Comprehensive software reviews to make better IT decisions
AWS Improves Container Monitoring, Part 3: Anomaly Detection
AWS is previewing Anomaly Detection, a CloudWatch component that allows for greater visibility into containerized applications using microservice architectures.
Anomaly Detection is aimed at improving monitoring by making it easier to set up alarms.
Traditional alarms in AWS are based on static, set thresholds. For example, you might configure an instance to set off an alarm once CPU usage reaches >90% utilization. The user has to do the work to make sure that the threshold is reasonable, and the threshold is fixed until the alarm is changed or modified.
The problem with set thresholds is that they do not account for seasonality or other variance. Setting the threshold too low will result in a number of false, inactionable alerts triggered by normal workload behavior. False alerts waste time and desensitize administrators to the truly important alerts. If you set the threshold too high, performance might suffer before you ever receive an alert, or you might receive an alert once the situation has already deteriorated.
Anomaly Detection solves this problem by allowing AWS users to have more dynamic thresholds on their alarms. It creates a band around performance metrics (e.g. CPU or memory utilization) based on the range within which those metrics would be expected to fall.
The service uses machine learning to determine what an appropriate default band size would be and also allows the user to edit the size of the band. Furthermore, the service also uses machine learning to adapt to the usage patterns of the workload in your environment.
For example, it will learn when normal spikes in usage occur and increase the threshold to avoid setting off false alarms for these normal spikes (e.g. peak hours for visits to your website). Currently, it uses the past two weeks of usage data.
Anomaly Detection also allows users to exclude certain time periods from the machine learning training. This allows you to avoid training it on outlier data that might skew the model.
Once the band is established, users can decide whether to set the alarm for usage patterns that are outside the band, below the band, or above the band.
Users can receive alerts from the alarm via email or SMS and can even trigger a Lambda function from the alert.
False positives are a large problem for operations teams. Relying on static thresholds for alarms does not reflect reality in all scenarios.
Out-of-the-box thresholds that are dynamic and based on machine learning will be a welcome solution to cloud operations teams.
Anomaly Detection should make monitoring easier and give AWS users a head start, but AWS users should avoid treating it as a set-it-and-forget-it feature and should not expect it to do all the heavy lifting for them.
IT professionals will have to experiment with Anomaly Detection to ensure that it suits their service’s performance-monitoring needs. At the end of the day, they may still need to supplement it with their own or third-party solution to provide adequate monitoring for certain workloads.
Want to Know More?
ServiceNow’s Orlando release introduced Now Intelligence, a set of features that strengthen ServiceNow’s lead in the AI-powered IT service management (ITSM) and digital transformation space.
Microsoft has announced self-service purchasing, the ability for any O365 user to buy Power Platform products directly through their corporate O365 tenant. This raises numerous concerns with IT leaders and O365 administrators.
ServiceNow version New York has entered General Availability. These features should delight high-maturity IT departments but are mostly worthless for low-maturity groups.
Quest On Demand has added two new features to help organizations further streamline Office 365 management and potentially reduce costs.
VMware challenges IT to be more than it may be comfortable with: technologists as members of an elite caste charged with the moral use of technology and guarding the uninitiated against negative consequences.
Analysts make their bones on prognostication and prediction, and the imminent demise of any given technology is a mainstay of their subject matter. San Francisco-based VMware has made its sacrificial offerings but for two different auguries. First the place and dominance of public cloud as the center of the enterprise IT activity and work. Secondly, and more importantly, the enduring importance of self-service, elasticity, measure service, broad network access, and pooled resources.
VMware acquires Carbon Black, a cloud-based endpoint protection solution, at $26 per share, representing an enterprise value of $2.1 billion.
AWS is previewing new services that aim to make it easier for customers to monitor containerized applications built using microservice architectures. This should help simplify container operations in the cloud for AWS users.
AWS is previewing Container Insights, a CloudWatch component that allows for greater visibility into containerized applications using microservice architectures.