master
Steve Nyemba
6 years ago
parent
2ac18e1ff4
commit
ea49b89db9
@ -1,2 +1,43 @@
|
|||||||
# monitor
|
# Introduction
|
||||||
|
|
||||||
|
This program is designed to monitor processes running on a linux/osx machine. It assumes logging hasn't been properly done.
|
||||||
|
The program answers basic questions:
|
||||||
|
|
||||||
|
- Is a given program still running
|
||||||
|
- How much resource (memory/cpu) a program is using up
|
||||||
|
- The number of processes found
|
||||||
|
- Folder monitoring ...
|
||||||
|
|
||||||
|
#Architecture
|
||||||
|
|
||||||
|
The architecture of the system is distributed with a central master node,
|
||||||
|
{
|
||||||
|
"id":"",
|
||||||
|
"key":"",
|
||||||
|
"apps":[],
|
||||||
|
"sandbox":[{"path":"","requirements":""}],
|
||||||
|
"folders":["path-1"],
|
||||||
|
"store":{}
|
||||||
|
"actions":{}
|
||||||
|
}
|
||||||
|
|
||||||
|
The agent will perform three basic functions :
|
||||||
|
|
||||||
|
- data collection (building up the dataset)
|
||||||
|
- classification of status for a given process:
|
||||||
|
|
||||||
|
x y z
|
||||||
|
0 0 1 idle
|
||||||
|
1 1 1 running
|
||||||
|
0 0 0 crash
|
||||||
|
|
||||||
|
with x : memory used
|
||||||
|
y : cpu usage
|
||||||
|
z : number of processes found
|
||||||
|
|
||||||
|
- Prediction of crashes using multivariate anomaly detection
|
||||||
|
This allows the learner to determine if something unusual is happening.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in new issue