Find and filter anomalies

After activating Addy, a top menu item appears for anomalies. To browse anomalies detected by Addy, log into the Web UI and click Anomalies at the top of the page. You can then filter anomalies by time interval, protocol, category, applications, or devices. Anomalies are sorted by their start time and the most recent anomaly is listed first.


Configuring an anomaly alert from the Alerts page lets you monitor alerts or receive email notifications when a specific anomaly is detected. For more information, see the following topics:

The following steps show you how to find and filter anomalies:

  1. Log into the Web UI on the Discover appliance, Command appliance, or ExtraHop Reveal(x) and then click Anomalies at the top of the page.
    A list of anomalies for the current time interval appears. If the list is empty, then Addy has not detected anomalies for the selected time interval.
  2. In the left pane, filter anomalies by selecting the options as shown in the following figure:

Published 2018-03-13 17:59