[Novalug] Looking for sample system and event logs..

Shawn Wells swells@redhat.com
Wed Apr 2 22:07:01 EDT 2008



Scott Musman wrote:
> Hi,
>
> Sorry if this an odd request, and I hope it's not inappropriate, but I'm
> looking at developing a real-time on-line logfile anomaly detection
> engine, and am hoping that some list members might be kind enough to
> provide me with some samples of their logs. I can't develop the
> algorithms without having typical logs to work with, and our own
> environment just isn't that complex, and so I'm hoping for a wider
> variety of activity characteristics to develop and evaluate against. 

How would this differ from what cfengine can do?  Might be interested in 
helping if you can differentiate your goals from what exists.

http://www.cfengine.org/docs/cfengine-Anomalies.html
http://www.cfengine.org/txt/SLAC-PUB-12379.pdf
http://www.iu.hio.no/~mark/papers/dsom2002.pdf (this is a good one)



More information about the Novalug mailing list