PhD Oral Exam - Issam Sedki, Electrical and Computer Engineering

When studying for a doctoral degree (PhD), candidates submit a thesis that provides a critical review of the current state of knowledge of the thesis subject as well as the student’s own contributions to the subject. The distinguishing criterion of doctoral graduate research is a significant and original contribution to knowledge.

Once accepted, the candidate presents the thesis orally. This oral exam is open to the public.

Abstract

Artificial Intelligence for IT Operations (AIOps) is revolutionizing IT management by incorporating AI, machine learning, and big data analytics to automate and enhance system operations. Log management, especially log parsing, is the backbone of AIOps, providing the foundational data required for proactive monitoring, predictive analytics, and maintaining system health. Effective log parsing is critical to identifying anomalies, diagnosing failures, and ensuring operational efficiency. However, challenges such as diverse log formats, insufficient logging guidelines, the sheer volume of logs in complex environments, and the need for real-time insights significantly limit the precision, scalability, and overall effectiveness of AIOps.

This Ph.D. thesis addresses these critical challenges, directly contributing to the AIOps ecosystem by advancing log parsing accuracy, efficiency, and scalability. The contributions ultimately improve AIOps' capabilities for automating IT operations, ensuring resilience, and optimizing overall system performance.

The first major contribution of this thesis is the development of ULP (Universal Log Parser), which leverages a frequent token counting method to identify recurring patterns and extract log templates efficiently. By reducing computational complexity, ULP enables faster, more accurate log parsing, making it highly effective for large-scale IT environments—a key capability for the automation and responsiveness required in AIOps.

The second contribution is the introduction of AML (Accuracy Metric for Log Parsing), which provides a structured framework for evaluating the accuracy of log parsing. Traditional evaluation metrics are insufficient for heterogeneous log formats, leading to inaccurate insights. AML addresses this by offering nuanced metrics that capture both omission and commission errors, enabling detailed and reliable comparisons across different log parsers, ultimately improving the quality of log-based analytics.

The third contribution is a comprehensive taxonomy of log characteristics that categorizes logs based on their structural and contextual properties. This taxonomy not only guides the design of more adaptable and resilient log parsing tools but also helps practitioners tailor log writing strategies, thereby optimizing log analytics in diverse IT environments.

The fourth contribution of this thesis focuses on enhancing log privacy compliance, which is a crucial aspect in AIOps, especially as automated processes handle sensitive log data. The thesis provides guidelines and practices for evaluating and managing privacy risks associated with log data, ensuring that the automation capabilities of AIOps are aligned with stringent privacy regulations and best practices.

Together, these contributions create a robust framework for advancing log parsing within AIOps, enhancing the capabilities of IT operations to be more proactive, responsive, and compliant—all integral for the next generation of AIOps-driven IT management.