Ashfall is a lightweight log analyzer that detects anomalies and visualizes them with heatmaps. It transforms raw logs into actionable insights, highlighting unusual patterns in processes and actions.
- 🔎 Automatic delimiter detection – works with common CSV/TSV-style logs.
- 📊 Data audit – quick summary of shape, types, nulls, duplicates, constants.
⚠️ Anomaly detection – uses Isolation Forest on numeric columns to flag outliers.- 🧾 Top anomalous processes – aggregates unusual behavior by process name (
Basename). - 🌡️ Heatmap visualization – Basename × ActionId anomalies in a red-shaded matrix.
- 📂 Exports results – anomalies and summary tables as CSV files.
Requires Python 3.9+.
pip install pandas numpy seaborn scikit-learn matplotlibClone or copy ashfall.py into your working directory.
python ashfall.py /path/to/your/logfile.log- If no file is specified, defaults to
processlasso.log. - Outputs analysis to console, displays a heatmap, and writes CSV results next to the input file.
-
Console Audit
- Shape, dtypes, null percentages, duplicates, constants.
- Anomaly rate and top anomalous processes.
-
CSV Files
<logname>_anomalies.csv→ rows flagged as anomalous.<logname>_summary.csv→ aggregated anomaly counts by process.
-
Heatmap
- Matrix of anomalies by Basename × ActionId, red intensity indicates anomaly density.
python ashfall.py logs/system_events.csvOutput:
system_events_anomalies.csvsystem_events_summary.csv- Heatmap figure displayed inline.
- Only numeric columns are used for anomaly detection.
- If no numeric data exists, anomalies default to
0. - Designed for process-level log analysis, but adaptable to other structured log sources.