Log anomaly detection is crucial for preserving the security of operating systems. Depending on the source of log data collection, various information is recorded in logs that can be considered log modalities. In light of this intuition, unimodal methods often struggle by ignoring the different modalities of log data. Meanwhile, multimodal methods fail to handle the interactions between these modalities. Applying multimodal sentiment analysis to log anomaly detection, we propose CoLog, a framework that collaboratively encodes logs utilizing various modalities. CoLog utilizes collaborative transformers and multi-head impressed attention to learn interactions among several modalities, ensuring comprehensive anomaly detection. To handle the heterogeneity caused by these interactions, CoLog incorporates a modality adaptation layer, which adapts the representations from different log modalities. This methodology enables CoLog to learn nuanced patterns and dependencies within the data, enhancing its anomaly detection capabilities. Extensive experiments demonstrate CoLog's superiority over existing state-of-the-art methods. Furthermore, in detecting both point and collective anomalies, CoLog achieves a mean precision of 99.63%, a mean recall of 99.59%, and a mean F1 score of 99.61% across seven benchmark datasets for log-based anomaly detection. The comprehensive detection capabilities of CoLog make it highly suitable for cybersecurity, system monitoring, and operational efficiency. CoLog represents a significant advancement in log anomaly detection, providing a sophisticated and effective solution to point and collective anomaly detection through a unified framework and a solution to the complex challenges automatic log data analysis poses. We also provide the implementation of CoLog at https://github.com/NasirzadehMoh/CoLog.

翻译：日志异常检测对于维护操作系统的安全性至关重要。根据日志数据收集来源的不同，日志中记录的各种信息可被视为不同的日志模态。基于此直觉，单模态方法因忽略日志数据的不同模态而常常表现不佳。与此同时，多模态方法未能有效处理这些模态间的交互作用。通过将多模态情感分析应用于日志异常检测，我们提出了CoLog框架，该框架利用多种模态协同编码日志。CoLog采用协作Transformer和多头注意力机制来学习多个模态间的交互，确保全面的异常检测。为处理这些交互引起的异质性，CoLog引入了模态适应层，以适配来自不同日志模态的表征。该方法使CoLog能够学习数据中细微的模式和依赖关系，从而增强其异常检测能力。大量实验证明CoLog优于现有的最先进方法。此外，在检测点异常和集体异常方面，CoLog在七个基于日志的异常检测基准数据集上取得了平均精确率99.63%、平均召回率99.59%和平均F1分数99.61%的优异性能。CoLog全面的检测能力使其非常适用于网络安全、系统监控和运行效率提升。CoLog代表了日志异常检测领域的重大进展，通过统一框架为点异常和集体异常检测提供了复杂而有效的解决方案，并应对了自动日志数据分析所带来的复杂挑战。我们还在https://github.com/NasirzadehMoh/CoLog提供了CoLog的实现。