Original post

I’ve just started learning . Maybe you can help me or give me a hint how i can solve this issue.

I would like a to have repetitive job, which can read logs and then decide automatically how often and when an entry should occurs. Something like a basic “anomaly detection.”. When the application is sure about an entry (occurs over a period of time with the same message in the same period (every hour, or every 10min) then it should write it somewhere down and use it for comparing further logs. if a message occurs which doesnt fit into the timeperiod or a log doesnt occurs anymore the system should make it visible, alert or whatever.

01.01.2019-01:00 – foo 01.01.2019-01:02 – foo 01.01.2019-02:00 – foo 01.01.2019-03:00 – foo .. -> foo should occur hourly, .. after 01.01.2019-03:00 no new logs occurs. .. -> the system sends a notification.

submitted by /u/phhutter