Welcome!

Blog Feed Post

Analyzing Change for Anomaly Detection

Change is the only constant in life. There are many definitions of change, but for the purpose of this blog, I will define change as any deviation or variation between two or more instances. Just as we as humans experience changes in our mood on a regular basis, applications often change from release to release. The problem with change is we usually don’t know whether it will have positive or negative consequences until after it’s occurred. When deciding to implement a change you can weigh the pros and cons and collect all kinds of data, but you can never be 100% sure of what the outcome will be until the process is complete.

Further complicating matters, not all changes are planned. Unplanned changes can be due to natural and random variation, factors unintentionally introduced, or they can be the result of an error. Whatever the case changes can lead to deviations from the norm and produce unexpected results and in the worse case an outage. More important than knowing that change happens is being able to identify and understand the impact change has in an attempt to predict when issues may occur.

Throw anomalies into the mix, and you can end up losing your mind, trying to determine if a change is due to an anomaly or if a change wasn’t picked up because of an anomaly. Anomalies don’t conform to normal patterns but are critical to detect. In Anomaly Detection – Using Machine Learning to Detect Abnormalities in Time Series Data” Applications the need for applications “to detect abnormal behavior which can be an indication of systems failure or malicious activities, and they need to be able to trigger the appropriate steps towards taking corrective action is described. But anomalies can only be detected when there is agreement as to what defines normal vs. abnormal behavior, and how far can something deviate before it is considered an anomaly.

Applications can experience different performance at different times, but these variations aren’t always cause for concern. For a B2B application, a decline in the number of connections to the API during non-business hours may not be a cause for alarm, fewer requests are made because fewer people are accessing the application. A decline during peak business hours would, however, be a cause for concern. The complexity of having multiple baselines and normals makes it harder to identify anomalies. Only once a baseline of “normal” has been defined can anomalies and change be measured.

In the monitoring world, change can be a fundamental symptom that something has gone wrong and may get worse. Sites experiencing a “hug of death” from a post going viral see a pattern. Traffic to the site starts to increase, then response times slowly start to creep up, and some eventually experience an outage. CodInGame shared their lessons learned from a Reddit hug of death where they went from rejoicing to crisis mode Receiving an alert that an unexpected change has occurred can lead to a flurry of activity and an all hands on deck situation to diagnose and remedy the problem and reduce the impact or avoid an outage.

We rely on machines to help us detect and recognize when something has changed or identify anomalies in a large dataset. Before an outage occurs, there may be indicators that something has changed such as what CodInGame experienced, identifying those changes quickly can reduce the impact of the outage. We set an alert when thresholds are exceeded and identify shifts in trends that can indicate something has gone wrong. Identifying a change has occurred helps us detect when something is amiss and Identify what caused the change. Analyzing change is at the core of the troubleshooting process.

How Catchpoint Can Help

Using lessons learned from past incidents and historical data you can prepare for the next time a similar change occurs. Detecting change is easier with some features from Catchpoint that automatically detect change based on historical trends:

Trailing value alerts compare incoming data for a recent timeframe to a historical timeframe on a per node basis.

Trend shift alerts detect significant or abrupt changes from normal performance and fire an alert, as opposed to having small spikes trigger an alert. Gradual changes over time will not impact the accuracy of the alert as the trend adapts with new test data.

Outage Analyzer to identify regional outages based on changes in real user traffic patterns.

Being able to quickly detect and identify change enables organizations to take action and resolve issues as soon as possible.

The post Analyzing Change for Anomaly Detection appeared first on Catchpoint's Blog - Web Performance Monitoring.

Read the original blog entry...

More Stories By Mehdi Daoudi

Catchpoint radically transforms the way businesses manage, monitor, and test the performance of online applications. Truly understand and improve user experience with clear visibility into complex, distributed online systems.

