Automated Discovery of Failing TCP Flows with XSight

Slides:

Advertisements

Similar presentations

ONE STOP THE TOTAL SERVICE SOLUTION FOR REMOTE DEVICE MANAGMENT.

Advertisements

Haystack: Per-User Information Environment 1999 Conference on Information and Knowledge Management Eytan Adar et al Presented by Xiao Hu CS491CXZ.

1 Distributed Agents for User-Friendly Access of Digital Libraries DAFFODIL Effective Support for Using Digital Libraries Norbert Fuhr University of Duisburg-Essen,

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

What’s New in BMC ProactiveNet 9.5?

EXPERT DOCUMENT SOLUTIONS FOR YOUR BUSINESS EXPERT DOCUMENT SOLUTIONS FOR YOUR BUSINESS.

An integrated system for handling restricted use data Felicia LeClere, Ph.D. IASSIST 2009 Tampere, Finland.

Monitoring Voice Deployments with Microsoft Lync.

Environmental Monitoring. ShockWatch/Infitrak Solutions ShockWatch/Infitrak provides High Tolerance Environmental Monitoring Solutions for: Hospitals.

Loupe /loop/ noun a magnifying glass used by jewelers to reveal flaws in gems. a logging and error management tool used by.NET teams to reveal flaws in.

Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.

TM Herding Penguins with Performance Co-Pilot Ken McDonell Performance Tools Group SGI, Melbourne.

Company Confidential Info Exchange Workflow Examples for External Users: Action Items Company Confidential.

1.  TCP/IP network management model: 1. Management station 2. Management agent 3. Management information base 4. Network management protocol 2.

SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS Howard A. Carter III Senior Consultant Microsoft Consulting Services September 21, 2013 TechGate 2013 –

Ron Sokol, M.D. Principal Investigator, CCTSI Bonnie Walters Executive Director, The Evaluation Center Kathryn Nearing, Ph.D. Associate Director, The Evaluation.

WORKFLOW IN MOBILE ENVIRONMENT. WHAT IS WORKFLOW ?  WORKFLOW IS A COLLECTION OF TASKS ORGANIZED TO ACCOMPLISH SOME BUSINESS PROCESS.  EXAMPLE: Patient.

Net Optics Confidential and Proprietary Net Optics appTap Intelligent Access and Monitoring Architecture Solutions.

Implementation of HUBzero as a Knowledge Management System in a Large Organization HUBBUB Conference 2012 September 24 th, 2012 Gaurav Nanda, Jonathan.

AppMetrics and SCOM Working Together to Maximize the availability of Your applications.

ATLAS Off-Grid sites (Tier-3) monitoring A. Petrosyan on behalf of the ATLAS collaboration GRID’2012, , JINR, Dubna.

OSG Operations and Interoperations Rob Quick Open Science Grid Operations Center - Indiana University EGEE Operations Meeting Stockholm, Sweden - 14 June.

Highlights Builds on Splunk implementations – extending enterprise value to include mission-critical IBM mainframe data. Unified mainframe data source.

System Specification Specify system goals Develop scenarios Define functionalities Describe interface between the agent system and the environment.

Suite zTPFGI Facilities. Suite Focus Three of zTPFGI’s facilities:  zAutomation  zTREX  Logger.

Markup and Validation Agents in Vijjana – A Pragmatic model for Self- Organizing, Collaborative, Domain- Centric Knowledge Networks S. Devalapalli, R.

Meet and Confer Rule 26(f) of the Federal Rules of Civil Procedure states that “parties must confer as soon as practicable - and in any event at least.

Suite zTPFGI Facilities. Suite Focus Three of zTPFGI’s facilities:  zAutomation  zTREX  Logger.

CERN IT Department CH-1211 Genève 23 Switzerland t Monitoring: Tracking your tasks with Task Monitoring PAT eLearning – Module 11 Edward.

Event Log View and Sentry Event Log Management Copyright 2002 Engagent, Inc.

Slide 1 9/29/15 End-to-End Performance Tuning and Best Practices Moderator: Charlie McMahon, Tulane University Jan Cheetham, University of Wisconsin-Madison.

A Software Framework for Distributed Services Michael M. McKerns and Michael A.G. Aivazis California Institute of Technology, Pasadena, CA Introduction.

Enterprise PI With Remote Management By Alton Loe.

1 Gateways. 2 The Role of Gateways  Generally associated with primary sites in ESG-CET  Provides a community-facing web presence  Can be branded as.

+ Logentries Is a Real-Time Log Analytics Service for Aggregating, Analyzing, and Alerting on Log Data from Microsoft Azure Apps and Systems MICROSOFT.

