关键词: 日志异常检测, 深度学习, 词嵌入, Transformer, Text-CNN

Abstract: Log data, as one of the most important data resources in software systems, records detailed information during system operation, and automated log anomaly detection is crucial for maintain- ing system security. With the widespread application of large language models in the field of natural language processing, Transformer-based log anomaly detection methods have been widely proposed. Traditional Transformer-based methods struggle to capture the local features of log sequences. To address this issue, this paper proposes a log anomaly detection method, LogTC, based on Transformer and Text-CNN. Firstly, logs are converted into structured log data through rule matching, while preserving the effective information in log statements. Secondly, log statements are divided into log sequences using fixed windows or session windows according to log characteristics. Thirdly, natural language processing technology, specifically Sentence-BERT, is used to generate semantic representations of log statements. Finally, the semantic vectors of the log sequences are input into the LogTC log anomaly detection model for detection. Experimental results show that LogTC can effectively detect anomalies in log data and achieves good results on two datasets.

Key words: log anomaly detection, deep learning, word embedding, Transformer, Text-CNN