Solved: Alerting - Do we have best practices for reducing alerts triggered by anomaly detection engine ?

murali_jayagopa · ‎28 Aug 2019

am looking for any principles to be followed while configuring default anomaly detection settings in Dynatrace

skrystosik · ‎28 Aug 2019

I don’t think there are any patterns you can use. What we are doing is making sure that We have all needed services. For example we are splitting processes into services manually if auto detection isn’t enough. In such cases you can change anomaly detection settings for each service if you need.

Another thing is tweaking global anomaly detection setting to make AI less sensitive (if after few days it is still to sensitive).

In general in 90% of cases default settings are fine. I understand that some problems are not serious issue for environment but they are important too. Sometimes you can see that small problem after some times transfer into something big. This is why you should keep reasonably number of issues reported by DT.

Sebastian

Regards, Sebastian

larry_roberts · ‎28 Aug 2019

Agreed with Sebastian. We have done the same. In fact one of the anomaly detections under global settings we 100% disabled was the TCP connectivity. It was generating way too many problems and is really not needed because the other types of problem will show if there truly is a TCP connectivity issue.

murali_jayagopa · ‎29 Aug 2019

How to analyse the problem alerts, we get alerts in 3 digit number every day. Any framework to stream line or bucket this alerts to make it actionable ? any thoughts on this @sebastian k.