Detecting, Managing, and Diagnosing Failures with FUSE John Dunagan, Juhan Lee (MSN), Alec Wolman WIP.

Company LOGO Network Management Architecture By Dr. Shadi Masadeh 1.

© 2015 Pittsburgh Supercomputing Center Opening the Black Box Using Web10G to Uncover the Hidden Side of TCP CC PI Meeting Austin, TX September 29, 2015.

KYUNG-HWA KIM HENNING SCHULZRINNE 12/09/2008 INTERNET REAL-TIME LAB, COLUMBIA UNIVERSITY DYSWIS.

Use-cases for GENI Instrumentation and Measurement Architecture Design Prasad Calyam, Ph.D. (PI – OnTimeMeasure, Project #1764) March 31.

ATLAS Off-Grid sites (Tier-3) monitoring A. Petrosyan on behalf of the ATLAS collaboration GRID’2012, , JINR, Dubna.

TCP/IP1 Address Resolution Protocol Internet uses IP address to recognize a computer. But IP address needs to be translated to physical address (NIC).

ConicIT & Compuware’s Strobe synergistic solution Automatic detection and analysis of applications problems.

PART1 Data collection methodology and NM paradigms 1.

Architecture Review 10/11/2004

Introducing ART UCSF’s Application, Review and Tracking (ART) System

EView/390z Management for IBM Mainframe for HPE Operations Manager i (OMi) Extending the cross-platform capabilities of Hewlett Packard Enterprise Software.

LHC T0/T1 networking meeting

Monitoring Storage Systems for Oracle Enterprise Manager 12c

Performance Management

Centralized Management for Barracuda Networks products

Lec 5: SNMP Network Management

“Introduction to Azure Security Center”

Software Architecture in Practice

ALICE Monitoring

How to Submit Collection Metadata

Event Studio Cognos 8 BI.

Monitoring Storage Systems for Oracle Enterprise Manager 12c

Streaming Network Analytics System

Get to know SysKit Monitor

Exergame Tracker Web App

Cloud computing mechanisms

Starting TCP Connection – A High Level View

Workshop on Gap Analysis and Prioritization

Data Warehousing in the age of Big Data (1)

Service management system at cloud

AI Discovery Template IBM Cloud Architecture Center

Partner Facing Demo.

Infokall Enterprise Solutions

Presentation transcript:

Automated Discovery of Failing TCP Flows with XSight Chris Rapier [rapier@psc.edu] Bryan Learn [blearn@psc.edu] Pittsburgh Supercomputing Center Internet2 Tech Exchange September 27, 2016

The Problem Identifying failing flows as they are happening is difficult. We rely on User feedback Aggregate throughput Synthetic benchmarks Logs, &c Generally speaking, single flow information is either lost in the noise or comes too late to be of high value. Finding a failing flow while it is happening leads to faster problem resolution and improved workflow.

A Solution: XSight XSight is a cross domain solution that gathers and analyzes individual flow data. Designed to instrument DTNs, collect and collate data, and provide actionable analysis in near real time. Works across domain boundaries in order to create a holistic view of TCP flow health.

The Building Blocks Listener Agent Data Store Analysis Agent User Interface

The Listener Agent Lightweight Web10g based client. Small memory and CPU footprint under normal conditions. Monitors all TCP flows. No need to instrument individual applications Can filter out flows by application, ip, or network. Helps maintain confidentiality and ensures only relevant data is collected. Can send different data to multiple stores. Internal flow data can be sent to a local store while R&E data is sent to central collector.

Time series database using InfluxDB Stores The Database Time series database using InfluxDB Stores Metadata (application, src/dst, etc) Path information Metric data Data is tagged with origination information. Allows NOC (c.f. GRNOC) to see all data. Participating organizations can only see their data. Useful for reporting, local analysis, etc.

Collecting data is useless unless you do something with it. Analysis Agent Collecting data is useless unless you do something with it. Periodically reviews new and ongoing flows and subjects data to heuristic analysis. Failing flows are tagged in the database Tag corresponds to which test the data failed Still a work in progress. Currently tests for duplicate ACKs and timeouts. Will soon incorporate macroscopic model, TCP options, excessive jitter, etc. Working with a collaborator on automated causal analysis using machine learning.

User Interface Dashboard Data View Navigate through flow data using discovery graph Failing flows flagged by analysis agent Data View Lists all flagged flows Isolate individual flows and extract detailed metrics

webpage coming to http://www.psc.edu/ Status XSight is the result of a 12 month NSF EAGER grant. Much accomplished but much left to do UI, Analysis agent, etc. New grant currently pending Looking for partner institutions and organizations webpage coming to http://www.psc.edu/ email: rapier@psc.edu

Demo Time!