SAQL: A stream-based query system for real-time abnormal system behavior detection. .. To facilitate the task of expressing anomalies based on expert knowledge, our system provides a domain-specific query language, SAQL, which allows analysts to express models for (1) rule-based anomalies, (2) time-series anomalies, (3) invariant-based anomalies, and (4) outlier-based anomalies. We deployed our system in NEC Labs America ..
Keywords for this software
References in zbMATH (referenced in 1 article )
Showing result 1 of 1.
- Omid Setayeshfar, Christian Adkins, Matthew Jones, Kyu Hyung Lee, Prashant Doshi: GrAALF: Supporting graphical analysis of audit logs for forensics (2021) not zbMATH