1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
Source: logdata-anomaly-miner
Section: admin
Priority: optional
Maintainer: Markus Wurzenberger <markus.wurzenberger@ait.ac.at>
Build-Depends: debhelper (>= 11.0.0), dh-python, docbook-xsl, docbook-xml, python3-all , xsltproc
Standards-Version: 4.2.1
Homepage: https://launchpad.net/logdata-anomaly-miner/
Vcs-Git: https://git.launchpad.net/logdata-anomaly-miner
Vcs-Browser: https://git.launchpad.net/logdata-anomaly-miner/tree/
Package: logdata-anomaly-miner
Architecture: all
Depends: ${python3:Depends}, python3-tz, ${misc:Depends}
Suggests: python-scipy
Description: This tool allows one to create log analysis pipelines
to analyze log data streams and detect violations or anomalies
in it. It can be run from console, as daemon with e-mail alerting
or embedded as library into own programs. It was designed to
run the analysis with limited resources and lowest possible permissions
to make it suitable for production server use. Analysis methods
include:
.
* static check patterns similar to logcheck but with extended
syntax and options.
* detection of new data elements (IPs, user names, MAC addresses)
* statistical anomalies in log line values and frequencies
* correlation rules between log lines as described in th AECID
approach http://dx.doi.org/10.1016/j.cose.2014.09.006
.
The tool is suitable to replace logcheck but also to operate
as a sensor feeding a SIEM.
.
Please report bugs at https://bugs.launchpad.net/logdata-anomaly-miner/+filebug
|
