
 
MySQL Group Replication
MySQL Group ReplicationMySQL Group Replication
MySQL Group Replication
 
とあるメーカーのRedmine活用事例
とあるメーカーのRedmine活用事例とあるメーカーのRedmine活用事例
とあるメーカーのRedmine活用事例
 
Vectors are the new JSON in PostgreSQL
Vectors are the new JSON in PostgreSQLVectors are the new JSON in PostgreSQL
Vectors are the new JSON in PostgreSQL
 
HTTP/2 入門
HTTP/2 入門HTTP/2 入門
HTTP/2 入門
 
ドメインロジックの実装方法とドメイン駆動設計
ドメインロジックの実装方法とドメイン駆動設計ドメインロジックの実装方法とドメイン駆動設計
ドメインロジックの実装方法とドメイン駆動設計
 
MySQLの文字コード事情 2017春版
MySQLの文字コード事情 2017春版MySQLの文字コード事情 2017春版
MySQLの文字コード事情 2017春版
 
Field collapsing/Result groupingについて
Field collapsing/Result groupingについてField collapsing/Result groupingについて
Field collapsing/Result groupingについて
 

Similar to Applying ML for Log Analysis

Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...Amazon Web Services
 
"Black Clouds and Silver Linings in Node.js Security" Liran Tal
"Black Clouds and Silver Linings in Node.js Security" Liran Tal"Black Clouds and Silver Linings in Node.js Security" Liran Tal
"Black Clouds and Silver Linings in Node.js Security" Liran TalJulia Cherniak
 
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaInsider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaRaffael Marty
 
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...Matt Raible
 
Melbourne Groundbreakers Tour - Hints and Tips
Melbourne Groundbreakers Tour - Hints and TipsMelbourne Groundbreakers Tour - Hints and Tips
Melbourne Groundbreakers Tour - Hints and TipsConnor McDonald
 
MongoDB World 2019: MongoDB Implementation at T-Mobile
MongoDB World 2019: MongoDB Implementation at T-MobileMongoDB World 2019: MongoDB Implementation at T-Mobile
MongoDB World 2019: MongoDB Implementation at T-MobileMongoDB
 
Infecting the Embedded Supply Chain
Infecting the Embedded Supply Chain Infecting the Embedded Supply Chain
Infecting the Embedded Supply ChainPriyanka Aash
 
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...Matt Raible
 
A Taxonomy of Clustering, or, No Container is an Island
A Taxonomy of Clustering, or, No Container is an IslandA Taxonomy of Clustering, or, No Container is an Island
A Taxonomy of Clustering, or, No Container is an IslandTed M. Young
 
Backing Up Android
Backing Up AndroidBacking Up Android
Backing Up AndroidPOSSCON
 
Starbase: Graph-Based Security Analysis for Everyone
Starbase: Graph-Based Security Analysis for EveryoneStarbase: Graph-Based Security Analysis for Everyone
Starbase: Graph-Based Security Analysis for EveryoneNeo4j
 
OpenWorld 2018 - 20 years of hints and tips
OpenWorld 2018 - 20 years of hints and tipsOpenWorld 2018 - 20 years of hints and tips
OpenWorld 2018 - 20 years of hints and tipsConnor McDonald
 
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and InfraLock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and InfraVMware Tanzu
 
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...Matt Raible
 
Securing Prometheus. Lessons Learned from OpenShift.pdf
Securing Prometheus. Lessons Learned from OpenShift.pdfSecuring Prometheus. Lessons Learned from OpenShift.pdf
Securing Prometheus. Lessons Learned from OpenShift.pdfJesús Ángel Samitier
 
Unified Data Platform, by Pauline Yeung of Cisco Systems
Unified Data Platform, by Pauline Yeung of Cisco SystemsUnified Data Platform, by Pauline Yeung of Cisco Systems
Unified Data Platform, by Pauline Yeung of Cisco SystemsAltinity Ltd
 
Migrating PostgreSQL to the Cloud
Migrating PostgreSQL to the CloudMigrating PostgreSQL to the Cloud
Migrating PostgreSQL to the CloudMike Fowler
 
Cisco Connect 2018 Indonesia - Introducing cisco dna assurance
Cisco Connect 2018 Indonesia - Introducing cisco dna assurance Cisco Connect 2018 Indonesia - Introducing cisco dna assurance
Cisco Connect 2018 Indonesia - Introducing cisco dna assurance NetworkCollaborators
 
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchaginstackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat KorchaginNETWAYS
 
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...NoNameCon
 

Similar to Applying ML for Log Analysis (20)

Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
 
"Black Clouds and Silver Linings in Node.js Security" Liran Tal
"Black Clouds and Silver Linings in Node.js Security" Liran Tal"Black Clouds and Silver Linings in Node.js Security" Liran Tal
"Black Clouds and Silver Linings in Node.js Security" Liran Tal
 
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaInsider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
 
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...
 
