Edge Delta Anomalies

You can receive alerts about anomalous behavior and see views designed to help with root cause analysis. This helps reduce the time needed to detect and resolve incidents.

Anomalies in Patterns

Once log patterns are streamed to the Edge Delta backend, monitors can be configured to detect anomalous behavior and trigger alerts to one or more notification channels. A pattern anomaly monitor is configured by default when you create an organization.

Pattern Anomaly Monitor

The Pattern Anomaly monitor uses a proprietary algorithm to detect unusual spikes in patterns with negative sentiment. Log patterns for a particular source (e.g. a Kubernetes namespace or controller) are analyzed in aggregate across pipelines, and an alert can be triggered if there is an unusual spike in either the total number of log messages with negative sentiment, or the number of unique negative patterns detected.

The algorithm is tuned to reduce false positives by accounting for repeated patterns (e.g. logs that result from a daily/weekly/monthly batch job) as well as normal fluctuations in log volume (e.g. increased traffic to a website during daytime hours).

OnCall AI

The Anomalies tab on the Logs page shows results of your monitors. Monitors analyze a pattern’s behavior to detect anomalies. Each anomaly is interpreted using OnCall AI which summarizes it and provides recommendations on how to remediate it.

OnCall AI:

• Analyzes the generalized patterns of the logs without specific information about log content contributing to the anomaly.
• Communicates the severity of the issue and what it’s impacting.
• Summarizes the negative behavior in conversational text.
• Provides a recommendation on how to resolve the issue.