Sha256: 50342b6ed60f135835e73877a77fa74cf6e5b82ab3efd161569d568ae1d090b8
Contents?: true
Size: 1.95 KB
Versions: 1
Compression:
Stored size: 1.95 KB
Contents
= Fluent::Plugin::Anomalydetect
To detect anomaly for log stream, use this plugin.
Then you can find changes in logs casually.
= Installation
Add this line to your application's Gemfile:
gem 'fluent-plugin-anomalydetect'
And then execute:
$ bundle
Or install it yourself as:
$ gem install fluent-plugin-anomalydetect
== Usage
<source>
type file
...
tag access.log
</source>
<match access.**>
type anomalydetect
tag anomaly.access
tick 86400
</match>
<match anomaly.access>
type file
...
</match>
Then the plugin output anomaly log counts in each day.
This plugin watches a value of input record number in the interval set with `tick`.
If you want to watch a value for a target field <fieldname> in data, write below:
<match access.**>
type anomalydetect
tag anomaly.access
tick 86400
target fieldname
</match>
== more configuration
<match access.**>
type anomalydetect
tag anomaly.access
tick 86400
target fieldname
outlier_term 7
outlier_discount 0.5
smooth_term 7
score_term 28
score_discount 0.01
</match>
If you want to know detail of these parameters, see "Theory".
<match access.**>
type anomalydetect
...
store_file /path/to/anomalydetect.dat
</match>
If "store_file" option was specified, a historical stat will be stored to the file at shutdown, and it will be restored on started.
<match access.**>
type anomalydetect
...
threshold 3
</match>
If "threshold" option was specified, plugin only ouput when the anomalyscore is more than threshold.
== Theory
"データマイニングによる異常検知" http://amzn.to/XHXNun
= TODO
== threshold
fluentd outputs value when the outlier value over threshold
== FFT algorithms
= Copyright
Copyright:: Copyright (c) 2013- Muddy Dixon
License:: Apache License, Version 2.0
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| fluent-plugin-anomalydetect-0.1.1 | README.rdoc |