Chapter 6. The Broader Landscape
As weâve mentioned before, there is an extremely broad set of topics and techniques that fall into anomaly detection. In this chapter, weâll discuss a few, as well as some popular tools that might be useful. Keep in mind that nothing works perfectly out-of-the-box for all situations. Treat the topics in this chapter as hints for further research to do on your own.
When considering the methods in this chapter, we suggest that you try to ask, âwhat assumptions does this make?â and âhow can I assess the meaning and trustworthiness of the results?â
Shape Catalogs
In the book A New Look at Anomaly Detection by Dunning and Friedman, the authors write about a technique that uses shape catalogs. The gist of this technique is as follows. First, you have to start with a sample data set that represents the time series of a metric without any anomalies. You break this data set up into smaller windows, using a window function to mask out all but a specific region, and catalog the resulting shapes. The assumption being made is that any non-anomalous observation of this time series can be reconstructed by rearranging elements from this shape catalog. Anything that doesnât match up to a reasonable extent is then considered to be an anomaly.
This is nice, but most machine data doesnât really behave like an EKG chart in our experience. At least, not on a small time scale. Most machine data is much noisier than this on the second-to-second basis. ...
Get Anomaly Detection for Monitoring now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
