Could anyone explain me what this alarm does? I thought this alarm notices when new traffic for a software service is detected.
But I created a DMI to know how much traffic is captured right now and I see there was traffic before this alarm was raised.
This is for the detection of new service activity which means there was a traffic for the software service and after that no traffic was detected e.g.
Review the below link for better understanding.
goal of service activity alerts is to inform customer, that new service
recently started to be active in environment monitored by DC RUM. Similarly,
there are so called inactivity alerts, which inform customer that service which
was previously present in his environment, is not active anymore. In other
words, SAC (Service Activity Changes) are supposed to point out that something
new happened or something recently changed in the environment.
with SAC reports workflow we’d like to help customers to handle such changes,
to get the time context (Is this service completely new? Or perhaps it was previously
seen two weeks ago?) as well as server context (Is service marked as new
running on new, previously unknown server? Or maybe we can see new, unexpected
activity on our main server with multiple other, important services?). Of
course, further analysis of activity events with standard DC RUM explorers
reports is also available. Everything for purpose of making decision what to do
with new services (Monitor it as user defined software service? Investigate further
or inform another department? Ignore the change?) easier.
doubt, about traffic seen on DMI reports before triggering alert: SAC mechanism
consider service as an active when there is at least 5 minutes long time period
during which total bandwidth usage for the service is over 64Kbits/s. This
threshold has been introduced to avoid so called false alerts, indicating really
small amounts of traffic. Of course, value of the threshold is configurable.
This is obviously tip of an iceberg, we can go deeper into details if you like. However,
as a starting point I would strongly recommend not only to take a look at documentation
mentioned previously by Babar, but mainly to check an excellent webinar “Using
Service Activity Changes to understand my environment”: https://university.dynatrace.com/education/dcrum/...
My colleague, @Mike H. presents the feature, use cases, reports workflows, so
I strongly believe that you will find lot of answers in this material. Of course, I’ll
be happy to answer any further questions related to SAC, so in case of
doubts don’t hesitate to ask me.