rule-based AD customer success story #3571
Conversation
kaituo
requested review from
elfisher,
AMoo-Miki,
nknize,
krisfreedain,
peterzhuamazon,
CEHENKLE,
dtaivpp,
kolchfa-aws,
nateynateynate and
natebower
as code owners
| ## Enhanced Features: Customizable Suppression Rules | ||
| To address these challenges, we've implemented significant improvements in OpenSearch 2.17 and above, focusing on Customizable Suppression Rules. This enhancement allows users to set specific thresholds to ignore anomalies based on both absolute values and relative percentages. | ||
|
|
||
| The suppression rules feature is particularly powerful for handling common scenarios that previously generated false positives. For example, in monitoring transaction volumes, EBSCO could configure rules to suppress alerts when variations stay within expected thresholds (such as ignoring drops less than 25% and increases greater than 50% above normal levels), while still detecting significant drops that might indicate real issues. |
There was a problem hiding this comment.
We can also add this as a last paragraph to the enhancement section:
Additionally, in OpenSearch 2.19 and above, we have added the capability for users to add more general criteria for what a detector will consider as an anomaly. Each feature in a detector can now be configured so that we only look at either spikes or dips in the data for that feature. For example, if a user is configuring a feature which looks at CPU data across their fleet, they can configure their features so anomalies are only detected if the actual values are higher than the expected values because of a spike in CPU. A dip in CPU in this case would not trigger anomalies.
Signed-off-by: Kaituo Li <[email protected]>
|
Additional screenshots that can be used with the feature direction |
Signed-off-by: Kaituo Li <[email protected]>
Signed-off-by: Fanit Kolchina <[email protected]>
Signed-off-by: Fanit Kolchina <[email protected]>
Signed-off-by: kolchfa-aws <[email protected]>
There was a problem hiding this comment.
@kolchfa-aws Editorial review complete. Please see my comments and changes and let me know if you have any questions. Thanks!
| --- | ||
|
|
||
| As organizations increasingly rely on cloud services, monitoring and detecting anomalies in system behavior has become crucial for maintaining reliable operations. In this post, we'll explore recent improvements to Amazon OpenSearch Service's Anomaly Detection (AD) feature, highlighting how these enhancements have helped EBSCO Information Services optimize their transaction logging system monitoring. | ||
|
|
There was a problem hiding this comment.
Note: AWS does not appear to use AD as an abbreviation for anomaly detection, nor do they capitalize it as a proper noun when talking about it as a feature.
Co-authored-by: Nathan Bower <[email protected]> Signed-off-by: kolchfa-aws <[email protected]>
|
@kolchfa-aws @natebower After the editorial review is complete, please hold off on merging. I still need to coordinate with the customer to have them submit their security review. |
Description
This PR contains the content for publishing the blog on rule-based AD customer success story.
Issues Resolved
#3560
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the BSD-3-Clause License.