View Logs Anomaly¶
This topic describes the information architecture in logs anomaly dashboard.
User will receive an email or SMS notification when there is an anomaly detected. The email will contain link to the logs anomaly dashboard. The dashboard shows historical inforamation for the last N (7) days. Here is an example:
Each anomaly has an unique identifier. The fist part are the abreviated characters of the application name being monitored. The second part is a number sequence. The two parts are seperated by a dash. For example, MVP-123.
User is able to look-up a specific anomaly using the identifier.
The widget at the bottom shows important logs for a particular anomaly. User may look at the to identify critical information and clues to qucikly recover from the production incident. This helps to improve MTTR (mean time to repair).
Anomaly score represents what the model thinks about the likelihood that an incident being an anomaly.
- The top left component shows daily distribution of different anomalies and their associated scores as bar chart.
- The top right component shows the distribution of anomaly score as a pie chart.
- The 2nd component on the left from the top shows anomaly score distribution as a heat map per day. It shows what are the different anomalies found over the last few (7) days and their assocaited score.
- The 2nd component from bottom shows anomaly score aggregate count over the last few (7) days based on the 4 types - minor, log, major, critical as gauge charts.
The 2nd widget on the right from top shows different anomaly identifiers, service name, application name, logs and count. This acts as a quick reference for various logs anomalies found for the last few days.
Log Sources & Timeline¶
3rd component from the botton shows logs distribution from different sources and associated timeline.