How Does Anomaly Detection Work?
Anomaly Detection uses machine learning capabilities to reduce the Mean Time to Detect (MTTD) when an anomaly occurs in a business transaction, base pages, databases, and network requests. It uses a specially designed algorithm that does not require you to configure anything.
The Anomaly Detection algorithm works as follows:
| Entity | Monitored Metrics |
|---|---|
| Application Servers |
The Anomaly Detection algorithm detects any abnormal readings reported for the CPU utilization and Memory utilization metrics. |
| Business transactions |
The Anomaly Detection algorithm detects any abnormal readings reported for the Errors per minute (EPM) metric and the Average Response time (ART) metric. It then combines the data it learned from these metric readings using heuristics that are designed to reduce alert noise. |
| Base pages for browser applications | The Anomaly Detection algorithm detects any abnormal readings reported for End User Response Time. |
| Databases | The Anomaly Detection algorithm detects any abnormal readings reported for the following metrics:
|
| Network requests for mobile applications | The Anomaly Detection algorithm detects any abnormal readings reported for Network Request, HTTP errors per minute, and network errors per minute. |
Anomaly Detection employs multiple techniques to ensure that the metric data it collects is accurate:
- It disregards any temporary spikes and periods of no data.
- It normalizes the metric data. For example, when determining the EPM metric data, any spikes may not indicate a real problem unless there is a corresponding increase in Calls per Minute (CPM). EPM data may not be useful in itself, hence, Anomaly Detection uses Error Rate (EPM/CPM).
- It does not apply traditional seasonal baselines. Instead, it correlates the variance of EPM and ART to CPM to obtain reliable results.