Diagnosing faults in enterprise networks is a time-consuming and frustrating experience. Even when automated diagnostic tools are available, unless a narrow set of faults are targeted, no diagnostic system can always provide an accurate diagnosis. Nevertheless, the outputs of these tools can provide valuable hypotheses that guide human diagnostic process.
NetClinic is a visual analytics system that couples interactive visualization with an automated reasoner for diagnostic sensemaking. The visualizations include a semantic graph layout and small multiples depicting network component information. Administrators are able to verify the output of the automatic analysis at different levels of detail and to move seamlessly across levels while retaining appropriate context.
We evaluate the effectiveness of NetClinic in a qualitative user study, where the participants are asked to use NetClinic to identify culprits that caused abnormal behaviors in computer networks. The study sheds light on the relationship between visualization and computational analysis when the latter becomes more sophisticated, and how their coupling shapes human sensemaking strategies.