Go to All Forums

CLOUDFRONT MONITORING IA THRESDHOLD NOT USEFUL

Hi, 

We tested the AI threshold on Cloudfront for a month and we conclude the anomaly detection is not right for this service. Cloudfront is a CDN service, so in essence, you will always have traffic fluctuation, especially in newspapers or eCommerce sites. 100% of SITE24 Cloudfront monitoring using IA were a false positive since is alerting a change in traffic from 1gb to 2gb for example. That's completely irrelevant for this kind of service.

It seems to be mapping daily consumption and that's probably the issue. Traffic changes daily, and even monthly. January is always a much slower month for eCommerce and Media, while December is the high season for both. The weekends are also different on most of the sites.

Can the AI be tuned? 

Like (2) Reply
Replies (3)

Re: CLOUDFRONT MONITORING IA THRESDHOLD NOT USEFUL

Dear Hernan,

   Thank you for your valuable feedback. Our team is checking in the backend what parameters we check for. In the meantime, 

1. In your perspective what are the important KPIs for CloudFront you look for?

2. What would you like to tune to the AI model?

-Jasper

Site24x7 PM

Like (0) Reply

Re: Re: CLOUDFRONT MONITORING IA THRESDHOLD NOT USEFUL

Hi Jasper, 

It will depend heavily on the site type and what are you looking for. We need to detect abnormal behavior.

For a small site, a peak of 30% increase in GB consumption might present a problem, but for an eCommerce or media site that's pretty normal. On our normal threshold for media sites, we use a 100% increase in requests and bandwidth for a 2 hours duration minimal as an alert, and most of the times it's a false positive, just a traffic fluctuation. 

I think the key is, is the traffic fluctuation something that has happened before? are requests consistent with the bandwidth usage? 

I'm available to explore options. 

Like (0) Reply

Re: Re: Re: CLOUDFRONT MONITORING IA THRESDHOLD NOT USEFUL

Dear Hernan,

    We analyzed anomaly events that took place for "bytes downloaded" attribute in CloudFront in your account. We convert the network values to MB and calculate for the anomaly. It looks like we've reported all the genuine spikes in that attribute based on this conversion. But if we convert these values to GBs, the deviation is very less and hence you probably say that they are insignificant anomalies. 

We have learned the problem, we will work on a solution to allow you to tune the attributes. Thank you for reporting the problem. We'll get back with a solution and probably get in touch with you once we have a working one and get your feedback. 

-Jasper

Site24x7, PM

Like (0) Reply

Was this post helpful?