Anomaly detection mechanism

Moogsoft uses advanced analytics to identify performance anomalies on each time series metric. Each metric anomaly is considered an event of operational significance without any configuration.

Moogsoft uses the following anomaly detectors. By default, metric data is processed using the Adaptive Detector.

  • The Adaptive Detector identifies anomalies based on a statistical calculation against a median absolute deviation, which varies over time and determines the high and low thresholds.

  • The Threshold Detector identifies anomalies based on a fixed upper and/or lower threshold.

  • Bitwise and False detectors identify anomalies use bitmasks and Booleans to evaluate whether a system is running correctly.

The Moogsoft Collector detects anomalies immediately on the installed host. This reduces the latencies involved in transferring and analyzing raw data from many different sources in a central location.

You can fine-tune how Moogsoft detects anomalies for individual metrics with special characteristics. For example, you might want to fine-tune the anomaly-detection logic for metrics with very large or very small data ranges. See Customizing Anomaly Detection for Individual Metrics (Advanced).