Correlation Solution Of System Monitoring Events Analysis And Administration Based On Complex Event Processing

Complex event processing is an emerging technology and method which under the background and the framework of event driven research. The goal for processing is to gain information from all levels of event flow of software system application, and to understand the influence to the upper management objectives and business process, then to make real-time response. Monitoring events, is mainly refers to the information returned by the centralized-monitoring of IT equipment. For IT system, especially distributed IT system in centralized monitoring, it bears the important function to monitor the operation and control of the whole system. Normally the monitoring event information returned by the centralized-monitoring equipment is scattered and redundant. Correlation research in monitoring event is first to analyze and process the specified event information returned by the centralized-monitoring system, then to draw the relationship among those events, confirm the fault and alarm the source of the event, thus to reduce the administrator burden, and it finally provides essential decision support for the realization in fully automated and efficient operation of centralized-monitoring of large scale system.According to repetition and misinformation problem in monitoring events, this paper puts forward a processing model for optimize, merge and polymerize these events. In terms of pretreatment of monitoring event, according to the characteristics of monitoring events in IT system, this paper puts forward the concept of event-liability coefficient, and preprocesses these events based on statistical rules of network topology and a k-means liability clustering algorithm. In order to solve the traditional complex event in Complex Event Processing (CEP) problem, this paper improves the traditional complex event model, and give the concept of correlation template in monitoring event, meanwhile, it presents the improvement of the classical data mining algorithm generating the pretreatment of the templates algorithm.This paper designed and realized monitoring event handling system based on the traditional centralized-monitoring platform. Through this system user can view the correlation event results, events fault speculation and business impact analysis and so on.