is paper presents DeepLog, a general-purpose framework for
online log anomaly detection and diagnosis using a deep neural
network based approach. DeepLog learns and encodes entire log
message including timestamp, log key, and parameter values. It
performs anomaly detection at per log entry level, rather than at
per session level as many previous methods are limited to. DeepLog
can separate out dierent tasks from a log le and construct a work-
ow model for each task using both deep learning (LSTM) and
classic mining (density clustering) approaches. is enables eective
anomaly diagnosis. By incorporating user feedback, DeepLog
supports online update/training to its LSTM models, hence is able
to incorporate and adapt to new execution paerns. Extensive evaluation
on large system logs have clearly demonstrated the superior
eectiveness of DeepLog compared with previous methods.
Future work include but are not limited to incorporating other
types of RNNs (recurrent neural networks) into DeepLog to test
their eciency, and integrating log data from dierent applications
and systems to perform more comprehensive system diagnosis (e.g.,
failure of a MySQL database may be caused by a disk failure as
reected in a separate system log).
ELMo is a deep contextualized word representation that models both (1) complex characteristics of word use (e.g., syntax and semantics), and (2) how these uses vary across linguistic contexts (i.e., to model polysemy). These word vectors are learned functions of the internal states of a deep bidirectional language model (biLM), which is pre-trained on a large text corpus. They can be easily added to existing models and significantly improve the state of the art across a broad range of challenging NLP problems, including question answering, textual entailment and sentiment analysis.