|
@@ -1,2 +1,43 @@
|
|
|
-# monitor
|
|
|
|
|
|
|
+# Introduction
|
|
|
|
|
+
|
|
|
|
|
+This program is designed to monitor processes running on a linux/osx machine. It assumes logging hasn't been properly done.
|
|
|
|
|
+The program answers basic questions:
|
|
|
|
|
+
|
|
|
|
|
+ - Is a given program still running
|
|
|
|
|
+ - How much resource (memory/cpu) a program is using up
|
|
|
|
|
+ - The number of processes found
|
|
|
|
|
+ - Folder monitoring ...
|
|
|
|
|
+
|
|
|
|
|
+#Architecture
|
|
|
|
|
+
|
|
|
|
|
+The architecture of the system is distributed with a central master node,
|
|
|
|
|
+ {
|
|
|
|
|
+ "id":"",
|
|
|
|
|
+ "key":"",
|
|
|
|
|
+ "apps":[],
|
|
|
|
|
+ "sandbox":[{"path":"","requirements":""}],
|
|
|
|
|
+ "folders":["path-1"],
|
|
|
|
|
+ "store":{}
|
|
|
|
|
+ "actions":{}
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+The agent will perform three basic functions :
|
|
|
|
|
+
|
|
|
|
|
+ - data collection (building up the dataset)
|
|
|
|
|
+ - classification of status for a given process:
|
|
|
|
|
+
|
|
|
|
|
+ x y z
|
|
|
|
|
+ 0 0 1 idle
|
|
|
|
|
+ 1 1 1 running
|
|
|
|
|
+ 0 0 0 crash
|
|
|
|
|
+
|
|
|
|
|
+ with x : memory used
|
|
|
|
|
+ y : cpu usage
|
|
|
|
|
+ z : number of processes found
|
|
|
|
|
+
|
|
|
|
|
+ - Prediction of crashes using multivariate anomaly detection
|
|
|
|
|
+ This allows the learner to determine if something unusual is happening.
|
|
|
|
|
+
|
|
|
|
|
+
|
|
|
|
|
+
|
|
|
|
|
|
Steve Nyemba