Today, we’re excited to unveil the Anomaly Detection feature. It will enable users to create smarter alerts based on dynamic metrics, moving beyond traditional fixed-threshold alerts.

It will soon be available to all our users and is currently undergoing beta testing with select users.

By detecting deviations from expected patterns, Anomaly Detection will help you stay informed about critical issues without getting overwhelmed by irrelevant alerts.

Let’s dig in deeper.

Why We Built the Anomaly Detection Feature

Fixed-threshold alerts have been the standard for many metrics, but they aren't suitable for every use case. Some metrics, like CPU usage, work well with a fixed threshold, but others, such as request rates or traffic patterns, fluctuate throughout the day.

Setting a fixed threshold for these metrics often leads to false alerts or missed issues. Our users requested a more dynamic alerting system that could adapt to the changing behavior of their data. This need drove the development of Anomaly Detection, allowing teams to monitor their metrics intelligently and avoid alert fatigue.

Anamoly Detection alert in SigNoz
Anamoly Detection alert in SigNoz

How Anomaly Detection Works

Here’s a short demo of how Anomaly Detection works in SigNoz:

The underlying logic behind Anomaly Detection is based on observing seasonal patterns in historical data. For metrics that display consistent trends—such as higher traffic during business hours or specific days of the week—the model uses past seasons (like daily or weekly patterns) to predict expected values.

The model calculates:

  • Predicted Value: Based on historical data, it forecasts the expected value.
  • Upper and Lower Bounds: These are calculated using standard deviation to allow for reasonable fluctuations. Users can configure how sensitive the alert should be by adjusting the deviation range.

An alert is triggered if the actual metric value falls outside these bounds, signaling an anomaly.

Use Cases for Anomaly Detection

Some use cases of the Anomaly Detection feature are:

  • Dynamic Metrics: For metrics with fluctuating patterns, such as request rates that peak during certain hours, anomaly detection helps capture irregularities that may signal issues, such as sudden traffic spikes or drops.
  • DDoS Attack Detection: An unexpected surge in traffic might indicate a DDoS attack. Anomaly detection can trigger alerts when traffic patterns deviate significantly from normal.
  • Service Load Monitoring: If your services exhibit normal, cyclical patterns (e.g., daily or weekly), this feature helps detect when specific services or infrastructure are under unusual load.

Future Roadmap for Anomaly Detection

This feature is just the beginning of our journey toward more intelligent alerting. Some things that you can expect in the future:

  • Outlier Detection: For services running on multiple machines or shards, outlier detection will identify when one component is behaving differently from the others, providing deeper insights into performance anomalies.
  • Automated Seasonality Detection: We aim to make the system even more user-friendly by automatically identifying the appropriate seasonality for each metric, reducing the need for manual configuration.
  • Enhanced Change Detection: Alerts based on significant changes from past data (time-shifted alerts) will become more streamlined, making it easier for users to detect meaningful changes in their systems.

Get Started with Anomaly Detection

Anomaly Detection is now available in SigNoz, enabling users to create smarter, more adaptive alerts. We invite you to try out this feature and share your feedback through our Slack community. This is just the first step in adding more intelligence to your alerting workflows, and we’re excited to hear your thoughts!

Get Started - Free CTA

Be sure to follow the rest of our launch week for more exciting feature announcements!

Join us for Launch Week

From Sep 16 to Sep 20, we will announce a feature everyday at 9AM PT to level up your observability.

Join Us for SigNoz Launch Week 2.0

Day 1 - Ingest Guard

Day 2 - Anomaly Detection

Day 3 - Correlated Signals

Day 4 - Alerts History & Scheduled Maintenance

Day 5 - Logs Improvement

Was this page helpful?