As long as computer networks have existed there has been a need to perform troubleshooting to determine what is the cause of any network failure to function or to perform as expected. When a phone call (routed across a network) doesn't go through, or data packets are dropped by the network, there are complicated sets of possibilities that have to be considered and systematically ruled out to determine the cause, before the network can be fixed or reconfigured to solve the problem. This process is often time consuming, labor intensive, and requires troubleshooting expertise on multiple types of equipment that are present in the network. The process typically involves aggregating data (e.g., log files) from multiple sources (i.e., multiple types of equipment) into one place, then using text search tools and conventional text editing techniques to look through log files and data about the current and/or prior state of each device.
With the advent of software defined networking (SDN), the problems related to troubleshooting have not improved much. Indeed in many senses the problem is even more difficult. In traditional networks, packet switched networks that do not have a centralized controller, network problems are most commonly the result of human error/misconfiguration, or sometimes faulty equipment. In SDN networks, there is the additional possibility that the source of a problem is a defective program that is operating at the controller.
Since networks are becoming more widespread, powerful, and complex, it is expected that traditional means of network troubleshooting by examining log files and device states manually will eventually become infeasible, due partially to the number and variety of devices involved, virtualization, device heterogeneity and specialization, and that in SDN networks, all network devices can be highly customized by the network operator and are therefore more difficult to characterize than traditional network equipment.
Upon discovery of a network problem, the conventional practice by a network administrator is to determine what devices are involved with the given problem, gather log files and runtime data from each device, save them into one or more files on a computer. Then the administrator will use text search tool in a regular text editor to attempt to locate the source of the problem.
The core problem is that text search is not a very powerful or dynamic tool for finding complex patterns. If a problem can be diagnosed as simply as looking for a warning and/or error messages, and if those messages are understandable to the point that the administrator can amend the network configuration to resolve the issue, then regular text search/editing tools are fine. However, there are several categories of network problems that are not amenable to text search tools.