18. 定量化する方法例 -時系列ログデータ列-
18
Oct 25 09:54:15 docker-host-alpine daemon.info init: starting pid 3032, tty '/dev/tty1': '/sbin/getty 38400 tty1'
Oct 25 09:54:15 docker-host-alpine daemon.info init: starting pid 3033, tty '/dev/tty2': '/sbin/getty 38400 tty2'
Oct 25 09:54:15 docker-host-alpine daemon.info init: starting pid 3036, tty '/dev/tty3': '/sbin/getty 38400 tty3'
Oct 25 09:54:15 docker-host-alpine daemon.info init: starting pid 3039, tty '/dev/tty4': '/sbin/getty 38400 tty4'
Oct 25 09:54:15 docker-host-alpine daemon.info init: starting pid 3042, tty '/dev/tty5': '/sbin/getty 38400 tty5'
Oct 25 09:54:15 docker-host-alpine daemon.info init: starting pid 3045, tty '/dev/tty6': '/sbin/getty 38400 tty6'
Oct 25 09:54:15 docker-host-alpine daemon.info init: starting pid 3048, tty '/dev/ttyS0': '/sbin/getty -L 115200 ttyS0 vt100'
Oct 25 09:54:27 docker-host-alpine kern.info kernel: [ 26.938509] bridge: filtering via arp/ip/ip6tables is no longer available by
default. Update your scripts to load br_netfilter if you need this.
Oct 25 09:54:27 docker-host-alpine kern.notice kernel: [ 26.983302] Bridge firewalling registered
Oct 25 09:54:27 docker-host-alpine kern.info kernel: [ 27.003598] nf_conntrack version 0.5.0 (65536 buckets, 262144 max)
Oct 25 09:54:27 docker-host-alpine kern.info kernel: [ 27.432239] Netfilter messages via NETLINK v0.30.
Oct 25 09:54:28 docker-host-alpine kern.info kernel: [ 27.443962] ctnetlink v0.93: registering with nfnetlink.
Oct 25 09:54:28 docker-host-alpine kern.info kernel: [ 27.488759] IPv6: ADDRCONF(NETDEV_UP): br-5a.: link is not ready
Oct 25 09:54:28 docker-host-alpine kern.info kernel: [ 27.508851] IPv6: ADDRCONF(NETDEV_UP): docker0: link is not ready
Oct 25 09:54:45 docker-host-alpine auth.info sshd[3235]: Accepted password for root from 10.1.1.100 port 65468 ssh2
ログ出力パターンでクラスタリング
クラスタ毎の時系列出力件数の推移に変換
19. 定量化する方法例 -構成情報-
19
Service Cの重要度が高そうだ
グラフDBの活用
媒介中心性を求めるクエリ(Neo4j cypher)
MATCH p = allShortestPaths((p1:Service)-[:connect*]-(p2:Service))
WHERE id(p1) < id(p2) AND length(p) > 1
UNWIND nodes(p)[1..-1] AS n
RETURN n, count(*) AS betweeness
ORDER BY betweeness DESC
n betweeness
Service C 5
Service B 3
Service A 3