How Palo Alto Networks enhanced device security infra log analysis with Amazon Bedrock
Machine Learning Blog
This article describes how Palo Alto Networks built an automated log classification system using Amazon Bedrock to analyze 200 million daily logs and detect production issues proactively.
- Three-stage pipeline: intelligent deduplication, context retrieval, and severity classification
- Achieved 95% precision detecting critical P1 issues with 83% reduction in debugging time
- Over 99% cache hit rate through exact matching, overlap similarity, and semantic similarity
- Amazon Bedrock with Claude Haiku model classifies unique logs using dynamic few-shot learning
- Amazon Titan Text Embeddings enables vector similarity search for relevant historical examples
- Aurora caching layer reduces 200 million logs to less than 1% requiring LLM processing
- System improves automatically as SMEs validate classifications and label new examples
- Explainable classifications with detailed reasoning build operational confidence
The solution transforms reactive log monitoring into proactive issue detection, enabling faster incident response and preventing service outages through intelligent AI-powered log analysis at enterprise scale.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.