University of Milano Bicocca
Log files are commonly inspected by system administrators and developers to identify failures, detect suspicious behaviors and diagnose failure causes. Log size grows fast thus making manual analysis impractical. Different automatic techniques have been proposed to analyze log files, but their accuracy and efficiency are often limited by the unstructured nature of logged messages and the variety of data that can be logged.
This paper advances a previous work and presents a technique to automatically analyze log files and retrieve important information to identify failure causes. The technique automatically identifies event and value dependencies in logs corresponding to legal executions, generates models of the traced system behavior and compares log files collected during failing executions with the generated models to detect anomalous event sequences. The detected anomalies are presented to users of the technique. Experimental results conducted on different applications show the effectiveness of the technique in supporting developers and testers to identify failure causes.