holisticinfosec/Security_Event_Log_Anomalies.R

## Security_Event_Log_Anomalies.R
# Created from Anomalize project, Matt Dancho
# https://github.com/business-science/anomalize
security_access_logs %>%
  # Data Manipulation / Anomaly Detection
  time_decompose(count, method = "stl") %>%
  anomalize(remainder, method = "iqr") %>%
  time_recompose() %>%
  # Anomaly Visualization
  plot_anomalies(time_recomposed = TRUE, ncol = 3, alpha_dots = 0.25) +
  labs(title = "Security Event Log Anomalies", subtitle = "STL + IQR Methods")
	# Created from Anomalize project, Matt Dancho
	# https://github.com/business-science/anomalize
	security_access_logs %>%
	# Data Manipulation / Anomaly Detection
	time_decompose(count, method = "stl") %>%
	anomalize(remainder, method = "iqr") %>%
	time_recompose() %>%
	# Anomaly Visualization
	plot_anomalies(time_recomposed = TRUE, ncol = 3, alpha_dots = 0.25) +
	labs(title = "Security Event Log Anomalies", subtitle = "STL + IQR Methods")