Abstract: A system and method for extracting a plurality of structured data from one or more information sources. The method comprises receiving the information sources, receiving at least one pattern descriptor selected from a graphical user interface, and receiving one or more templates with each templates having at least one pattern descriptor. The method then proceeds to apply the one or more templates to the information sources. The method generates the plurality of structured data in a common format by parsing the information sources with the templates. The method stores the structured data in the common format.

Abstract: A system and method for detecting one or more anomalies in a plurality of observations. In one illustrative embodiment, the observations are real-time network observations collected from a plurality of network traffic. The method includes selecting a perspective for analysis of the observations. The perspective is configured to distinguish between a local data set and a remote data set. The method applies the perspective to select a plurality of extracted data from the observations. A first mathematical model is generated with the extracted data. The extracted data and the first mathematical model is then used to generate scored data. The scored data is then analyzed to detect anomalies.