IT computer systems can be targets of numerous attacks and intrusions during operation. Although, the clues of different internal or external suspicious events are stored in log files of the systems, efficient detection of incidents and intrusions of the environment can be very difficult, because of the different formats and contents of data sets.

In our work, statistical-based data mining algorithms have been examined, which can be effectively used for detecting suspicious events based on information extracted from system log files. Several algorithms were taken into account and tested during our work; namely, classification, clustering, and outlier detection algorithms as well as time series analysis has been applied for determining usual and unusual behaviors and profiles of the IT services in order to support anomaly and intrusion detection. All of our results will be presented in our presentation in detail.