master
Steve Nyemba
6 years ago
parent
2ac18e1ff4
commit
ea49b89db9
@ -1,2 +1,43 @@
|
||||
# monitor
|
||||
# Introduction
|
||||
|
||||
This program is designed to monitor processes running on a linux/osx machine. It assumes logging hasn't been properly done.
|
||||
The program answers basic questions:
|
||||
|
||||
- Is a given program still running
|
||||
- How much resource (memory/cpu) a program is using up
|
||||
- The number of processes found
|
||||
- Folder monitoring ...
|
||||
|
||||
#Architecture
|
||||
|
||||
The architecture of the system is distributed with a central master node,
|
||||
{
|
||||
"id":"",
|
||||
"key":"",
|
||||
"apps":[],
|
||||
"sandbox":[{"path":"","requirements":""}],
|
||||
"folders":["path-1"],
|
||||
"store":{}
|
||||
"actions":{}
|
||||
}
|
||||
|
||||
The agent will perform three basic functions :
|
||||
|
||||
- data collection (building up the dataset)
|
||||
- classification of status for a given process:
|
||||
|
||||
x y z
|
||||
0 0 1 idle
|
||||
1 1 1 running
|
||||
0 0 0 crash
|
||||
|
||||
with x : memory used
|
||||
y : cpu usage
|
||||
z : number of processes found
|
||||
|
||||
- Prediction of crashes using multivariate anomaly detection
|
||||
This allows the learner to determine if something unusual is happening.
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in new issue