openmainframeproject / ade

ADE detects anomalous time slices and messages in Linux logs (either RFC3164 or RFC5424 format) using statistical learning.
https://www.openmainframeproject.org/projects/anomaly-detection-engine-for-linux-logs-ade
GNU General Public License v3.0
51 stars 34 forks source link

Anomaly Detection Engine for Linux Logs (ADE)

ADE can process a large numbers of logs from a large number of Linux systems to create a compact summary of those logs. The summary identifies and consolidates similar text strings into a single message example and assigns it a key (message id).  The summary determines if  the message id are being issued when expected, are being issued at the expected rate during a time slice, and how often during the day are the message or a similar message (same message id) issued.

You can use those results to examine

Please see http://openmainframeproject.github.io/ade/ for documentation on ADE.

Releases

Saw Kill 1.0.4

Fall Kill 1.0.3

CII Best Practices

Poesten Kill 1.0.2

Esopus Creek 1.0.1

Initial release 1.0.0