Pluggable architecture to handle different log formats into a ? scheme / ontology
Can ontology alone ? recognise ? (unlikely) and what more is needed?
How to compile traces of activities that the same but are captured from different systems
Experience in making activity types / patterns and identification patterns emerge from heterogenous logs
Accurately recognising users across logs - is IP plus user agent sufficient?
Experience in loading huge amounts of activity data onto a triple store and reasoning with it
Scalability of storing, analysis and implementing large amounts of traces of activity (in our case, as RDF)
Ontologies ? and for recognising ? ? ?