Colloquium lecture: November 18, 2025, Pavel Pecheniuk (Tutor: Al Sardy)
LogInsight: A Scalable, Multiformat Log Analysis Framework for System Anomalies Detection
Modern IT systems and networks are complex and greatly diverse. To maintain their operation and resilience against malicious attacks, security teams invoke to the log analysis. A log is a notebook that summarizes system behaviour and events that took place in the system, including logins, established connections and so on. Compound modern IT infrastructures naturally produce enormous amount of log data, so it is impossible to analyse logs manually. However, timely detection and eradication of abnormalities in the system behaviour is vital to combat potential security incidents, maintaining security of the system. This project presents a flexible log analysis framework that performs robust anomaly detection across logs of different formats. Proposed tool employs a parser that handles data from logs according to the rules defined in YAML configuration files. Anomalies of the different nature are detected with statistical and machine learning techniques. Lastly, system instantly alerts users about its findings via email, indicating severity level of an anomaly and the rule that triggered capturing based on the dedicated file with rules set. This framework demonstrates scalable and interpretable foundation for further intelligent system log analysis.
Time: 11 a.m.
Place: Room 04.137, Martensstr. 3, Erlangen
Zoom-Meeting:
https://fau.zoom-x.de/j/68350702053?pwd=UkF3aXY0QUdjeSsyR0tyRWtLQ0hYUT09
Meeting-ID: 683 5070 2053
Kenncode: 647333