Find unusual pattern

Indeed2000 · June 29, 2023, 4:41am

Need to find unusual send and receive patterns in huge log file, here is the example:

00:00:01.000 S-001 <

00:00:01.000 S-002 <

00:00:01.000 S-003 <

00:00:01.000 S-004 <

00:00:01.000 S-005

00:00:01.000 R-005

00:00:01.000 S-006

00:00:01.000 R-006

00:00:01.000 S-007

00:00:01.000 S-008

00:00:01.000 R-008

00:00:01.000 R-007

00:00:01.000 S-009

00:00:01.000 S-010 <

00:00:01.000 S-011 <

00:00:01.000 S-012 <

00:00:01.000 S-013 <

00:00:01.000 R-009 <

00:00:01.000 R-010 <

00:00:01.000 R-011 <

00:00:01.000 R-012 <

00:00:01.000 R-013 <

00:00:01.000 S-014

00:00:01.000 R-014

00:00:01.000 R-001 <

00:00:01.000 R-002 <

00:00:01.000 R-003 <

00:00:01.000 R-004 <

line show with < need to detect and show on chart.

FYI1: Duration is not good way to find them because some of them occurred at the exact time.

FYI2: ids are different not in order as i write above like this 98734543 or 53434444

any idea?

Thanks,

carly.richmond · June 29, 2023, 12:34pm

Hi @Indeed2000,

How are you ingesting these logs files into Elasticsearch? Can you explain what kind of metrics you want to show on your chat in relation to this log pattern?

Indeed2000 · June 29, 2023, 1:37pm

@carly.richmond as i mentioned it is log file, and simply use input file.

carly.richmond · June 29, 2023, 1:41pm

How are you inputing the file into Elasticsearch? Are you using Logstash for example? Or simply uploading a file?

Indeed2000 · July 1, 2023, 4:26pm

@carly.richmond logstash, input_file

system · July 29, 2023, 4:27pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.