Chapter 4 - DSpace at Waseda University
Chapter 4 - DSpace at Waseda University
Chapter 4 - DSpace at Waseda University
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
23<br />
<strong>Chapter</strong> 3<br />
event message th<strong>at</strong> describes the event. For example, when a disk of a server becomes full,<br />
the server could gener<strong>at</strong>e a time stamped “disk full” message for appending to a local log file<br />
or for sending over the network as an SNMP trap. Event logging is a procedure of storing<br />
event messages to the event log, where event log is a regular file th<strong>at</strong> is modified by<br />
appending event messages. (Although sometimes d<strong>at</strong>abases of event messages are also called<br />
event logs) Log client is the system component th<strong>at</strong> emits event messages for event logging.<br />
In this thesis, the term event has often been used for denoting event messages when it is clear<br />
from the context.<br />
In modern IT systems, event logs play an important role:<br />
� Since in most cases event messages are appended to event logs in real-time as they<br />
are emitted by system components, event logs are an excellent source of inform<strong>at</strong>ion<br />
for monitoring the system,<br />
� Inform<strong>at</strong>ion th<strong>at</strong> is stored to the event log can be useful for analysis <strong>at</strong> a l<strong>at</strong>er time,<br />
e.g., for audit procedures or for retrospective incident analysis.<br />
Event logging can take place in various ways. In the simplest case the log client keeps the<br />
event log on a local disk and modifies it when an event occurs. Unfortun<strong>at</strong>ely, event logs will<br />
be sc<strong>at</strong>tered across the system with this logging str<strong>at</strong>egy, each log possibly requiring separ<strong>at</strong>e<br />
monitoring or other analysis. Furthermore, the str<strong>at</strong>egy assumes the presence of a local disk<br />
which is not the case for many network nodes (e.g., switches and routers).<br />
Figure 3.1 centralized logging infrastructure. This is the flow chart of the event log which