Multi-level event and anomaly correlation based on enterprise architecture information

Jörg Landthaler, Martin Kleehaus, Florian Matthes

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Growing IT landscapes in and among enterprises face the challenge of increasing complexity, which complicates root cause analysis and calls for automated support. This paper presents an approach to correlate events, e.g. anomalies in multi-level monitoring stream data, for instance conversion rates or network load monitoring. Events, e.g. operational activities like application deployments and marketing activities can be taken into account, too. We exploit an Enterprise Architecture documented as a graph to focus on those correlations, where relationships are already known. Therefore, different data source types are identified. We present a minimal prototypical implementation called MLAC that shows first results of the feasibility of the approach, in particular to correlate events and level shift anomalies in an artificial web-shop setup. It includes a dynamic visualization of the correlations in the EA graph.

Original languageEnglish
Title of host publicationEnterprise and Organizational Modeling and Simulation - 12th International Workshop, EOMAS 2016, Selected Papers
EditorsEduard Babkin, Samuel Fosso Wamba, Robert Pergl, Martin Molhanec
PublisherSpringer Verlag
Pages52-66
Number of pages15
ISBN (Print)9783319494531
DOIs
StatePublished - 2016
Event12th International Workshop on Enterprise and Organizational Modeling and Simulation, EOMAS 2016 - Ljubljana, Slovenia
Duration: 13 Jun 201614 Jun 2016

Publication series

NameLecture Notes in Business Information Processing
Volume272
ISSN (Print)1865-1348

Conference

Conference12th International Workshop on Enterprise and Organizational Modeling and Simulation, EOMAS 2016
Country/TerritorySlovenia
CityLjubljana
Period13/06/1614/06/16

Keywords

  • Anomaly detection
  • Anomaly types
  • Enterprise architecture
  • Event correlation
  • Multi-level monitoring
  • Outlier detection
  • Runtime monitoring
  • Stream data types
  • Time series data

Fingerprint

Dive into the research topics of 'Multi-level event and anomaly correlation based on enterprise architecture information'. Together they form a unique fingerprint.

Cite this