Modern telecom systems are monitored with performance and system logs from multiple application layers and components. Detecting anomalous events from these logs is key to identify security breaches, resource over-utilization, critical/fatal errors, etc. Current supervised log anomaly detection frameworks tend to perform poorly on new types or signatures of anomalies with few or unseen samples in the training data. In this work, we propose a meta-learning-based log anomaly detection framework (LogAnMeta) for detecting anomalies from sequence of log events with few samples. LoganMeta train a hybrid few-shot classifier in an episodic manner. The experimental results demonstrate the efficacy of our proposed method
翻译:利用多个应用层和组件的性能和系统日志对现代电信系统进行监测。从这些日志中检测异常事件是查明违反安全规定、资源过度使用、关键/致命错误等的关键。当前监督的日志异常探测框架往往在新类型或异常特征特征方面表现不佳,培训数据中很少或看不到样本。在这项工作中,我们提议一个基于元学习的日志异常检测框架(LogAnMeta),用于检测从少有样本的日志事件序列中发现的异常现象。LoganMeta以偶发方式训练一个混合的少数弹分级器。实验结果显示了我们拟议方法的功效。