Melbourne Groundbreakers Tour - Hints and Tips
Melbourne Groundbreakers Tour - Hints and TipsMelbourne Groundbreakers Tour - Hints and Tips
Melbourne Groundbreakers Tour - Hints and Tips
 
MongoDB World 2019: MongoDB Implementation at T-Mobile
MongoDB World 2019: MongoDB Implementation at T-MobileMongoDB World 2019: MongoDB Implementation at T-Mobile
MongoDB World 2019: MongoDB Implementation at T-Mobile
 
Infecting the Embedded Supply Chain
Infecting the Embedded Supply Chain Infecting the Embedded Supply Chain
Infecting the Embedded Supply Chain
 
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...
 
A Taxonomy of Clustering, or, No Container is an Island
A Taxonomy of Clustering, or, No Container is an IslandA Taxonomy of Clustering, or, No Container is an Island
A Taxonomy of Clustering, or, No Container is an Island
 
Backing Up Android
Backing Up AndroidBacking Up Android
Backing Up Android
 
Starbase: Graph-Based Security Analysis for Everyone
Starbase: Graph-Based Security Analysis for EveryoneStarbase: Graph-Based Security Analysis for Everyone
Starbase: Graph-Based Security Analysis for Everyone
 
OpenWorld 2018 - 20 years of hints and tips
OpenWorld 2018 - 20 years of hints and tipsOpenWorld 2018 - 20 years of hints and tips
OpenWorld 2018 - 20 years of hints and tips
 
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and InfraLock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra
 
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
 
Securing Prometheus. Lessons Learned from OpenShift.pdf
Securing Prometheus. Lessons Learned from OpenShift.pdfSecuring Prometheus. Lessons Learned from OpenShift.pdf
Securing Prometheus. Lessons Learned from OpenShift.pdf
 
Unified Data Platform, by Pauline Yeung of Cisco Systems
Unified Data Platform, by Pauline Yeung of Cisco SystemsUnified Data Platform, by Pauline Yeung of Cisco Systems
Unified Data Platform, by Pauline Yeung of Cisco Systems
 
Migrating PostgreSQL to the Cloud
Migrating PostgreSQL to the CloudMigrating PostgreSQL to the Cloud
Migrating PostgreSQL to the Cloud
 
Cisco Connect 2018 Indonesia - Introducing cisco dna assurance
Cisco Connect 2018 Indonesia - Introducing cisco dna assurance Cisco Connect 2018 Indonesia - Introducing cisco dna assurance
Cisco Connect 2018 Indonesia - Introducing cisco dna assurance
 
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchaginstackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin
 
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...
Jeremiah O'Connor & David Maynor - Chasing the Crypto Workshop: Tracking Fina...
 

More from DoiT International

Terraform Modules Restructured
Terraform Modules RestructuredTerraform Modules Restructured
Terraform Modules RestructuredDoiT International
 
GAN training with Tensorflow and Tensor Cores
GAN training with Tensorflow and Tensor CoresGAN training with Tensorflow and Tensor Cores
GAN training with Tensorflow and Tensor CoresDoiT International
 
Orchestrating Redis & K8s Operators
Orchestrating Redis & K8s OperatorsOrchestrating Redis & K8s Operators
Orchestrating Redis & K8s OperatorsDoiT International
 
K8s best practices from the field!
K8s best practices from the field!K8s best practices from the field!
K8s best practices from the field!DoiT International
 
An Open-Source Platform to Connect, Manage, and Secure Microservices
An Open-Source Platform to Connect, Manage, and Secure MicroservicesAn Open-Source Platform to Connect, Manage, and Secure Microservices
An Open-Source Platform to Connect, Manage, and Secure MicroservicesDoiT International
 
