# Introduction

This program is designed to monitor processes running on a linux/osx machine. It assumes logging hasn't been properly done.
The program answers basic questions:

	- Is a given program still running
	- How much resource (memory/cpu) a program is using up
	- The number of processes found
	- Folder monitoring ...
	
#Architecture

The architecture of the system is distributed with a central master node,
    {
        "id":"",
        "key":"",
        "apps":[],
        "sandbox":[{"path":"","requirements":""}],
        "folders":["path-1"],
        "store":{}
        "actions":{}
    }

The agent will perform three basic functions :

	- data collection (building up the dataset)
	- classification of status for a given process:

		x	y	z
		0	0	1	idle
		1	1	1	running
		0	0	0	crash
	
	with x : memory used
	     y : cpu usage
	     z : number of processes found

	- Prediction of crashes using multivariate anomaly detection
	This allows the learner to determine if something unusual is happening.