DeepLog icon indicating copy to clipboard operation
DeepLog copied to clipboard

Published 20 hours ago verified publisher icon Thijsvanede

parameters anomaly detection model

Open shoaib-intro opened this issue 3 years ago • 4 comments

hey, i tried to understand your repo many time but did not understand pretty well even from your documentation as you are not taking directly parsed input do some kind of pre-processing. have you worked on parameters anomaly detection models and if workflow model?

shoaib-intro avatar Jul 19 '22 11:07 shoaib-intro

I am sorry, but I am not sure if I understand your question. This implementation can parse security events given in .txt or .csv format as specified here: https://deeplog.readthedocs.io/en/latest/reference/preprocessor.html#formats

If you have logs in a different format, you will have convert the logs yourself into one of the supported formats. For the evaluation on the HDFS dataset, we used the already converted logs in .txt form found here: https://github.com/wuyifan18/DeepLog/tree/master/data

Thijsvanede avatar Jul 19 '22 14:07 Thijsvanede

what about prameter anomaly detection did you implemented that part ?

shoaib-intro avatar Jul 19 '22 14:07 shoaib-intro

No, this library only implements the Log Key Anomaly Detection model. I will probably not add the Parameter Value Anomaly Detection model myself, but feel free to send me a pull request if you decide to implement it yourself and want it added to the library.

Thijsvanede avatar Jul 20 '22 07:07 Thijsvanede

I had rough code once optimize it will share it.

shoaib-intro avatar Jul 20 '22 07:07 shoaib-intro