Anomaly-Based Alerting in Hybrid Cloud Observability
With version 2022.4, for Hybrid Cloud Observability Advanced customers, we’re excited to announce the availability of Anomaly-Based Alerting, which leverages our cloud-based AIOps service. Anomaly-Based Alerting integrates improves on standard Hybrid Cloud Observability alerting. It leverages machine learning to reduce the amount of "alert noise" that can happen for alerts that are solely based on static thresholds - even when small deviations that might trigger an alert are often expected.
Anomaly-Based Alerting requires a SolarWinds Platform server with an active Hybrid Cloud Observability Advanced license (non-evaluation) connected via Platform Connect to a SolarWinds Observability account.
Initial setup for Anomaly-Based Alerts
To use Anomaly-Based Alerting, you first need to connect your SolarWinds Platform server with an active Hybrid Cloud Observability license to SolarWinds Observability with Platform Connect.
If you've already enabled Platform Connect, you can go straight to creating an Anomaly-Based Alert. If you have not already enabled Platform Connect, you will be directed to the Platform Connect setup wizard the first time you navigate to Anomaly-Based Alerts in the SolarWinds Web Console.
Alternatively, you can enable Platform Connect separately by navigating to Settings -> All Settings, scroll down to the Platform Connect section -> Add/Edit Platform Connector. Follow the on-screen instructions to set up Platform Connect.
Create an Anomaly-Based Alert
You can create Anomaly-Based Alerts through a wizard with a similar look and feel to the standard Hybrid Cloud Observability alerting.
In the SolarWinds Platform Web Console, navigate to Alerts & Activity -> Anomaly-Based Alerts. This option will only be visible if you have an active Hybrid Cloud Observability Advanced license.
The wizard will guide you through the process. Select the Entity Type and Entities you want to alert on and the conditions under which the alert should trigger.
Anomaly-Based Alerting training period
Before an Anomaly-Based Alert can take advantage of its anomaly-detection capability, it has to spend some time training. Anomaly-Based Alerts begin this training period immediately after creation, and the amount of time the training takes depends on the metric selected. This can take up to a few hours.
By default, an Anomaly-Based Alert will not trigger until the training period has completed. If you would like the alert to trigger based on the conditions you have configured, even if the training period has not completed, or if the Anomaly Detection Service is down or otherwise not available, you can check the “Trigger alert if conditions are met but metrics are not trained or Anomaly Detection Service is down” checkbox when creating the alert.
Note that Anomaly-Based Alerts triggered with this box checked while the training period has not yet completed or if the service is not available will function as a normal SolarWinds Platform alert that does not take advantage of anomaly detection functionality. After training has completed, Anomaly-Based Alerts that were created with this box checked will take full advantage of Anomaly Detection as long as the service is available.
What kind of entities does Anomaly-Based Alerting work with?
When creating an Anomaly-Based Alert, we only show the supported entity types that work with Anomaly detection. Anomaly-Based Alerts can be used with certain supported metrics. In 2022.4, we support network node metrics being sent to the SolarWinds AIOps service in SolarWinds Observability via Platform Connect.
Managing Anomaly-Based Alerts
You can manage Anomaly-Based Alerts in the same way that you would manage other SolarWinds Platform alerts using the standard SolarWinds Platform alerts interface. In the SolarWinds Platform Web Console, navigate to Alerts & Activity -> Alerts. Then click Manage alerts.
Viewing Anomaly-Based Alerts
To see triggered Anomaly-Based Alerts, click Alerts & Activity -> Anomaly-Based Alerts. Filter alerts by alert status or node status, and see all relevant Anomaly-Based Alerts that have triggered.
Anomaly-Based Alerts status view
Anomaly-Based Alerts detail view