Skip to content

Instantly share code, notes, and snippets.

@holisticinfosec
Last active June 3, 2018 21:54
Show Gist options
  • Save holisticinfosec/6b6811f2df767b83e98f7ad690c33594 to your computer and use it in GitHub Desktop.
Save holisticinfosec/6b6811f2df767b83e98f7ad690c33594 to your computer and use it in GitHub Desktop.
Security Event Log Anomalies
# Created from Anomalize project, Matt Dancho
# https://github.com/business-science/anomalize
security_access_logs %>%
# Data Manipulation / Anomaly Detection
time_decompose(count, method = "stl") %>%
anomalize(remainder, method = "iqr") %>%
time_recompose() %>%
# Anomaly Visualization
plot_anomalies(time_recomposed = TRUE, ncol = 3, alpha_dots = 0.25) +
labs(title = "Security Event Log Anomalies", subtitle = "STL + IQR Methods")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment