Towards Multi-System Log Anomaly Detection

Despite advances in unsupervised log anomaly detection, current models require datasetspecific training, causing costly procedures, limited scalability, and performance bottlenecks. Furthermore, numerous models lack cognitive reasoning abilities, limiting their transferability to similar systems. Additionally, these models often encounter the "identical shortcut" predicament, erroneously predicting normal classes when confronted with rare anomaly logs due to reconstruction errors. To address these issues, we propose MLAD, a novel Multi-system Log Anomaly Detection model incorporating semantic relational reasoning. Specifically, we extract cross-system semantic patterns and encode them as highdimensional learnable vectors. Subsequently, we revamp attention formulas to discern keyword significance and model the overall distribution through vector space diffusion. Lastly, we employ a Gaussian mixture model to highlight rare word uncertainty, optimizing the vector space with maximum expectation. Experiments on real-world datasets demonstrate the superiority of MLAD 1 .