In [45]:
import pandas as pd
import re
from sklearn.cluster import KMeans
from datetime import datetime

In [46]:
df = pd.read_excel("Solarwinds Events Data FEB01 to FEB05.xlsx")
df.head()

Unnamed: 0,EventDate,EventID,NetworkNode,NetObjectID,NetObjectID2,NetObjectValue,EventType,EventTypeName,Message,Acknowledged,EngineID,NetObjectType,TimeStamp
0,2025-02-05,133300204,3054.0,214095.0,,,506,SAM Monitor Up,"Component ""Active Directory Domain Services"" f...",0,,AM,0x000000010E1B31DA
1,2025-02-05,133300205,3054.0,3163.0,,,504,SAM Application Up,"Application ""NOC Infra - Active Directory Doma...",0,,AA,0x000000010E1B31DB
2,2025-02-05,133300201,4105.0,213591.0,,213591.0,5000,Alert Triggered,Component DNS Server on Application NOC Infra...,0,3.0,AM,0x000000010E1B31D7
3,2025-02-05,133300200,4094.0,20877.0,,,11,Interface Up,DHA-HO-MDF-FSN-SW-01.dha.ae - TwentyFiveGigE1/...,0,6.0,I,0x000000010E1B31D6
4,2025-02-05,133300199,4094.0,20934.0,,,11,Interface Up,DHA-HO-MDF-FSN-SW-01.dha.ae - Port-channel15 ·...,0,6.0,I,0x000000010E1B31D5


In [47]:
# Extract the last word of 'EventTypeName' as 'Status'
df["Status"] = df["EventTypeName"].apply(lambda x: x.split()[-1].lower())

In [48]:
def classify_status(event_name, status):
    if "sam critical" in event_name.lower():
        return "critical"
    if status in ["failed", "triggered"]:
        return "critical"
    elif status == "up":
        return "message"
    elif status == "down":
        return "down"
    elif status == "warning":
        return "warning"
    else:
        return "critical"  # Any other unrecognized event is also "critical"


df["Status"] = df.apply(lambda row: classify_status(row["EventTypeName"], row["Status"]), axis=1)

In [49]:
# Generate timestamp column
df["Timestamp"] = datetime.now().strftime("%Y-%m-%d %H:%M:%S")

In [50]:
# Convert categorical 'Status' to numerical labels for clustering
df["Status_Code"] = df["Status"].astype("category").cat.codes

In [51]:
# Apply KMeans clustering
kmeans = KMeans(n_clusters=4, random_state=42, n_init=10)
df["Cluster no"] = kmeans.fit_predict(df[["Status_Code"]])

In [52]:
# Save to CSV
output_file = "clustered_events.csv"
df[["EventTypeName", "Cluster no", "Message", "Timestamp", "Status"]].to_csv(output_file, index=False)

print(f"CSV file '{output_file}' generated successfully!")

CSV file 'clustered_events.csv' generated successfully!


In [53]:
df.info()

<class 'pandas.core.frame.DataFrame'>
RangeIndex: 149632 entries, 0 to 149631
Data columns (total 17 columns):
 #   Column          Non-Null Count   Dtype         
---  ------          --------------   -----         
 0   EventDate       149632 non-null  datetime64[ns]
 1   EventID         149632 non-null  int64         
 2   NetworkNode     148949 non-null  float64       
 3   NetObjectID     149172 non-null  float64       
 4   NetObjectID2    0 non-null       float64       
 5   NetObjectValue  123720 non-null  float64       
 6   EventType       149632 non-null  int64         
 7   EventTypeName   149632 non-null  object        
 8   Message         149632 non-null  object        
 9   Acknowledged    149632 non-null  int64         
 10  EngineID        134942 non-null  float64       
 11  NetObjectType   144195 non-null  object        
 12  TimeStamp       149632 non-null  object        
 13  Status          149632 non-null  object        
 14  Timestamp       149632 non-null  obj

In [54]:
cleaned_data=df[["EventTypeName", "Cluster no", "Message", "Timestamp", "Status"]]

In [55]:

cleaned_data.head()

Unnamed: 0,EventTypeName,Cluster no,Message,Timestamp,Status
0,SAM Monitor Up,1,"Component ""Active Directory Domain Services"" f...",2025-02-18 00:15:31,message
1,SAM Application Up,1,"Application ""NOC Infra - Active Directory Doma...",2025-02-18 00:15:31,message
2,Alert Triggered,0,Component DNS Server on Application NOC Infra...,2025-02-18 00:15:31,critical
3,Interface Up,1,DHA-HO-MDF-FSN-SW-01.dha.ae - TwentyFiveGigE1/...,2025-02-18 00:15:31,message
4,Interface Up,1,DHA-HO-MDF-FSN-SW-01.dha.ae - Port-channel15 ·...,2025-02-18 00:15:31,message


In [56]:
# Get distinct values in the "Cluster no" column
cleaned_data['Cluster no'].unique()

array([1, 0, 2, 3])

In [57]:
cluster_summary = cleaned_data.groupby('Cluster no')['Status']
cluster_summary.value_counts()

Cluster no  Status  
0           critical    130678
1           message       9651
3           down          4831
Name: count, dtype: int64

In [58]:
# Create separate DataFrames for each status code
cleaned_data_warning = cleaned_data[cleaned_data['Status'] == 'warning']
cleaned_data_down = cleaned_data[cleaned_data['Status'] == 'down']
cleaned_data_critical = cleaned_data[cleaned_data['Status'] == 'critical']

