simon@odin.pttrnl.nl (Simon van Veen) (12/03/90)
Hai, I am currently investigating the tasks of unix system managers. The goal of this investigation is: can ``Artificial Intelligence'' be of any help in system management. With system management I mean: management of system information, management of datacommunication, management of disks, files, tapes, printers, processes, users, security etc, etc. One of things that strikes me is that the system managers do not use proper tools for system management. Actually they make their own small tools for certain tasks. What I would like to know is: - Do tools exist? and if they do, what is their functionality? - Does anyone have other solutions to the management problem? - Is it possible to use ``Artificial Intelligence'' techniques for management of unix systems? and how? Please e-mail your responses to me, thanks, Simon -- ________ Simon J. van Veen \ / PTT Research Neher Laboratories /\ / P.O. box 421
rodgers@clausius.mmwb.ucsf.edu (12/04/90)
In <simon.660236994@odin> simon@odin.pttrnl.nl (Simon van Veen) writes: >I am currently investigating the tasks of unix system managers. >The goal of this investigation is: can ``Artificial Intelligence'' >be of any help in system management. >With system management I mean: management of system information, >management of datacommunication, management of disks, files, tapes, >printers, processes, users, security etc, etc. I shall assume that by "Artificial Intelligence" you mean an expert system. The task of system administration relies on numerous specific details which, even in the world of UNIX, end up being host and site specific. It would be a daunting though not impossible challenge to create a system which was of general utility, which probably explains why it has not yet been done. We thought about this problem in the course of developing the System Manager's Toolkit, which attempts to automate much of routine system administration for Suns and other BSD-like systems, and opted for a system which tries to boil down administrative information and present it in the framework of a single interactive front-end. To the extent that SMT contains specific information about what to look for and creates various messages which make specific recommendations, it is a simple expert system in its own right. One could layer a formal expert system on top of something like this, to try to make more sophisticated inferences about what actions should be taken. When we had finished SMT, the need for an AI layer didn't seem very important, as the information the system presented, together with a good book such as UNIX System Administration Handbook by Nemeth et al., was such that administrative tasks seemed pretty straightforward. Nevertheless, as networks become larger and more complex and the architecture of individual machines more complicated, it seems likely that formal AI tools will appear in the administrator's armamentarium. Cheerio, Rick Rodgers R. P. C. Rodgers, M.D. (415)476-8910 (work) 664-0560 (home) UCSF Laurel Heights Campus UUCP: ...ucbvax.berkeley.edu!cca.ucsf.edu!rodgers 3333 California St., Suite 102 ARPA: rodgers@maxwell.mmwb.ucsf.edu San Francisco CA 94118 USA BITNET: rodgers@ucsfcca
aronb@gkcl.ists.ca (Aron Burns) (12/05/90)
In article <rodgers.660262042@clausius.mmwb.ucsf.edu> rodgers@clausius.mmwb.ucsf.edu writes: >In <simon.660236994@odin> simon@odin.pttrnl.nl (Simon van Veen) writes: > >>I am currently investigating the tasks of unix system managers. >>The goal of this investigation is: can ``Artificial Intelligence'' >>be of any help in system management. >>With system management I mean: management of system information, >>management of datacommunication, management of disks, files, tapes, >>printers, processes, users, security etc, etc. > >I shall assume that by "Artificial Intelligence" you mean an expert system. We saw a product called ERSA ( Expert Remote Systems Assurance ) that gathered stats on a unix system, made some intelligent guesses about problems and attempts to make suggestions about how to solve them , at which point it uploads a file to a supervisor machine where a human decides what to do. The product looked at kernel tuning, security violations, disk space, etc. While I haven't seen it run you might call these people to find out more: Don Monroe Elegant Communications Inc. 481 University Avenue Suite 602 Toronto Ont M5G-2E9 (416)595-5425 (416)595-5439 Aaron Burns "Nothing I say on the net is binding aronb@gkcl.ists.ca to our corporation" Toronto, Ontario "Life is a forge, and the purest metal (416)392-4310 comes from the hottest fire"
jmm@eci386.uucp (John Macdonald) (12/06/90)
In article <15872@ists.ists.ca> aronb@gkcl.UUCP (Aron Burns) writes: |In article <rodgers.660262042@clausius.mmwb.ucsf.edu> rodgers@clausius.mmwb.ucsf.edu writes: |>In <simon.660236994@odin> simon@odin.pttrnl.nl (Simon van Veen) writes: |> |>>I am currently investigating the tasks of unix system managers. |>>The goal of this investigation is: can ``Artificial Intelligence'' |>>be of any help in system management. |>>With system management I mean: management of system information, |>>management of datacommunication, management of disks, files, tapes, |>>printers, processes, users, security etc, etc. |> |>I shall assume that by "Artificial Intelligence" you mean an expert system. | | |We saw a product called ERSA ( Expert Remote Systems Assurance ) that |gathered stats on a unix system, made some intelligent guesses about |problems and attempts to make suggestions about how to solve them |, at which point it uploads a file to a supervisor machine where a |human decides what to do. The product looked at kernel tuning, |security violations, disk space, etc. While I haven't seen it |run you might call these people to find out more: | |Don Monroe |Elegant Communications Inc. |481 University Avenue |Suite 602 |Toronto Ont |M5G-2E9 |(416)595-5425 |(416)595-5439 ^^^^^^^^^^^^^ this is our fax number, and is only opertional during business hours. | | | |Aaron Burns "Nothing I say on the net is binding |aronb@gkcl.ists.ca to our corporation" |Toronto, Ontario "Life is a forge, and the purest metal |(416)392-4310 comes from the hottest fire" or you can send email to me... Thanks for the plug Aaron, I was just about to risk the rath of the commercialism haters and follow up myself. If requested, I can provide additional technical details in this newsgroup (but I will try to avoid blatant advertisms). -- Cure the common code... | John Macdonald ...Ban Basic - Christine Linge | jmm@eci386 -- Cure the common code... | John Macdonald ...Ban Basic - Christine Linge | jmm@eci386
