logdata-anomaly-miner
logdata-anomaly-miner copied to clipboard
ait-aecid
This tool parses log data and allows to define analysis pipelines for anomaly detection. It was designed to run the analysis with limited resources and lowest possible permissions to make it suitable...
For example like in the EFD: for log_ev, freq in self.counts_prev.items(): persist_data.append((log_ev, freq))
- [ ] DefaultMailNotificationEventHandler - [ ] JsonConverterHandler - [ ] KafkaEventHandler - [ ] ScoringEventHandler - [ ] StreamPrinterEventHandler - [ ] SyslogWriterEventHandler - [ ] Utils - [...
When logs are received from a unix socket, starting from a specific line never makes sense (in fact, it produces unexpected behavior that is difficult to debug and find the...
The AMiner needs a solid documentation. https://readthedocs.org/ might be a good place to put the documentation to. Key-Requirements are: - Full coverage of all aminer-functionality - Full coverage of all...
It should be possible to set the severity of detectors and add this information to the output if set. E.g., a parameter severity = 0.7 can be added to a...
Reject and reinitialize the time windows, if too many anomylies occur.
# Make sure these boxes are signed before submitting your Pull Request -- thank you. # Must haves - [x] I have read and followed the contributing guide lines at...
It would be good to have a detector that uses markov chains, similar to the sequence detector but with transition probabilities.