Davis Anomaly Detection status types

Davis Anomaly Detection Davis Anomaly Detection - new provides a Status column that represents the health status of the anomaly detector and contains information about the success rate of anomaly detector executions that ran in the background over the last 24 hours. This means that, if an error or warning occurs, the anomaly detector will send a warning or error event. These events are then compared to the success events from the last 24 hours.

The status of the anomaly detector can change from warning to error if success rate falls under 95% over time.

In addition, the Status column contains information about the inaccessibility of the success rate data that can be divided into three types:

  • Pending. This status indicates that the anomaly detector has not been executed yet, or that the query doesn't have any executable events.
  • Unavailable. This status indicates that you might not have the permissions necessary to access the status information.
  • Inactive. This status indicates that the anomaly detector is currently disabled.

Anomaly Detection status list

An anomaly detector can have any of the following status types:

Status

Description

Success

The success rate for the last 24 hours is over 99%.

Error

The success rate for the last 24 hours is under 95%.

Warning

The success rate for the last 24 hours is between 95% and 99%.

Unavailable

Status currently unavailable. Check if you have the following permissions:

  • storage:system:read

Pending

Can't calculate the success rate. The anomaly detector has not yet been executed, or the query does not contain any execution events.

Inactive

The anomaly detector is not enabled.

Troubleshooting

If the status of your anomaly detector shows an error, select Error > View more details to see the error message.

Some of the error messages might be more complicated than others. Here are some of the common ones to help you resolve the issue faster.

  • Query failed because the response time exceeded 10000 ms: Davis Anomaly Detection Davis Anomaly Detection - new sets a 10-second execution limit on queries. This safety limit helps to prevent other anomaly detector configurations from being delayed or stuck in the queue.
  • Anomaly detector failed with an unauthorized request. Fix the required permissions in the authorization settings: Davis Anomaly Detection Davis Anomaly Detection - new lacks the necessary permissions and is unable to read the data on your behalf. For more information about required permissions and editing authorization settings, see Prerequisites and Enable or edit Anomaly Detection authorization settings.
  • Query does not result in a valid timeseries: No valid time series records found. A valid time series record contains a single duration field, a single timeframe and one or multiple numeric arrays. Consider using the 'timeseries' or 'makeTimeseries' DQL command: Davis Anomaly Detection Davis Anomaly Detection - new requires a timeseries to automatically check the alert condition. For more information and examples of a valid query, see Examples of anomaly detection on Grail.