[needs-packaging] logdata-anomaly-miner -- lightweight tool for log checking, log analysis
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
logdata-anomaly-miner (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
Package name: logdata-
Version: 0.0
Upstream Author: Roman Fiedler <email address hidden>
URL: FIXME (see below)
Sources URL: Mentoring: Best location? GIT preferred.
License: GPLv3
Programming Lang: Python
Description: logdata-
to analyze log lines and detect anomalies via various methods:
Dependencies: python
Long description:
logdata-
pipelines to analyze log data streams and detect violations
or anomalies in it. It can be run from console, as daemon with
e-mail alerting or embedded as library into own programs. It
was designed to run the analysis with limited resources and
lowest possible permissions to make it suitable for production
server use. Analysis methods include:
.
* static check patterns similar to logcheck but with extended
syntax and options.
* detection of new data elements (IPs, user names, MAC addresses)
* statistical anomalies in log line frequencies
* correlation rules between log lines as described in th AECID
approach http://
.
The tool is suitable to replace logcheck but also to operate
as a sensor feeding a SIEM.
Changed in ubuntu: | |
status: | New → In Progress |
assignee: | nobody → Roman Fiedler (roman-fiedler) |
* Debian ITP: https:/ /bugs.debian. org/cgi- bin/bugreport. cgi?bug= 813096 /lists. debian. org/debian- mentors/ 2016/02/ msg00021. html
* Debian Mentoring: https:/