Análise de desempenho de Log Parsers da coleção Logpai em dados brutos de dispositivos Android

João Alfredo Bessa; Ricardo Filho; Girlana Souza; Larissa Pessoa; Raimundo Barreto; Rosiane de Freitas

doi:10.5753/wperformance.2024.2423

João Alfredo Bessa UFAM
Ricardo Filho UFAM
Girlana Souza UFAM
Larissa Pessoa UFAM
Raimundo Barreto UFAM
Rosiane de Freitas UFAM

DOI: https://doi.org/10.5753/wperformance.2024.2423

Resumo

O processo de estruturar arquivos de logs para melhor análise, ou “Log Parsing”, é crucial para extrair informações valiosas de registros gerados por sistemas de software, contribuindo na compreensão das operações e detecção de anomalias no sistema. Neste trabalho é realizada uma análise comparativa de oito ferramentas e modelos de parsing presentes na coleção Logpai, sendo eles, AEL, Brain, Drain, LFA, LogCluster, Logram, NuLog e SHISO, envolvendo dados brutos de Dispositivos Android. Os resultados apresentados demonstram uma perda de precisão nos modelos com instâncias sem pré-processamento, onde as ferramentas existentes apresentam grande dificuldade de manipular logs não tratados, com consequente baixa performance na análise de informações dos Logs Android brutos.

Referências

Cheng, C. C.-C., Shi, C., Gong, N. Z., and Guan, Y. (2021). Logextractor: Extracting digital evidence from android log messages via string and taint analysis. Forensic Science International: Digital Investigation, 37:301193.

Dai, H., Li, H., Chen, C.-S., Shang, W., and Chen, T.-H. (2020). Logram: Efficient log parsing using n n-gram dictionaries. IEEE Transactions on Software Engineering, 48(3):879–892.

Du, M. and Li, F. (2016). Spell: Streaming parsing of system event logs. In 2016 IEEE 16th International Conference on Data Mining (ICDM). IEEE.

He, P., Zhu, J., He, S., Li, J., and Lyu, M. R. (2017a). Towards automated log parsing for large-scale log data analysis. IEEE Transactions on Dependable and Secure Computing, 15(6):931–944.

He, P., Zhu, J., Zheng, Z., and Lyu, M. R. (2017b). Drain: An online log parsing approach with fixed depth tree. In 2017 IEEE international conference on web services (ICWS), pages 33–40. IEEE.

Jiang, Z., Hassan, A. E., Flora, P., and Hamann, G. (2008). Abstracting execution logs to execution events for enterprise applications (short paper). pages 181 – 186.

Mizutani, M. (2013). Incremental mining of system log format. In 2013 IEEE International Conference on Services Computing, pages 595–602. IEEE.

Nagappan, M. and Vouk, M. A. (2010). Abstracting log lines to log event types for mining software system logs. In 2010 7th IEEE Working Conference on Mining Software Repositories (MSR 2010), pages 114–117. IEEE.

Nedelkoski, S., Bogatinovski, J., Acker, A., Cardoso, J., and Kao, O. (2021). Self-supervised log parsing. In Machine Learning and Knowledge Discovery in Databases: Applied Data Science Track: European Conference, ECML PKDD 2020, Ghent, Belgium, September 14–18, 2020, Proceedings, Part IV, pages 122–138. Springer.

Vaarandi, R. and Pihelgas, M. (2015). Logcluster-a data clustering and pattern mining algorithm for event logs. In 2015 11th International conference on network and service management (CNSM), pages 1–7. IEEE.

Xu, W., Huang, L., Fox, A., Patterson, D., and Jordan, M. I. (2009). Detecting large-scale system problems by mining console logs. In Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, pages 117–132.

Yu, S., He, P., Chen, N., and Wu, Y. (2023). Brain: Log parsing with bidirectional parallel tree. IEEE Transactions on Services Computing, 16(5):3224–3237.

Zhu, J., He, S., He, P., Liu, J., and Lyu, M. R. (2023). Loghub: A large collection of system log datasets for ai-driven log analytics.

Zhu, J., He, S., Liu, J., He, P., Xie, Q., Zheng, Z., and Lyu, M. R. (2019). Tools and benchmarks for automated log parsing. In 2019 IEEE/ACM 41st International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP), pages 121–130. IEEE.