Tuesday, June 16, 2009

Workshop on the Analysis of System Logs (WASL) 2009 CFP

All Loggies everywhere:

WASL 2009 workshop is your chance to shine. This is also a chance to prove that something actually - gasp! - USEFUL and USABLE can come out of academic security research. Moreover, this workshop is designed to be a mix of academic and industry.

Full announcement follows below:

Workshop on the Analysis of System Logs (WASL) 2009
http://www.systemloganalysis.com Call for Papers

October 14, 2009
Big Sky, MT
(at SOSP)

FULL PAPER SUBMISSION: Monday, June 29th, 2009
AUTHOR NOTIFICATION: Monday, July 27, 2009
FINAL PAPERS DUE: Monday, September 14, 2009


System logs contain a wide variety of information about system status and health,
including events from various applications, daemons and drivers, as well as sampled
information such as resource utilization statistics. As such, these logs represent a
rich source of information for the analysis and diagnosis of system problems and
prediction of future system events. However, their lack of organization and the general
lack of semantic consistency between information from various software and hardware
vendors means that most of this information content is wasted. Indeed, today's
most popular log analysis technique is to use regular expressions to either detect
events of interest or to filter the log so that a human operator can examine it manually.
Clearly, this captures only a fraction of the information available in these logs and
does not scale to the large systems common in business and supercomputing environments.

This workshop will focus on novel techniques for extracting operationally useful
information from existing logs and methods to improve the information content of future
logs. Topics include but are not limited to:

o Reports on publicly available sources of sample log data.
o Log anonymization
o Log feature detection and extraction
o Prediction of malfunction or misuse based on log data
o Statistical techniques to characterize log data [A.C. - a very fun one!]
o Applications of Natural-Language Processing (NLP) to logs [A.C. - or that other NLP :-)]
o Scalable log compression
o Log comparison techniques
o Methods to enhance and standardize log semantics
o System diagnostic techniques
o Log visualization
o Analysis of services (problem ticket) logs
o Applications of log analysis to system administration

Finally, some advice to those looking for a log-related problem to solve (as if those are not on the surface :-))- look no further than "Anton's 'Grand Challenges' of Log Managemet": still fun, still unsolved, still horrible to look at :-)

Dr Anton Chuvakin