Anomaly Detection must be enabled, but requires no configuration except to limit anomaly alerting. Enabling Anomaly Detection also enables Automated Root Cause Analysis.

Anomaly Detection and Automated Root Cause Analysis are available to only SaaS customers.

Enable Anomaly Detection

You need to enable Anomaly Detection separately for each application. 

  1. In Alert & Respond > Anomaly Detection, select the desired application from the dropdown, and toggle Anomaly Detection ON.
    After you enable Anomaly Detection, it takes 48 hours for Anomaly Detection and Automated Root Cause Analysis to become available. During that time, the machine learning models train on the business transactions in your application.

    Anomaly Detection Toggle

  2. Select Alert & Respond > Anomaly Detection Model Training to view Business Transaction training status.
    Business Transaction Model Training
    This table explains the training statuses of a Business Transaction.

    In TrainingModel training is in progress for the Business Transaction.
    ReadyModel training is complete and the Business Transaction is healthy.
    WarningModel training is complete, but the Business Transaction has experienced one or more Warning level anomalies during the training period.
    CriticalModel training is complete, but the Business Transaction has experienced one or more Critical level anomalies during the training period.
    Not AvailableModel training is incomplete and the Business Transaction is not visible to Anomaly Detection.

    The models continue training as long as Anomaly Detection is enabled. If traffic to a Business Transaction is interrupted for long enough duration preventing training that day, Anomaly Detection continues to function using the models from the previous seven days. 

    No machine learning models are trained for Business Transactions that have very low calls per minute (CPM), because the sample size will be so small that the resulting model will be unreliable.

Monitor Anomalies

  1. From Applications > Business Transactions, select any Business Transaction of interest.
  2. Click the Warning or Critical icon in the Health column.
    Business Transactions Health
    A list of health rule violations and anomalies for the Business Transaction displays:
     Health Rule Violations and Anomalies 
  3. You can view the lists of anomalies in multiple ways. Monitoring anomalies can reflect how you work with AppDynamics. Choose any of these options to open a detailed view that includes the results of Automated Root Cause Analysis.
    • If you set up and validate tools for a tools team:
      View the anomaly details from Alert & Respond > Anomaly Detection > Anomalies
      Tools Anomalies
    • If you monitor applications for an application operations team:
      • From Applications > Events, filter Event Types to include anomalies
        Application Anomalies
      • From Applications > Troubleshoot > Violations & Anomalies, filter Event Types to include anomalies
        Event Type Anomalies

You can configure policies to be triggered by anomalies, similar to the way you configure policies to be triggered by Health Rules

Configure Anomaly Detection

By default, Anomaly Detection alerts you about the anomalies found in all the Business Transactions in your application. However, you can configure Anomaly Detection to surface only those anomalies within the combination of Business Transactions, severity level, and detection sensitivity that you specify. Do this if you prefer to see fewer and more narrowly focused alerts:

  1. Click Configure Anomaly Detection to open the configuration dialog.

    Configure Anomaly Detection

  2. Select one of the following Business Transactions on which you want Anomaly Detection to alert:
    • All Business Transactions in the Application (this is the default selection)
    • Business Transactions within the specified Tiers
    • These specified Business Transactions
    • Business Transactions matching the following criteria:
      • Starts With
      • Ends With
      • Contains
      • Equals
      • Matches Regular Expression
      • Is in List
      • Is Not Empty

        You can also select the NOT operator to reverse the criteria.

  3. Select one of the following severity levels:
    • All Severities (includes both Warning and Critical)
    • Critical 
    • Warning

  4. In Detection Sensitivity, select one of the following levels:

    Sensitivity LevelDescription
    HighUse this level for business-critical services to ensure that no issue gets undetected in your environment. It triggers more alerts but with lower statistical confidence.
    MediumUse this level for services that are important to your business but not critical. By default, this sensitivity level is selected.
    LowUse this level for services that have low business impact and to avoid too many alerts.
  5. If you want to test anomaly detection in a non-production environment, select Yes, turn on test mode.

    The test mode allows you to assess anomaly detection capabilities in non-production environments. In this mode, the anomaly detection accurately detects any performance issues even if metric data collection is low. You can use the test mode in your development or staging environments.

  6. Click Save to complete the configuration.