Is your Elastic Cluster Stable and Production Ready?
Is your Elastic Cluster Stable and Production Ready?Is your Elastic Cluster Stable and Production Ready?
Is your Elastic Cluster Stable and Production Ready?DoiT International
 
Cloud Dataflow - A Unified Model for Batch and Streaming Data Processing
Cloud Dataflow - A Unified Model for Batch and Streaming Data ProcessingCloud Dataflow - A Unified Model for Batch and Streaming Data Processing
Cloud Dataflow - A Unified Model for Batch and Streaming Data ProcessingDoiT International
 
AWS Cyber Security Best Practices
AWS Cyber Security Best PracticesAWS Cyber Security Best Practices
AWS Cyber Security Best PracticesDoiT International
 
Amazon Athena Hands-On Workshop
Amazon Athena Hands-On WorkshopAmazon Athena Hands-On Workshop
Amazon Athena Hands-On WorkshopDoiT International
 
AWS Athena vs. Google BigQuery for interactive SQL Queries
AWS Athena vs. Google BigQuery for interactive SQL QueriesAWS Athena vs. Google BigQuery for interactive SQL Queries
AWS Athena vs. Google BigQuery for interactive SQL QueriesDoiT International
 
Google BigQuery 101 & What’s New
Google BigQuery 101 & What’s NewGoogle BigQuery 101 & What’s New
Google BigQuery 101 & What’s NewDoiT International
 
Running Production-Grade Kubernetes on AWS
Running Production-Grade Kubernetes on AWSRunning Production-Grade Kubernetes on AWS
Running Production-Grade Kubernetes on AWSDoiT International
 
Scaling Jenkins with Kubernetes by Ami Mahloof
Scaling Jenkins with Kubernetes by Ami MahloofScaling Jenkins with Kubernetes by Ami Mahloof
Scaling Jenkins with Kubernetes by Ami MahloofDoiT International
 
CI Implementation with Kubernetes at LivePerson by Saar Demri
CI Implementation with Kubernetes at LivePerson by Saar DemriCI Implementation with Kubernetes at LivePerson by Saar Demri
CI Implementation with Kubernetes at LivePerson by Saar DemriDoiT International
 
Kubernetes @ Nanit by Chen Fisher
Kubernetes @ Nanit by Chen FisherKubernetes @ Nanit by Chen Fisher
Kubernetes @ Nanit by Chen FisherDoiT International
 
Dataflow - A Unified Model for Batch and Streaming Data Processing
Dataflow - A Unified Model for Batch and Streaming Data ProcessingDataflow - A Unified Model for Batch and Streaming Data Processing
Dataflow - A Unified Model for Batch and Streaming Data ProcessingDoiT International
 
Kubernetes - State of the Union (Q1-2016)
Kubernetes - State of the Union (Q1-2016)Kubernetes - State of the Union (Q1-2016)
Kubernetes - State of the Union (Q1-2016)DoiT International
 

More from DoiT International (19)

Terraform Modules Restructured
Terraform Modules RestructuredTerraform Modules Restructured
Terraform Modules Restructured
 
GAN training with Tensorflow and Tensor Cores
GAN training with Tensorflow and Tensor CoresGAN training with Tensorflow and Tensor Cores
GAN training with Tensorflow and Tensor Cores
 
Orchestrating Redis & K8s Operators
Orchestrating Redis & K8s OperatorsOrchestrating Redis & K8s Operators
Orchestrating Redis & K8s Operators
 
K8s best practices from the field!
K8s best practices from the field!K8s best practices from the field!
K8s best practices from the field!
 
An Open-Source Platform to Connect, Manage, and Secure Microservices
An Open-Source Platform to Connect, Manage, and Secure MicroservicesAn Open-Source Platform to Connect, Manage, and Secure Microservices
An Open-Source Platform to Connect, Manage, and Secure Microservices
 
Is your Elastic Cluster Stable and Production Ready?
Is your Elastic Cluster Stable and Production Ready?Is your Elastic Cluster Stable and Production Ready?
Is your Elastic Cluster Stable and Production Ready?
 
