logdata-anomaly-miner - lightweight tool for log checking, log analysis v0.0.0

Version V0.0.0 completed, initial release features:

* Common parsing model elements available: fixed strings, numbers, IP addresses, date-time fields, delimited fields, fixed alphabet fields, ...
* Common parsing model structural elements: sequences, branches, repeated elements, optional elements.
* Stream and file reading, splitting into lines.
* Operating system integration: privileged parent process forwarding file descriptors to analysis child.
* Reopening of log files using open/fstat loop.
* Functionality for state persistence handling between restarts.
* Analysis components:
  * NewMatchPathDetector: generate events when new match path is detected.
  * HistogramAnalysis: generate complete and path-dependent histograms for given properties.
  * MatchValueQueueSplitter: split input from e.g. one parser and forward it to different analyzers depending on match values.
  * WhitelistViolationDetector: ignore log data that is whitelisted at least by single rule (logcheck equivalent behaviour)
  * TimeCorrelationViolationDetector: check if usually correlated loglines are really found both.

Milestone information

Project:
logdata-anomaly-miner - lightweight tool for log checking, log analysis
Series:
trunk
Version:
v0.0.0
Released:
 
Registrant:
Roman Fiedler
Release registered:
Active:
No. Drivers cannot target bugs and blueprints to this milestone.  

Download RDF metadata

Activities

Assigned to you:
No blueprints or bugs assigned to you.
Assignees:
No users assigned to blueprints and bugs.
Blueprints:
No blueprints are targeted to this milestone.
Bugs:
No bugs are targeted to this milestone.

Download files for this release

File Description Downloads

Release notes 

Version V0.0.0 completed, initial release features:

* Common parsing model elements available: fixed strings, numbers, IP addresses, date-time fields, delimited fields, fixed alphabet fields, ...
* Common parsing model structural elements: sequences, branches, repeated elements, optional elements.
* Stream and file reading, splitting into lines.
* Operating system integration: privileged parent process forwarding file descriptors to analysis child.
* Reopening of log files using open/fstat loop.
* Functionality for state persistence handling between restarts.
* Analysis components:
  * NewMatchPathDetector: generate events when new match path is detected.
  * HistogramAnalysis: generate complete and path-dependent histograms for given properties.
  * MatchValueQueueSplitter: split input from e.g. one parser and forward it to different analyzers depending on match values.
  * WhitelistViolationDetector: ignore log data that is whitelisted at least by single rule (logcheck equivalent behaviour)
  * TimeCorrelationViolationDetector: check if usually correlated loglines are really found both.

Changelog 

This release does not have a changelog.

0 blueprints and 0 bugs targeted

There are no feature specifications or bug tasks targeted to this milestone. The project's maintainer, driver, or bug supervisor can target specifications and bug tasks to this milestone to track the things that are expected to be completed for the release.

This milestone contains Public information
Everyone can see this information.