jmm@eci386.uucp (John Macdonald) (12/08/90)
In article <15872@ists.ists.ca> aronb@gkcl.UUCP (Aron Burns) wrote: |We saw a product called ERSA ( Expert Remote Systems Assurance ) that |gathered stats on a unix system, made some intelligent guesses about |problems and attempts to make suggestions about how to solve them |, at which point it uploads a file to a supervisor machine where a |human decides what to do. The product looked at kernel tuning, |security violations, disk space, etc. While I haven't seen it |run you might call these people to find out more: In article <1990Dec5.171245.7561@eci386.uucp> I, jmm@eci386.UUCP (John Macdonald), followed up: |Thanks for the plug Aaron, I was just about to risk the wrath |of the commercialism haters and follow up myself. | |If requested, I can provide additional technical details in this |newsgroup (but I will try to avoid blatant advertisms). All right, I got enough requests for further info and no requests to not do so ("Full power to flame shields, Mr. Scott. Warp factor 9, Mr. Sulu. Prepare evasive maneuvers, Mr. Spock", take a deep breath, insert smiley for good luck :-) (Minor aside - for ease of registering trademarks, we have had to change our official acronym to XRSA - eXpert Remote Systems Assurance - instead of ERSA. We still pronounce it the same. :-) XRSA does a great deal of automation of administration of Unix systems. It consists of two suites of programs. The "Monitor" runs on each administered system. It does many admin activities (prune log files; run backups; clean out junk files; compress unused files) and auditing activities (validate against a database describing important characteristics of significant system files; changes in setuid and setgid programs; security problems in passwords, accounts, login activity, remote access activity, etc; list communication activity; collect sar or similar info; file system, file, and directory size information). The results of these activities are bundled into a log that is sent to a central "Expert" site. There are lots of local configuration options, but everything is set up to act in a reasonable, safe, manner without local control. The "Expert" runs at a central site that co-ordinates responsibility for administrating systems. It accepts the Monitor logs and processes them into various reports - general information of various types, as well as an Urgent report which lists all indications of potential problems using potent correlation and analysis heuristics (I hesitate to call this an expert system for fear of catching buzzword syndrome). These reports can be distributed using email, news, or any other appropriate mechanism. The central site could be an internal MIS department or an outside service bureau or facilities management operation. Because of the report distribution flexibility, the responsibility for acting on the reports need not fall on the staff of the "Expert" site. Monitor requires basic V7 functionality (sh, sed, awk, etc) but avoids using more recent features (sh functions, awk functions, inconsistently provided programs). If more recent features are present, then they will be used to generate information (e.g. sar). This, it runs on essentially all varieties of Unix (and attempts to provide a consistent appearance to all - for example there is a shell script that contains a large number of awk scripts to provide a consistently formatted "df" for all systems). Adding new modules to the package is straightforward. This allows customisation for local environments, as well as for direct support of specific applications. Expert is extremely portable too - it basically does a lot of text processing and communication which is a common capability of most Unix systems. The other important thing to mention about XRSA is that it is not so much a product as a software supported consulting tool. The customer of the service bureau will see it as a product, but the service bureau itself, or a large organisation, would often benefit from a significant amount of consulting activity customising XRSA to fit more precisely into the framework of their business. A general philosophy point. XRSA is not intended to allow anyone to do system administration. It is aimed at competent, expert, professional people who will be able to understand and act on the information it provides (and appreciate the huge quantity of information that XRSA can analyse to the point of determining that it need not be examined by the human expert today). It is intended to allow administration not require the constant physical presense of the human expert at every system. There are some reports that are intended to be clear to non-experts, but these are normally produced to address a known problem (e.g. a chart of file system usage helps the expert to show why it is time to add a new disk). OK. In reading back, I see that there is a lot of stuff that could be interpreted either as "design justification" or "hornblowing". I hope most readers view this as the former rather than the latter. Too, I have only described an overview of how XRSA works, without much in the way of specific details. However, this has gotten long enough already. I'll leave discussion of specifics for my response to any future discussion (and drop it if there is no interest or too much objection). If anyone wants an email copy of our "benefits summary", or a surface mail copy of our full info package, let me know. John Macdonald <jmm@eci386> Elegant Communications Inc. 481 University Ave., Suite 602, Toronto Ontario M5G 2E9 voice - (416) 595-5425 fax - (416) 595-5439 (business hours only) -- Cure the common code... | John Macdonald ...Ban Basic - Christine Linge | jmm@eci386