Online Anomaly Detection Based on Monitoring Traces

In modern days, customers expect that Web services work reliably and are available around the clock. A system failure can have a significant negative impact on a company’s reputation and economical success. This makes it necessary to continuously monitor software systems in order to detect problems of arising failures early. Existing anomaly detection approaches are taking up this challenge by analyzing aggregated data. Unfortunately, they can suffer from the flaw of averages and are not able to associate an anomaly with individual requests for root cause analysis. In light of this observation, we introduce an anomaly detection approach that operates on raw and non-aggregated data. This allows us to precisely identify abnormal requests and differentiate them based on various attributes (e.g., business transactions, user location and server). Subsequently, the individual requests can be further analyzed to get a deeper understanding of an anomaly’s root cause. We integrated our approach into inspectIT and successfully identified anomalies introduced in an e-commerce reference application.