Today, machines and software items having different roles and manufactured by different manufacturers are monitored and managed in an integrated manner for primary purpose of cost reduction. Meanwhile, these various machine and software items have mechanisms to output logs having their specific forms, which are used to monitor and manage the machines. In connection with development of information devices, the log information becomes complicated and large scaled, and efficient monitoring methods are required.
In this situation, an analysis platform for simplifying log analysis is proposed in non-patent document 1. In order to use it, however, prior knowledge regarding meaning of occurrence of individual logs and/or contents of log messages is needed, and its operation is difficult if know-how on analysis of a vast amount of unknown logs is not accumulated.
Meanwhile, a template comprehension method for cases where syslog generated by network devices such as a router are targeted and some formats such as vendors, message types, error codes and detailed message contents are provided in advance is provided in non-patent document 2. A scheme for displaying digest information for the syslog with use of positional relationship of routers or the like is proposed.
According to these prior techniques, some prior knowledge is needed at least at a stage of collecting information. For example, it is necessary to comprehend from which vendor the logs are collected and/or which portions in messages are indicative of error codes, and a template comprehension mechanism is not only simply prepared but also manual input and preparation are needed in advance. Also, since the digest display function for the syslog is specific to the syslog, it is difficult to apply it to other monitored log information.