• Journal of Information Science Theory and Practice
• /
• v.10 no.1
• /
• pp.73-88
• /
• 2022

This exploratory study aims to understand the potential of log data analysis and expand its utilization in user research methods. Transaction log data are records of electronic interactions that have occurred between users and web services, reflecting information-seeking behavior in the context of digital libraries where users interact with the service system during the search for information. Two ways were used to analyze South Korea's National Digital Science Library (NDSL) log data for three days, including 150,000 data: a log pattern analysis, and log context analysis using statistics. First, a pattern-based analysis examined the general paths of usage by logged and unlogged users. The correlation between paths was analyzed through a χ² analysis. The subsequent log context analysis assessed 30 identified users' data using basic statistics and visualized the individual user information-seeking behavior while accessing NDSL. The visualization shows included 30 diverse paths for 30 cases. Log analysis provided insight into general and individual user information-seeking behavior. The results of log analysis can enhance the understanding of user actions. Therefore, it can be utilized as the basic data to improve the design of services and systems in the digital library to meet users' needs.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.7 no.4
• /
• pp.39-45
• /
• 2011

Application log files contain error messages; operational data and usage information that can help manage applications and servers. Log analysis system is software that read and parse log files, extract and aggregate information in order to generate reports on the application. In currently, the importance of log files of firewalls is growing bigger and bigger for the forensics of cyber crimes and the establishment of security policy. In this paper, we designed and implemented the SILAS(SysLog-based Integrated Log mAanagement System) in distribute network environments. It help to generate reports on the the log fires of firewalls - IP and users, and statistics of application usage.

• Journal of the Korea Society of Computer and Information
• /
• v.21 no.3
• /
• pp.39-45
• /
• 2016

In this paper, we propose a log management service model for efficient developments of android applications. The proposed model consists of two major parts which are the log collector and the log manager service. The log collector can capture the log information of a target application without modifications, because the collector is composed by aspect-oriented programming. The collected logs are transformed to chunk of data, and the chunk of data is sent to the log management service. The log management service is an android service component and an independent application in another process. So, the log management service can reduce the workload of logging in the target application. Through a case study, we show that the proposed log management service model can reduce the log processing time compared to other models without modifications of a target application.

• Journal of Information Management
• /
• v.36 no.4
• /
• pp.137-153
• /
• 2005

For the improvement of information service, users' transaction log can be stored to the system, and the log analysis should be included in the process of service improvement. Also there are differences within kinds of users' log records and methods of analysis according to the institution's strategy. This paper describes the kinds of log records from users' behavior on information system. And its goal is to consider the case of information center which operates log analysis, and to derive a plan for improvement of information services.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.2
• /
• pp.331-338
• /
• 2011

Objectives of shipboard integration networks are to exchange and manage integrated information. Shipboard integration networks use UDP(User Datagram Protocol) multicast for the exchange of information. However, such information can be missed or damaged because UDP can't guarantee reliability. The standard of shipboard integration networks defines error log functions for the missed or damaged information. In this paper, we analyze internal and external log functions. The internal log function records errors internally, and the external log function sends error messages to a log server and records them in a database. We also develop a log processing module and log server for the external log function.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2018.10a
• /
• pp.39-42
• /
• 2018

Log analysis and monitoring have a significant importance in most of the systems. Log management has core importance in applications like distributed applications, cloud based applications, and applications designed for big data. These applications produce a large number of log files which contain essential information. This information can be used for log analytics to understand the relevant patterns from varying log data. However, they need some tools for the purpose of parsing, storing, and visualizing log informations. "Elasticsearch, Logstash, and Kibana"(ELK Stack) is one of the most popular analyzing tools for log management. For the ingestion of log files configuration files have a key importance, as they cover all the services needed to input, process, and output the log files. However, creating configuration files is sometimes very complicated and time consuming in many applications as it requires domain expertise and manual creation. In this paper, an auto configuration module for Logstash is proposed which aims to auto generate the configuration files for Logstash. The primary purpose of this paper is to provide a mechanism, which can be used to auto generate the configuration files for corresponding log files in less time. The proposed module aims to provide an overall efficiency in the log management system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.22 no.2
• /
• pp.382-389
• /
• 2018

Recently cyber attacks can cause serious damage on various information systems. Log data analysis would be able to resolve this problem. Security log analysis system allows to cope with security risk properly by collecting, storing, and analyzing log data information. In this paper, a security log analysis system is designed and implemented in order to analyze security log data using the Logstash in the Elasticsearch, a distributed search engine which enables to collect and process various types of log data. The Kibana, an open source data visualization plugin for Elasticsearch, is used to generate log statistics and search report, and visualize the results. The performance of Elasticsearch-based security log analysis system is compared to the existing log analysis system which uses the Flume log collector, Flume HDFS sink and HBase. The experimental results show that the proposed system tremendously reduces both database query processing time and log data analysis time compared to the existing Hadoop-based log analysis system.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.49 no.4
• /
• pp.1-8
• /
• 2012

The NTFS journaling file($LogFile) is used to keep the file system clean in the event of a system crash or power failure. The operation on files leaves large amounts of information in the $LogFile. Despite the importance of a journal file as a forensic evidence repository, its structure is not well documented. The researchers used reverse engineering in order to gain a better understanding of the log record structures of address parts, and utilized the address for identifying object files to gain forensic information.

• Journal of Korea Multimedia Society
• /
• v.18 no.1
• /
• pp.42-51
• /
• 2015

In this paper, we analyze the quality status of Health and Welfare division's standardized log and asses the characteristics of the institutions' logs analysis to establish the criteria to minimize hazards and control the quality of log's institutional details to limit extraction. As a result, extraction condition's proposed development direction to adequately assess and control health and welfare abuses privacy control target log. This improvement over the status and quality of information shared with relation to institutional work of the log quality characteristics is made possible. In addition, quality control and inspection standards were prepared in accordance with the institutional log characteristics. Future research will include performing continuous analysis and improvement activities on the quality of logs with integrated control of sharing personal information and distributing information about logs' quality to proactively target organ. Therefore, we expect that correcting proactive personal information misuse and leakage is possible to achieve.

• Journal of the Korea Society of Computer and Information
• /
• v.21 no.10
• /
• pp.69-76
• /
• 2016

In this paper, we propose a real-time remote logging model for development of android applications using LBS(Location based Service). The model has two major parts: Mobile Log Management Service and Remote Log Server. Mobile Log Management Service consists of the log collector and the remote log manager. The log collector is an aspect of AOP which can collect logs from the target application without modifications of source codes. The remote log manager has a background service component so that it can receive logs whenever the log collector captures logs from the target application. Remote Log Server communicates with Mobile Log Management Service by socket interface. Therefore, Remote Log Server can show logs in real-time. To validate the efficiency of the proposed model, we show a case study, and compare the model with other models.