Get information on DX Operational Intelligence anomaly detection
search cancel

Get information on DX Operational Intelligence anomaly detection


Article ID: 262716


Updated On:




I need information about the operation of anomaly detection implemented by the DX Operational Intelligence.

What is the machine learning technique used? Which or what algorithms are used for anomaly detection? Random Forests (RF), Random Cut Forests (RCF).

Where to parameterize the Operational Intelligence DX to increase detection accuracy? How to definition of window and data aggregation?

Where can we identify the severity of the anomaly and the confidence score?

What time is the minimum time for the algorithm to increase your confidence score to the fullest?


Release : SAAS


Here are the info provided by Dev...


We use T-digest’s AVLTree model for Anomaly detection
Bands - Mean, Rare
Anomaly - Rare (3 sigma , 99.7% quantile, 0.03% quantile)
Seasonality: We go with 24*7 =168 datapoints with hour of day for day of week (hour of week). We’ll have 24*7 t-digets for every metric.
Day of month or higher seasonality not supported.
Bands are stored in NASS metric extensions.
This algorithm requires 500 data points to predict anomalies accurately (not too much noisy).
So initially out model is in same hourly learning model, and once we get 500 data points we create the hour of the week models and start having 24*7 t-digest models each of them having learning 500 + hour specific data points - merge the t-digests. Now each of these 168 buckets / t-digests calculate bands and anomalies. 
Only single severity of alarms is raised - Major.  An alarm is raised whenever the data value breaches the Rare band (3-sigma)