NLLog rewrites log templates into WHO-WHAT-SEVERITY sentences, applies TF-IDF pooling and tree-ensemble classification with TreeSHAP back-projection, and reports better performance than two reproduced baselines on HDFS and BGL with low false positives on commodity hardware.
Self-supervised log parsing,
1 Pith paper cite this work. Polarity classification is still indexing.
1
Pith paper citing it
fields
cs.CR 1years
2026 1verdicts
UNVERDICTED 1representative citing papers
citing papers explorer
-
NLLog: Lightweight, Explainable SOC Anomaly Detection via Log-to-Language Rewriting
NLLog rewrites log templates into WHO-WHAT-SEVERITY sentences, applies TF-IDF pooling and tree-ensemble classification with TreeSHAP back-projection, and reports better performance than two reproduced baselines on HDFS and BGL with low false positives on commodity hardware.