In [59]:
cleaned_data_warning.head()

Unnamed: 0,EventTypeName,Cluster no,Message,Timestamp,Status
10,SAM Warning,2,"Component ""Worker Process Statistic Monitor (C...",2025-02-18 00:15:31,warning
11,SAM Warning,2,"Component ""Worker Process Statistic Monitor (S...",2025-02-18 00:15:31,warning
104,SAM Warning,2,"Component ""Worker Process Statistic Monitor (I...",2025-02-18 00:15:31,warning
111,SAM Warning,2,"Component ""Active Directory Domain Services"" f...",2025-02-18 00:15:31,warning
112,SAM Warning,2,"Application ""NOC Infra - Active Directory Doma...",2025-02-18 00:15:31,warning


In [60]:
cleaned_data_down.head()

Unnamed: 0,EventTypeName,Cluster no,Message,Timestamp,Status
14,SAM Monitor Down,3,"Component ""Error and Warning Events: SMS Serve...",2025-02-18 00:15:31,down
15,SAM Application Down,3,"Application ""Microsoft System Center Configura...",2025-02-18 00:15:31,down
109,Interface Down,3,DHA-HO-MDF-FSN-SW-01.dha.ae - TwentyFiveGigE2/...,2025-02-18 00:15:31,down
114,Interface Down,3,TCS-GM-SW6 - port9(primary) · port9 Down,2025-02-18 00:15:31,down
202,Node Down,3,Greens-60F has stopped responding (Request Tim...,2025-02-18 00:15:31,down


In [61]:
cleaned_data_critical.head()

Unnamed: 0,EventTypeName,Cluster no,Message,Timestamp,Status
2,Alert Triggered,0,Component DNS Server on Application NOC Infra...,2025-02-18 00:15:31,critical
6,Alert Triggered,0,Component Error and Warning Events: SMS Serve...,2025-02-18 00:15:31,critical
12,SAM Critical,0,"Component ""DNS Server"" for application ""NOC In...",2025-02-18 00:15:31,critical
13,SAM Critical,0,"Application ""NOC Infra Critical Active Directo...",2025-02-18 00:15:31,critical
17,Alert Triggered,0,Component Page Reads/sec on Application PRODS...,2025-02-18 00:15:31,critical


In [63]:

cleaned_data_warning.to_csv('warning_status.csv', index=False)
cleaned_data_down.to_csv('down_status.csv', index=False)
cleaned_data_critical.to_csv('critical_status.csv', index=False)

In [62]:
# from anaconda prompt run below commands
#pip install nltk
#python -m nltk.downloader all

import os
import pandas as pd
from nltk.tokenize import word_tokenize
from nltk.corpus import stopwords

# Ensure nltk data is downloaded
import nltk
nltk.download('punkt')
nltk.download('stopwords')



[nltk_data] Downloading package punkt to
[nltk_data]     C:\Users\senth\AppData\Roaming\nltk_data...
[nltk_data]   Package punkt is already up-to-date!
[nltk_data] Downloading package stopwords to
[nltk_data]     C:\Users\senth\AppData\Roaming\nltk_data...
[nltk_data]   Unzipping corpora\stopwords.zip.


True

In [68]:



# Function to process text and create a meaningful sentence
def process_text(text):
    # Tokenize the text into words
    words = word_tokenize(str(text))  # Ensure text is a string
    
    # Remove stopwords and punctuation
    stop_words = set(stopwords.words('english'))
    filtered_words = [word for word in words if word.isalnum() and word.lower() not in stop_words]
    
    # Reconstruct a meaningful sentence
    meaningful_sentence = " ".join(filtered_words)
    return meaningful_sentence

# List of input CSV files
input_csv_files = ['warning_status.csv', 'down_status.csv', 'critical_status.csv']  # Replace with your actual file paths

# List to store names of processed files
process_file=[]

for file_path in input_csv_files:
    try:
        # Read the CSV file
        df_process = pd.read_csv(file_path)
        
        # Check if the 'Message' column exists
        if 'Message' not in df_process.columns:
            print(f"Skipping {file_path}: 'Message' column not found.")
            continue
        
        # Apply the process_text function to the 'Message' column
        df_process['Processed_Message'] = df_process['Message'].apply(process_text)
        
        # Get the file name and create output CSV path
        file_name = os.path.splitext(os.path.basename(file_path))[0]
        output_csv = f"{file_name}_processed.csv"
        
        process_file.append(output_csv)
        # Save the results to a new CSV file
        df_process.to_csv(output_csv, index=False)
        print(f"Processed CSV saved to {output_csv}")
    
    except Exception as e:
        print(f"Error processing {file_path}: {e}")



Processed CSV saved to down_status_processed.csv
Processed CSV saved to critical_status_processed.csv


In [69]:
process_file

 'down_status_processed.csv',
 'critical_status_processed.csv']

In [70]:
# Merge all processed CSV files into a single master CSV
master_csv = "kedb.csv"
merged_data = pd.DataFrame()

for processed_file in process_file:
    try:
        # Read each processed CSV file
        processed_data = pd.read_csv(processed_file)
        merged_data = pd.concat([merged_data, processed_data], ignore_index=True)
    except Exception as e:
        print(f"Error merging {processed_file}: {e}")

# Save the merged data to the master CSV
merged_data.to_csv(master_csv, index=False)
print(f"Master CSV saved as {master_csv}")


Master CSV saved as kedb.csv
