USTEP: Structuration des logs en flux gr{â}ce {à} un arbre de recherche {é}volutif
This work addresses a critical processing bottleneck for developers and system operators in log-mining tasks, though it appears incremental as it builds on existing online parsing methods.
The paper tackles the bottleneck of parsing log messages in real-time by proposing USTEP, an online log parsing method based on an evolving tree structure, which demonstrates superior effectiveness and robustness compared to other online methods on various real-world datasets.
Logs record valuable system information at runtime. They are widely used by data-driven approaches for development and monitoring purposes. Parsing log messages to structure their format is a classic preliminary step for log-mining tasks. As they appear upstream, parsing operations can become a processing time bottleneck for downstream applications. The quality of parsing also has a direct influence on their efficiency. Here, we propose USTEP, an online log parsing method based on an evolving tree structure. Evaluation results on a wide panel of datasets coming from different real-world systems demonstrate USTEP superiority in terms of both effectiveness and robustness when compared to other online methods.