Founded in 2008 by four DoubleClick / Google executives with a passion for speed, reliability and overall better online experiences, Catchpoint has now become the most innovative provider of web performance testing and monitoring solutions. We are a team with expertise in designing, building, operating, scaling and monitoring highly transactional Internet services used by thousands of companies and impacting the experience of millions of users. Catchpoint is funded by top-tier venture capital firm, Battery Ventures, which has invested in category leaders such as Akamai, Omniture (Adobe Systems), Optimizely, Tealium, BazaarVoice, Marketo and many more.

Latest Stories
SYS-CON Events announced today that MobiDev, a client-oriented software development company, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MobiDev is a software company that develops and delivers turn-key mobile apps, websites, web services, and complex software systems for startups and enterprises. Since 2009 it has grown from a small group of passionate engineers and business...
What's the role of an IT self-service portal when you get to continuous delivery and Infrastructure as Code? This general session showed how to create the continuous delivery culture and eight accelerators for leading the change. Don Demcsak is a DevOps and Cloud Native Modernization Principal for Dell EMC based out of New Jersey. He is a former, long time, Microsoft Most Valuable Professional, specializing in building and architecting Application Delivery Pipelines for hybrid legacy, and cloud ...
The Internet giants are fully embracing AI. All the services they offer to their customers are aimed at drawing a map of the world with the data they get. The AIs from these companies are used to build disruptive approaches that cannot be used by established enterprises, which are threatened by these disruptions. However, most leaders underestimate the effect this will have on their businesses. In his session at 21st Cloud Expo, Rene Buest, Director Market Research & Technology Evangelism at Ar...
SYS-CON Events announced today that GrapeUp, the leading provider of rapid product development at the speed of business, will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Grape Up is a software company, specialized in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market acr...
SYS-CON Events announced today that Ayehu will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on October 31 - November 2, 2017 at the Santa Clara Convention Center in Santa Clara California. Ayehu provides IT Process Automation & Orchestration solutions for IT and Security professionals to identify and resolve critical incidents and enable rapid containment, eradication, and recovery from cyber security breaches. Ayehu provides customers greater control over IT infras...
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
We build IoT infrastructure products - when you have to integrate different devices, different systems and cloud you have to build an application to do that but we eliminate the need to build an application. Our products can integrate any device, any system, any cloud regardless of protocol," explained Peter Jung, Chief Product Officer at Pulzze Systems, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA
"Loom is applying artificial intelligence and machine learning into the entire log analysis process, from start to finish and at the end you will get a human touch,” explained Sabo Taylor Diab, Vice President, Marketing at Loom Systems, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, discussed some of the security challenges of the IoT infrastructure and related how these aspects impact Smart Living. The material was delivered interac...
Artificial intelligence, machine learning, neural networks. We’re in the midst of a wave of excitement around AI such as hasn’t been seen for a few decades. But those previous periods of inflated expectations led to troughs of disappointment. Will this time be different? Most likely. Applications of AI such as predictive analytics are already decreasing costs and improving reliability of industrial machinery. Furthermore, the funding and research going into AI now comes from a wide range of com...
The financial services market is one of the most data-driven industries in the world, yet it’s bogged down by legacy CPU technologies that simply can’t keep up with the task of querying and visualizing billions of records. In his session at 20th Cloud Expo, Karthik Lalithraj, a Principal Solutions Architect at Kinetica, discussed how the advent of advanced in-database analytics on the GPU makes it possible to run sophisticated data science workloads on the same database that is housing the rich...
"When we talk about cloud without compromise what we're talking about is that when people think about 'I need the flexibility of the cloud' - it's the ability to create applications and run them in a cloud environment that's far more flexible,” explained Matthew Finnie, CTO of Interoute, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
When growing capacity and power in the data center, the architectural trade-offs between server scale-up vs. scale-out continue to be debated. Both approaches are valid: scale-out adds multiple, smaller servers running in a distributed computing model, while scale-up adds fewer, more powerful servers that are capable of running larger workloads. It’s worth noting that there are additional, unique advantages that scale-up architectures offer. One big advantage is large memory and compute capacity...