Date Added: Oct 2010
The authors describe a distributed reasoning system called Otto-Mate that is used to detect, reason about, and respond to incidents on a computing network. Events for monitoring computing networks occur at different system levels. Some information might relate to data, some might be operating system specific, some application or service related, some could be network related, and from each there will be compound events that describe incident effects and information about the situation context. All together there can be thousands of events per second. Today's approaches to monitoring networks are typically centralized, sending events over the network to a single engine for analysis.