LogHound - a tool for mining frequent patterns from event logs

LogHound is a tool that was designed for finding frequent patterns from event log data sets with the help of a breadth-first frequent itemset mining algorithm. LogHound can be employed for mining frequent line patterns from raw event logs, e.g.,

Dec 18 * myhost.mydomain * log: Connection from * port
Dec 18 * myhost.mydomain * log: Password authentication for * accepted.

but also for mining frequent event type patterns from preprocessed event logs.

LogHound has been tested on Redhat 8.0 Linux and Solaris 8 (compiled with gcc), but is likely to compile and work on other platforms as well.

For more information, read the man page. There is also a paper about LogHound (LNCS Vol. 3283, © Springer-Verlag).

Download:

loghound-0.01 (2004-04-13)

Should you have questions, contact the author: http://kodu.neti.ee/~risto.