# 🔍 Log Analyzer + Alert Generator

A simple Python-based log analyzer that summarizes event types and raises alerts when thresholds are crossed. Useful for demonstrating debugging, performance monitoring, and modular design.

In [None]:
import pandas as pd
import numpy as np
import logging
from datetime import datetime
import matplotlib.pyplot as plt

logging.basicConfig(level=logging.INFO)


## 📁 Load Sample Logs

In [None]:
sample_data = [
    {"timestamp": "2025-07-20 12:01", "event": "login_success", "user": "alice"},
    {"timestamp": "2025-07-20 12:02", "event": "login_failure", "user": "bob"},
    {"timestamp": "2025-07-20 12:03", "event": "error_500", "user": "system"},
    {"timestamp": "2025-07-20 12:04", "event": "login_failure", "user": "bob"},
    {"timestamp": "2025-07-20 12:05", "event": "login_success", "user": "charlie"},
]

df = pd.DataFrame(sample_data)
df['timestamp'] = pd.to_datetime(df['timestamp'])
df.head()


## 📊 Visualize Event Distribution

In [None]:
event_counts = df['event'].value_counts()
event_counts.plot(kind='bar', title='Event Distribution', figsize=(8, 4))
plt.xlabel('Event Type')
plt.ylabel('Count')
plt.grid(True)
plt.tight_layout()
plt.show()


## 🚨 Detect Basic Anomalies

In [None]:
def detect_anomalies(df, event="login_failure", threshold=2):
    failures = df[df["event"] == event]
    if len(failures) >= threshold:
        logging.warning(f"High volume of {event}: {len(failures)} events")
        return True
    return False

anomaly = detect_anomalies(df)
print("Anomaly Detected:", anomaly)


## 📦 Modularize Log Analysis

In [None]:
def analyze_log(dataframe, alert_thresholds=None):
    alert_thresholds = alert_thresholds or {"login_failure": 3, "error_500": 1}
    summary = dataframe['event'].value_counts().to_dict()
    alerts_triggered = {}
    
    for event, threshold in alert_thresholds.items():
        count = summary.get(event, 0)
        if count >= threshold:
            alerts_triggered[event] = count
            logging.warning(f"[ALERT] {event.upper()} occurred {count} times!")

    return summary, alerts_triggered

summary, alerts = analyze_log(df)
summary, alerts
