Insights such as these are useful for setting up alert review policies and can help automate response prioritization. Operationalizing the categorization of alerts enables their automatic routing to the right support person. In addition, root cause analysis and failure prediction use cases can also benefit from signals from these alert clusters.
While broad class labels of alerts may be available, often they are too general to be useful. So how can we use data science to achieve finer categorization of alerts?
Semi-structured text alerts are generated by IT infrastructure components such as storage devices, network devices, servers, etc. For the client-facing data science engagement I detail in this post, we leveraged only the textual information. To cluster the text data, the following steps were performed: