Anomaly detection Engine for Linux Logs (ADE)
Command Summary
ADE provides a set of bash scripts in ADE_HOME/bin that set up the appropriate environment and invoke the correct JAVA class.
| Short description | Name of bash script in /bin | Pointer to detailed description |
|---|---|---|
| Generate ADE results | analyze | Analyzing the Linux log to check for unusual behavior |
| Create the database used by ADE | controldb | Managing the ADE database - controldb |
| Delete contents of tables in the database used by ADE | controldb | Managing the ADE database - controldb |
| Issue SQL commands to the database used by ADE | controldb | Managing the ADE database - controldb |
| Generate model | train | Generating a model of expected behavior |
| Grouping similar Linux system together for a single model | updategroups | Defining model groups |
| Prime database | upload | Priming ADE |
| Utilities to support new meta model creation | utilities | Utilities |
| Verify sufficient data for modelling | verify | Verifying that the amount of data is sufficient |