AMinerRemoteControl
This tool allows one to create log analysis pipelines
Install
- All systems
-
curl cmd.cat/AMinerRemoteControl.sh
- Debian
-
apt-get install logdata-anomaly-miner - Ubuntu
-
apt-get install logdata-anomaly-miner - Kali Linux
-
apt-get install logdata-anomaly-miner - Windows (WSL2)
-
sudo apt-get updatesudo apt-get install logdata-anomaly-miner - Raspbian
-
apt-get install logdata-anomaly-miner - Dockerfile
- dockerfile.run/AMinerRemoteControl
logdata-anomaly-miner
This tool allows one to create log analysis pipelines
to analyze log data streams and detect violations or anomalies in it. It can be run from console, as daemon with e-mail alerting or embedded as library into own programs. It was designed to run the analysis with limited resources and lowest possible permissions to make it suitable for production server use. Analysis methods include: * static check patterns similar to logcheck but with extended syntax and options. * detection of new data elements (IPs, user names, MAC addresses) * statistical anomalies in log line values and frequencies * correlation rules between log lines as described in th AECID approach http://dx.doi.org/10.1016/j.cose.2014.09.006 The tool is suitable to replace logcheck but also to operate as a sensor feeding a SIEM. Please report bugs at https://bugs.launchpad.net/logdata-anomaly-miner/+filebug