Cisco Observability Platform Anomaly Detection Configuration API

Note

The Cisco Observability Platform Anomaly Detection Configuration API is currently beta and is subject to change. If you adopt a beta API, it may not be fully compatible with future versions.

The Cisco Observability Platform Anomaly Detection automatically determines whether services and service instances in your application perform within the acceptable performance limits. This feature helps to reduce the Mean Time To Detection (MTTD) for application performance problems by identifying the root cause of the anomaly.

Anomaly Detection uses machine learning capabilities to continuously monitor latency, error and throughput of services to identify abnormal behavior. It uses an algorithm that does not require any manual configuration. The Anomaly Detection algorithm:

  • Detects if any abnormal reading is reported for the Errors per Minute (EPM) metric.

  • Detects if any abnormal reading is reported for the Average Response Time (ART) metric.

  • Combines the data it learned from these metric readings using heuristics that are designed to reduce alert noise.

The anomaly data helps you to perform the root cause analysis (RCA) faster with less manual work and thus prevent incidents.

For more information, see Anomaly Detection.

The Cisco Observability Platform Anomaly Detection Configuration API is a collection of public REST endpoints. Using the API, you can do the following:

  • Create Anomaly Detection configurations to identify anomalous behaviour on supported entities.

  • Configure Anomaly Detection sensitivity.

  • View the list of Anomaly Detection configurations on a specific entity or across entities.

Anomaly Detection Sensitivity

The anomaly detection sensitivity determines the statistical confidence required to generate an alert. Choosing an appropriate sensitivity level helps you to find the right balance between the alert volume and the percentage of issues detected by anomaly detection.

You can choose one of the following sensitivity levels according to your business need:

  • High: Use this level for business-critical services to ensure that no issue gets undetected in your environment. It prioritizes issue detection over alert volume.

  • Medium: Use this level for services that are important to your business but not critical.

  • Low: Use this level for services that have low business impact and to avoid too many alerts.

  • Test: Use this level to test the Anomaly Detection feature in development and pre-production environments. Note that you must not use this level in your production environment.