Abstract
When event correlation was first used in integrated management, in the early 1980s, several techniques devised by the artificial intelligence and database communities were applied to network element management for analyzing alarms sent by expensive, self-monitoring telephone switches. Today, it is used for detecting faults in wireless networks, for monitoring the performance of commodity, often non-self-aware devices in enterprise networks, for detecting intrusions in firewalls, for ascribing breaches in service level agreements to specific problems in the underlying IT infrastructure, etc. In other words, the problem to be solved has changed completely. Can today's event correlators still meet customers' expectations? If not, how should they evolve to meet them? In this paper, we try to capture the main lessons learned by the integrated management community in event correlation in the past 25 years, and to identify important challenges that we are faced with. By doing this, we hope to streamline and encourage research in this field, which needs better models, algorithms and systems to deal with ever more complex and integrated networks, systems and services.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