GCP for AWS Professionals
GCP for AWS ProfessionalsGCP for AWS Professionals
GCP for AWS Professionals
 
Cloud Dataflow - A Unified Model for Batch and Streaming Data Processing
Cloud Dataflow - A Unified Model for Batch and Streaming Data ProcessingCloud Dataflow - A Unified Model for Batch and Streaming Data Processing
Cloud Dataflow - A Unified Model for Batch and Streaming Data Processing
 
AWS Cyber Security Best Practices
AWS Cyber Security Best PracticesAWS Cyber Security Best Practices
AWS Cyber Security Best Practices
 
Google Cloud Spanner Preview
Google Cloud Spanner PreviewGoogle Cloud Spanner Preview
Google Cloud Spanner Preview
 
Amazon Athena Hands-On Workshop
Amazon Athena Hands-On WorkshopAmazon Athena Hands-On Workshop
Amazon Athena Hands-On Workshop
 
AWS Athena vs. Google BigQuery for interactive SQL Queries
AWS Athena vs. Google BigQuery for interactive SQL QueriesAWS Athena vs. Google BigQuery for interactive SQL Queries
AWS Athena vs. Google BigQuery for interactive SQL Queries
 
Google BigQuery 101 & What’s New
Google BigQuery 101 & What’s NewGoogle BigQuery 101 & What’s New
Google BigQuery 101 & What’s New
 
Running Production-Grade Kubernetes on AWS
Running Production-Grade Kubernetes on AWSRunning Production-Grade Kubernetes on AWS
Running Production-Grade Kubernetes on AWS
 
Scaling Jenkins with Kubernetes by Ami Mahloof
Scaling Jenkins with Kubernetes by Ami MahloofScaling Jenkins with Kubernetes by Ami Mahloof
Scaling Jenkins with Kubernetes by Ami Mahloof
 
CI Implementation with Kubernetes at LivePerson by Saar Demri
CI Implementation with Kubernetes at LivePerson by Saar DemriCI Implementation with Kubernetes at LivePerson by Saar Demri
CI Implementation with Kubernetes at LivePerson by Saar Demri
 
Kubernetes @ Nanit by Chen Fisher
Kubernetes @ Nanit by Chen FisherKubernetes @ Nanit by Chen Fisher
Kubernetes @ Nanit by Chen Fisher
 
Dataflow - A Unified Model for Batch and Streaming Data Processing
Dataflow - A Unified Model for Batch and Streaming Data ProcessingDataflow - A Unified Model for Batch and Streaming Data Processing
Dataflow - A Unified Model for Batch and Streaming Data Processing
 
Kubernetes - State of the Union (Q1-2016)
Kubernetes - State of the Union (Q1-2016)Kubernetes - State of the Union (Q1-2016)
Kubernetes - State of the Union (Q1-2016)
 

Recently uploaded

Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneCall girls in Ahmedabad High profile
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Roomdivyansh0kumar0
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)Damian Radcliffe
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMgdsc13
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewingbigorange77
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一3sw2qly1
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Personfurqan222004
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 

Recently uploaded (20)

Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service ThaneRussian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
Russian Call Girls Thane Swara 8617697112 Independent Escort Service Thane
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
Vip Call Girls Aerocity ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Aerocity ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Aerocity ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Aerocity ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With RoomVIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
VIP Kolkata Call Girl Dum Dum 👉 8250192130 Available With Room
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)How is AI changing journalism? (v. April 2024)
How is AI changing journalism? (v. April 2024)
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
Git and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITMGit and Github workshop GDSC MLRITM
Git and Github workshop GDSC MLRITM
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Denver Web Design brochure for public viewing
Denver Web Design brochure for public viewingDenver Web Design brochure for public viewing
Denver Web Design brochure for public viewing
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
定制(CC毕业证书)美国美国社区大学毕业证成绩单原版一比一
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
Complet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled PersonComplet Documnetation for Smart Assistant Application for Disabled Person
Complet Documnetation for Smart Assistant Application for Disabled Person
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 

