Performance Anomaly Detection for Java Applications with the Elastic Stack

With Kibana’s machine learning feature you can setup an anomaly detection process in order to detect anomalous patterns in your application’s performance metric data. In it’s simplest form, you are interested in higher and lower response times than usual. Every application is unique in terms of what is usual. Baselining is the key to learn what is meant to be usual for your application and gives you the power to know when something unusual or unexpected happens – an anomaly.

Detecting Anomalies With Kibana

Kibana’s machine learning let’s you use your performance metric data to compute baselines that can be used for monitoring transactions. You can get the baselines from calculations on historic performance metric data, e.g., from the last days, and apply them in real-time to the data that is just coming in.

The Anomaly Explorer visualizes detected anomalies by time, transaction and its severity. You can quickly and easily see at a glance what you need to take action. The Single Metric Viewer shows you the time series analysis of the anomaly detector – in the screenshot below for a particular transaction of interest.

With the X-Pack alerting feature you can create watches (alerts) to get automatically notified when an anomaly gets detected. You don’t have to keep an eye on the Anomaly Explorer for 24 hours a day, 7 days a week. You will have an email in your inbox, a Slack message in your chat or a third party system triggered when your attention is demanded.

In our next post, we will ship browser real user monitoring data to Elasticsearch and analyze it with Kibana. Questions? Thoughts? You want stay up-to-date on the topic? We would love to hear from you. Tweet us at @novatecgmbh or email us at apm@novatec-gmbh.de