Perform anomaly detection across multiple time series and single time series.
The examples in the multiple time series directory include:
- two clustering algorithms, including BIRCH and KMEANS. These algoritms are implemented with the ADTK(Anomaly Detection Took Kit Library)
- one classical algortihm, specifically Median Absolute Deviation(MAD). This multiple time series implementation of MAD is described in Better Than MAD. This is a Python implementation. If you're curious to learn more about the MAD algorithm in Flux, see Anomaly Detection with Median Absolute Deviation. The reader might also be interested in a single time series application of MAD, although a example isn't included in this repo.
The examples in the single time series directory include:
- three classical algorithms, specifically Autoregression, LevelShiftAD, and SeasonAD. These algorithms come from the Anomaly Detection Took Kit package. ADTK is a Python package for unsupervised time series anomaly detection.
When you want to spot hosts, applications, containers, plant equipment, or sensors that are behaving differently from others, you can use the multiple time series Anomaly Detection to identify when a single time series is “deviating from the pack”.
DevOps Monitoring enables your organization to measure key performance indicators that are mission-critical to upholding your Service Level Agreements (SLAs). Ideally, Site Reliability Engineers (SREs) use Devops Monitoring to solve operation problems, increase reliability, and guide infrastructure design efforts. Multiple time series Anomaly Detection algorithms enable SRE’s to identify unhealthy containers, VMs, or servers quickly. The sooner SRE’s are able to spot suspicious behaviour, the faster they are able to diagnose and remedy infrastructure problems. Root cause analysis is a highly complicated type of iterative problem solving. It involves asking deep questions and employing the Five Why’s Method. Finding the problem is just the beginning, solving operation problems can be even more challenging and require a lot of creativity. While Artificial Intelligence isn’t advanced enough to autonomously perform root cause analysis and solve infrastructure problems, anomaly detection still has value. Anomaly detection guides site reliability engineers (SREs) and sysadmins down the right path to reduce the incident resolution time or mean time to resolution (MTTR). Reduction in MTTR enables companies to honor their Service Level Objectives (SLOs), provides a good user experience, and encourages contract renewals. By allowing you to write user defined functions and incorporate custom anomaly detection algorithms, Flux provides this value. InfluxDB v2 alerts and notifications enable SREs to respond to anomalies in real-time.
Often times data scientists aren't afforded the luxury of having a collection of like time series with which to define normal behavior. In this case, statistical attributes of the single series can be examined to determine whether the time series is exhibiting anomolous behavior. The benefits of performing single time series are similar to the benefits described in the section above.