Applying ML for Log Analysis

  • 1. Applying AI for Log Analysis July 2017
  • 2. Confidential and Proprietary July 2017 Hi! Ronny Lehmann CTO & Founder – Loom Systems Formerly 8200, BioCatch Machine-Learning | High-performance Cloud-Computing @ronnyle_mann
  • 3. Confidential and Proprietary July 2017 Founded in April 2015 30 people (5 in San Francisco) Bootstrap for 2 first years, recently funded Hiring very much
  • 4. Confidential and Proprietary July 2017 Today’s Big-Data Bottleneck: You are. 2000’s Big-Data Bottlenecks: ✓ Storing ✓ Querying ✓ Real-time processing
  • 5. Confidential and Proprietary July 2017 Good dev(ops) are hard-to-find Employee tenure very low (<3yrs. Source: PayScale) Operations is Tribal Knowledge Machines are very loyal, never ask for a raise and have excellent memory. Can (some) of this be done with machines?
  • 6. Confidential and Proprietary July 2017 ➜“I’ve been hearing this for 20 years” Total Recall, a movie based on a book from 1966, featuring a self-driving car as science fiction. If Artificial-Intelligence has matured enough to drive your car, it can probably also help with your IT. Skeptic?!
  • 7. Confidential and Proprietary July 2017 • Real-time trend detection • Pattern Recognition • Large Dimensionality • Complex State • Strict Methodology HUMANS Good at top-down tasks BOTS Superior at bottom-up tasks • Deep reasoning • Contextual thinking • Tired • Bored • Lazy • Frustrated • Married
  • 8. Confidential and Proprietary July 2017 That’s what we do @ Loom Systems AIOps - Algorithmic IT operations Use Big Data and Machine Learning Technologies to Achieve a Data-Centric Approach to Availability and Performance Monitoring. Extend the Data-Centric Approach to Other ITOM (IT Operations Monitoring) Disciplines, and Seek to Exploit the Linkages It Allows Between ITOM, SIEM and Business Analytics
  • 9. Confidential and Proprietary July 2017 Action •Remedy •Recommendation •Insight •Knowledge Root-Cause Analysis •Aggregation •Correlation •Causality Data Modelling •Visualizations •Define KPIs •Reporting •Rules & Thresholds Data Preparation •Collection •Normalization •Sanitizing •Preprocessing Cracking the science behind data-science
  • 10. Confidential and Proprietary July 2017 Loom Ops – real-time AIOps Processing Semi-structured -> Structured Data MLP & Pattern Recognition Measure-All Analysis Behavior Tracking Anomaly Detection & Trend Prediction Correlation Engine Alerting Incident Enrichment Insights Engine Routing
  • 11. Confidential and Proprietary July 2017 Three layers of context Generic Context Something being mentioned more than normal, or is appearing after long absence Something stopped/started happening Common Business Context Semantical words (timeout, Trojan, failure) Common Software Proprietary Business Context Names of business products, servers, applications..
  • 12. Confidential and Proprietary July 2017 Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port 48278 ssh2 Processing Generic context – rate of this pattern in the logs Common Business Context – ➜ Contextual words (Warn, Failed) ➜ Common Entities (User, IP, ssh) Proprietary Business Context – ➜ Server Name Real-time Sturcturing, Clustering Token & Entity Extraction and Classification HistogrammegatronServer MetersshdApplication MeterronnyUser Meter192.168.118.1source_IP Random48278source_port Failed password for user [user] from [source_IP] port [source_port] ssh2
  • 13. Confidential and Proprietary July 2017 Automatic Structuring
  • 14. Confidential and Proprietary July 2017 Loom Ops – real-time AIOps Processing Semi-structured -> Structured Data MLP & Pattern Recognition Measure-All Analysis Behavior Tracking Anomaly Detection & Trend Prediction Correlation Engine Alerting Incident Enrichment Insights Engine Routing
  • 15. Confidential and Proprietary July 2017 - This is not (only) anomaly-detection (!) Algorithms 3σ Baseline ARIMA Feature extraction Detection & Alerting History Scoring Self Feedback User Direct and Indirect Feedback Detection When tracking up to 1M signals -> must automatically determine what kind of detections are interesting for every signal (examples: website response time, ad- click rate)
  • 16. Confidential and Proprietary July 2017 Root-Cause Analysis When something breaks, anomalies are everywhere. How do you know what to fix?
  • 17. Confidential and Proprietary July 2017 Root-Cause Analysis When something breaks, everything starts complaining. How do you know what to fix?
  • 18. Confidential and Proprietary July 2017 Automated Root-Cause Analysis. Aggregating the detections, correlating and determining causality between them. How?: ➜ Time-based causality ➜ Relationship-based analysis ➜ Graphs-based analysis Root-Cause Analysis
  • 19. Confidential and Proprietary July 2017 Examples
  • 20. Confidential and Proprietary July 2017 Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:57 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.1 port… Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user ronny from 192.168.118.16 port… Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user dror from 192.168.118.4 port… Sep 27 14:25:54 megatron sshd[7498]: WARN - Failed password for user john from 192.168.118.14 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user dan from 192.168.118.121 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user gab from 192.168.118.51 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user anna from 192.168.118.66 port… Sep 27 14:25:55 megatron sshd[7498]: WARN - Failed password for user dan from 192.168.118.123 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user jim from 192.168.118.133 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user nate from 192.168.118.201 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user stan from 192.168.118.194 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user paul from 192.168.118.144 port… Sep 27 14:25:56 megatron sshd[7498]: WARN - Failed password for user avi from 192.168.118.81 port… Sep 27 14:25:57 megatron sshd[7498]: WARN - Failed password for user stas from 192.168.118.54 port… ronny is mentioned more than normal in the context of ssh failures The context of ssh failures is mentioned more than normal Root-Cause Analysis – Relationship Based
  • 21. Confidential and Proprietary July 2017 Root-Cause Analysis- Graph Based
  • 22. Confidential and Proprietary July 2017 Root-Cause Analysis- Graph Based
  • 23. Confidential and Proprietary July 2017 Correlated Incidents
  • 24. Confidential and Proprietary July 2017 Processing Semi-structured -> Structured Data MLP & Pattern Recognition Measure-All Analysis Behavior Tracking Anomaly Detection & Trend Prediction Correlation Engine Alerting Incident Enrichment Insights Engine Routing Real-Time AIOps
  • 25. Confidential and Proprietary July 2017 Countering Alert Flooding / Alert Fatigue ➜ Overall rate of incidents ➜ Quality of an incident An incident report: ➜ Root-Cause Analysis ➜ History of similar incidents ➜ Insights & Recommendations Incident Enrichments
  • 26. Confidential and Proprietary July 2017 Incident Enrichments

