Knowledge Base Site24x7 Knowledge Base User Visibility Reporting

            Different cases considered for domain scoring and severity benchmarking in Anomaly Dashboard.

            The following methodologies (in the same order specified below) are usually considered for the final score determination:

            1. Another attribute of the same monitor detected as anomalous

            It facilitates the increase of the overall anomaly score if an anomaly is detected with another attribute of the same monitor.

            2. Dependent monitors detected with anomaly

            Severity of the anomaly detected in a monitor can be increased if any of the monitors, which are dependent on it or monitor for which it is dependent has anomalies. For example, a URL monitor has a Server monitor as a dependent monitor. If URL monitor has 'Response time' anomaly and at the same time interval, a Server monitor also has 'CPU Usage anomaly', then the score and severity of anomaly will be increased. It can also be inferred that Response time spike is due to spike in CPU usage of underlying server.

            These dependent monitors are associated during the additon of the monitor. 

            3. Parent/child monitors are anomalous

            Dependency scoring can also be done using Parent/Child dependency. For example, if an underlying plugin monitor has any anomaly, it will also affect the health of the parent server monitor. So, whenever an anomaly occurs in a monitor, we will check if there exists any child monitor of it. If the child monitor also has anomaly, score will be increased and we can infer that the anomaly in parent might be caused due to child monitor's anomaly.

            4. Monitors, grouped under the same Monitor Group detected as anomalous

            If any of the monitors in the monitor groups (to which current monitor with anomaly belongs to) have anomalies in last half an hour, then it'll increase the overall score. There are two types to add the score:

            • Infrastructure monitors:
              For infrastructure monitors, if there's an anomaly in the same monitor group, it increases the overall score.

            • Non-infrastructure monitors:
              If non-infrastructure monitors have anomaly in same monitor group, it increases  the score.

            5. Other monitor with the same Tags (user defined tags) has anomaly

            If monitors with same tags have anomaly, it increases the score for ingrastructure as well as non-infrastructure monitors.

            6. Monitors with the same Fully Qualified Domain Name (FQDN) has anomaly

            Monitors having same domain name can also be grouped together for Anomaly scoring. In most of the cases, monitors with same domain are affected or have anomalies at the same period. 

            7. Monitors with the same Server name

            Monitors having same server name can be grouped together for Anomaly scoring.

            8. Same Monitor Type

            If none of the above cases are satisfied, scoring is handled based on anomalies detected in other monitors of the similar monitor type.

            Updated: 20 Nov 2018 07:17 AM
            Help us to make this article better
            0 0