In the source logs I use, log lines are labelled. When it comes to time windows I was considering number of labelled lines in that time window as basis but I am not sure which threshold to use. Also not sure at all about this kind of labelling anyways since I cannot put any deterministic reason.
I saw on one of the issues that you also provided dataloader and preprocessing. However, as I check the code I can't relate "#oov" or "#Pad" to anything I have.
I have BGL and Thunderbird logs. After Drain parser I got below fields:
LineId,Label,Timestamp,Date,Node,Time,NodeRepeat,Type,Component,Level,Content,EventId,EventTemplate,ParameterList
If I am not missing anything could you guide me on idea of labelling time windows?
Thanks in advance.
Hello,
In the source logs I use, log lines are labelled. When it comes to time windows I was considering number of labelled lines in that time window as basis but I am not sure which threshold to use. Also not sure at all about this kind of labelling anyways since I cannot put any deterministic reason.
I saw on one of the issues that you also provided dataloader and preprocessing. However, as I check the code I can't relate "#oov" or "#Pad" to anything I have.
I have BGL and Thunderbird logs. After Drain parser I got below fields: LineId,Label,Timestamp,Date,Node,Time,NodeRepeat,Type,Component,Level,Content,EventId,EventTemplate,ParameterList
If I am not missing anything could you guide me on idea of labelling time windows? Thanks in advance.