Event correlation is becoming one of the most central techniques in managing the high volume of event messages. Practically, no network management system can ignore network surveillance and control procedures which are based on event correlation. The majority of existing network management systems use relatively simple ad hoc additions to their software to perform alarm correlation. In these systems, alarm correlation is handled as an aggregation procedure over sets of alarms exhibiting similar attributes. In recent years, several more sophisticated alarm correlation models have been proposed. In this paper, we will expand our knowledge-based event correlation model to capture temporal constraints.
In this paper we are concerned with event-based situation analysis. Application areas include the understanding and awareness of complex unfolding scenarios such as homeland security threats and future battlespace engagements. The paper (i) discusses the differences between the environments/requirements for event-based management and situation management, (ii) presents an argument for an integration of an event correlation system and a situation awareness system, and (iii) proposes an integrated architecture that combines rule-based spatio-temporal event correlation and casebased reasoning for understanding and managing situations. In addition, the paper discusses the hard problem of the mutual influence between event management and situation awareness.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.