Robust log-based anomaly detection on unstable log data

Zhang, Xu; Xu, Yong; Lin, Qingwei; Qiao, Bo; Zhang, Hongyu; Dang, Yingnong; Xie, Chunyu; Yang, Xinsheng; Qian, Cheng; Li, Ze; Chen, Junjie; He, Xiaoting; Yao, Randolph; Lou, Jian–Guang; Chintalapati, Murali; Shen, Furao; Zhang, Dongmei

doi:10.1145/3338906.3338931

articleAug 9, 2019Closed access

Robust log-based anomaly detection on unstable log data

XZXu Zhang YXYong Xu QLQingwei Lin BQBo Qiao HZHongyu Zhang

Microsoft Research Asia (China) · Nanjing University · +3 more institutions

Indexed incrossref

Abstract

Logs are widely used by large and complex software-intensive systems for troubleshooting. There have been a lot of studies on log-based anomaly detection. To detect the anomalies, the existing methods mainly construct a detection model using log event data extracted from historical logs. However, we find that the existing methods do not work well in practice. These methods have the close-world assumption, which assumes that the log data is stable over time and the set of distinct log events is known. However, our empirical study shows that in practice, log data often contains previously unseen log events or log sequences. The instability of log data comes from two sources: 1) the evolution of logging…

Citation impact

667

total citations

FWCI: 38.65
Percentile: 100%
References: 47

Citations per year

Authors

17

Topics & keywords

Topics

Keywords

Anomaly detection
Computer science
Data mining
Log-log plot
Troubleshooting
Set (abstract data type)
Anomaly (physics)
Web log analysis software

No related works found for this paper.