I have some devices(network switch, router etc), they publish activity logs through syslog. I need to find actionable items from the logs as alerts. An Actionable item could be, a device has been shut down and not restarted, or device disk memory is full etc. I have following fields in syslogs timestamp
streams I don't have labelled examples of actionable messages. Can Apache metron do something here with unsupervised learning.
... View more