The present disclosure relates to anomaly prediction and, more specifically, to systems and methods for feedback and customization in expert systems for anomaly prediction.
Expert systems are generally computer-implemented systems that simulate the judgment and behavior of a human or an organization, which has expert knowledge and experience in one or more particular fields. Typical expert systems are built from a complex collection of if-then rules based on expert knowledge in such fields.
Current systems for anomaly prediction from log files are mostly focused on mining system log files. Certain key metrics (e.g., CPU usage, memory used, memory free) are identified in the log files generated from a monitoring application, and the values of such metrics are used to detect the current state of the system (e.g., the system is busy, the network is slow, a packet dropping rate) and to forecast information about the system (e.g., disk consumption). In current systems, the values of such metrics are provided to an expert system, which uses the metric values to predict the occurrence of anomalies.