Editor's Notes

  1. They’re called data-scientists but these are analysts, SRE’s, DevOps and others
  2. ASK: Who here believes that self-driving cars will be successful? This book was released exactly 50 years ago. Indeed, science fiction sometimes takes too long to become reality Seriously – let’s get skepticism out of the way – I’m going to be talking about a working concept. It’s not the car, or the street, or the stoplight. It’s the AI. AI is mature, it’s ready
  3. Humans are better at top-down, or open-ended questions, such as “where should I open my next branch” Machines are superior in rigorous and exhausting tasks, such as “keep track on our sales in every state, sliced by affiliates, browsers; let me know if something happens”? Can we split responsibility?
  4. Analysis is comprised of processing, analyzing, understanding, then acting. Loom Ops does the processing, analyzing, and – to some-extent – the understanding. We must have automated processing if we want to: Track much more Ingest many sources …
  5. Loom covers the generic and common contexts, and will be able to inter-connect them with proprietary contexts
  6. The single log line will automatically be processed and translated to 8 different metrics! This is without going into sequence analysis Can you see how hard it is to extract value from machine data?
  7. We suppress “always-broken” alerts. The Machine-Learning based prioritization and filtering is self adjusting so that the incidents rate fits the size of the team
  8. Detection is very hard and usually ends with a vague lead – such as user complaints, high CPU You then go to the logs (single source of truth) but there’s all this noise. You find many unusual things in different log streams. This is RCA – the process of understanding that the kids are fighting, not because Silvia pushed John and he pushed back, but because they’re hungry
  9. Can you see how hard it is to extract value from machine data?
  10. The ops guy gets an alert – high-cpu on Authentication server. He starts searching the logs for errors, and after some serious amount of work, he narrows it down to this log line. Can you tell the difference in the meaning of the two scenarios?
  11. When things go wrong, it’s hard to tell the chain of causality
  12. We have less alerts because we suppress “always-broken” alerts, and with the help of ML-based prioritization and filtering. This reaches a much better result when compared to a human-built rule engine Can you see how hard it is to extract value from machine data? Then, it’s the quality of the incident, translating to MTTR. Fuzzy matching is crucial because no one uses ticketing systems. You need to get it in “push”. And you need to be able to provide simple, fast feedback
  13. BTW, Anomaly detection makes it possible for us to suppress “always-broken” alerts. We also used Machine-Learning based prioritization and filtering – we adjust the incidents rate to the size of the team. Fuzzy matching is crucial because no one uses ticketing systems. You need to get it in “push”. And you need to be able to provide simple, fast feedback