Anomaly Detection Engine for Linux Logs (ADE)

ADE can process a large numbers of logs from a large number of Linux systems to create a compact summary of those logs. The summary identifies and consolidates similar text strings into a single message example and assigns it a key (message id).  The summary determines if  the message id are being issued when expected, are being issued at the expected rate during a time slice, and how often during the day are the message or a similar message (same message id) issued.

You can use those results to examine

Please see for documentation on ADE.


Saw Kill 1.0.4

Fall Kill 1.0.3

CII Best Practices

Poesten Kill 1.0.2

Esopus Creek 1.0.1

Initial release 1.0.0