The rapid progress of modern computing systems has led to a growing interest in informative run-time logs. Various log-based anomaly detection techniques have been proposed to ensure software reliability. However, their implementation in the industry has been limited due to the lack of high-quality public log resources as training datasets. While some log datasets are available for anomaly detection, they suffer from limitations in (1) comprehensiveness of log events; (2) scalability over diverse systems; and (3) flexibility of log utility. To address these limitations, we propose AutoLog, the first automated log generation methodology for anomaly detection. AutoLog uses program analysis to generate run-time log sequences without actually running the system. AutoLog starts with probing comprehensive logging statements associated with the call graphs of an application. Then, it constructs execution graphs for each method after pruning the call graphs to find log-related execution paths in a scalable manner. Finally, AutoLog propagates the anomaly label to each acquired execution path based on human knowledge. It generates flexible log sequences by walking along the log execution paths with controllable parameters. Experiments on 50 popular Java projects show that AutoLog acquires significantly more (9x-58x) log events than existing log datasets from the same system, and generates log messages much faster (15x) with a single machine than existing passive data collection approaches. We hope AutoLog can facilitate the benchmarking and adoption of automated log analysis techniques.

翻译：现代计算系统的快速发展推动了运行时日志信息的研究热潮。为保障软件可靠性，学术界提出了多种基于日志的异常检测技术。然而，由于缺乏高质量公开日志资源作为训练数据集，这些技术在工业界的应用仍然受限。尽管现有日志数据集可用于异常检测，但它们存在以下局限性：（1）日志事件的全面性不足；（2）对不同系统的可扩展性有限；（3）日志实用性的灵活性欠缺。针对上述问题，本文提出AutoLog——首个面向异常检测的自动化日志生成方法。该方法通过程序分析生成运行时日志序列，无需实际运行系统。AutoLog首先探测与应用程序调用图关联的全面日志语句；随后，通过剪枝调用图为每个方法构建执行图，以可扩展的方式定位日志相关执行路径；最后，基于人类知识将异常标签传播至每条获取的执行路径，并通过沿日志执行路径行走并设置可控参数生成灵活日志序列。在50个热门Java项目上的实验表明：AutoLog从同一系统获取的日志事件数量是现有日志数据集的9至58倍，且单机日志生成速度比现有被动数据采集方法快15倍。我们期望AutoLog能够推动自动化日志分析技术的基准测试与推广应用。