Find and filter anomalies with the Addy service

After you connect to the Addy service for anomaly detection, you can find anomalies by time interval, by protocol, or by your applications and devices. Anomalies are sorted by their start time and the most recent anomaly is listed first.

Each anomaly provides information about the type of unusual behavior that occurred, when the behavior occurred, and the source of the behavior. For more information, see Interpret anomalies and Navigating anomalies.

The following steps show you how to find and filter anomalies:

  1. Log into the Web UI on the Discover or Command appliance and then click Anomalies at the top of the page.
    A list of anomalies for the current time interval appears. If the list is empty, then the Addy service has not detected anomalies for the selected time interval.
  2. In the left pane, filter anomalies by selecting the following options:
    Option Description
    Change the time interval View anomalies from a different time period. To see active, ongoing anomalies in your environment, change the time interval to Last 30 minutes.
    Any Appliance (Command appliance only) Click the name of the Discover appliance from the drop-down list to view anomalies for applications and devices on that appliance.
    Any Protocol Click one or more protocols from the drop-down list and then click anywhere outside of the drop-down list to display the list of filtered anomalies.
    Source Type Click Application or Device to filter anomalies by source. Click Any to see all anomalies.
Published 2018-01-15 19:12