Russian Federation
Russian Federation
Russian Federation
This article examines the automation of monitoring processes in microservice architectures, where traditional approaches often prove ineffective. The limitations of threshold-based failure detection methods, which lead to excessive notifications, are analyzed. A new approach to telemetry data aggregation, including metrics, logs, and distributed traces, is described for identifying complex incidents. A mathematical model for event normalization and an algorithm for their correlation are presented, aimed at reducing information noise and reducing incident identification time. The results of an experimental evaluation on a synthetic dataset are presented, confirming the effectiveness of the proposed method with an F1 score of 0.86.
monitoring, microservice architecture, event, IT infrastructure
1. Moskvichev A. D., Dolgachev M. V. Algoritmy korrelyacii sobytiy informacionnoy bezopasnosti // Avtomatizaciya processov upravleniya. 2020. № 3. S. 50–59.
2. Gayfulina D. A., Kotenko I. V. Analiz modeley glubokogo obucheniya dlya zadach obnaruzheniya setevyh anomaliy interneta veschey // Informacionno-upravlyayuschie sistemy. 2021. №. 1 (110). S. 28–37.
3. Obschiy podhod k postroeniyu perspektivnyh sistem monitoringa raspredelennyh informacionno-telekommunikacionnyh setey / Allakin V.V., Budko N.P., Vasil'ev N.V. // Sistemy upravleniya, svyazi i bezopasnosti. 2021. № 4. S. 125-227.
4. Sistemnaya inzheneriya v problemah nacional'noy bezopasnosti / Anischenko A.V., Artem'ev V.B., Bondareva M.K., Budzko V.I., Burmaka A.A., Bychkov I.V., Vasil'ev V.I., Vul'fin A.M., Gadenin M.M., Garbuk S.V., Gedzyun V.S., Golovin S.A., Emel'yanov S.G., Zhukov A.O., Zacarinnyy A.A., Zorin A.V., Ignat'ev A.G., Kapustin A.Ya., Klimov S.M., Kozlov S.V. i dr. Tematicheskiy blok «Nacional'naya bezopasnost'». Moskva, 2025.



