Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[META] - Augmenting Visualizations with Anomaly Detection #521

Closed
brijos opened this issue Apr 25, 2022 · 2 comments
Closed

[META] - Augmenting Visualizations with Anomaly Detection #521

brijos opened this issue Apr 25, 2022 · 2 comments

Comments

@brijos
Copy link

brijos commented Apr 25, 2022

Is your feature request related to a problem?

  • As an unsure user who is troubleshooting a problem, I want to augment my visualization with anomaly detection, so I can quickly identify if something is problematic or not.

Resources

Fundamental framing

  • As a user who is looking at a supported time series visualization on a dashboard, I want to see anomalies on that visualization, so when I pull up my dashboard in the future I will be able to promptly identify what is in bounds and what is out of bounds.
  • As a user who is looking at an anomaly view on a given visualization, I want to be able to get a summary of what the anomaly is, so I can decide if I want to dive deeper
  • As a user who wants to adjust the detector, I want to choose the detector
  • As a user who has setup a detector on a visualization within a dashboard, I want to be informed when detections are triggered, so I can feel confident in the system/service I’m supporting.

User Stories

  • Creation
    • As a user who is looking at a supported time series visualization on a dashboard, I want to see anomalies on that visualization, so when I pull up my dashboard in the future I will be able to promptly identify what is in bounds and what is out of bounds.
      • Create anomaly detector quickly based on the visualization selected on the dashboard
        • Be allowed to create advanced detectors if I’m interested
        • Provide guidance on what fields mean when creating a detector to encourage learning about anomaly detection
        • Encourage the user to create an alert if alerting is setup
        • Error State - If the visualization contains aggregations/features which aren’t supported by the detector, inform the user as such
    • As a user who has setup a detector, I want to know when I can see results of the new detector, so I can figure out if what I’m looking at is truly an anomaly
      • Inform the user how long it will take to get results
      • Allow the user to set a date range to review the metric(s) selected over time (set expectations on how long it will take)
  • Viewing
    • As a user who is looking at an anomaly view on a given visualization, I want to be able to get a summary of what the anomaly is, so I can decide if I want to dive deeper
  • Editing
    • As a user who wants to adjust the detector, I want to choose the detector
    • As a user who has edited a visualization on a dashboard with an anomaly detector associated with it, I want the detector to automatically update, so I can reduce the steps in my workflow
  • Notifications
    • As a user who has setup a detector on a visualization within a dashboard, I want to be informed when detections are triggered, so I can feel confident in the system/service I’m supporting.
      • Notifications are local to the visualization
      • Notifications can also be for the entire dashboard being viewed

Performance / Benchmarking

  • Need to answer the following questions...
    • How much additional time will it take to fetch alert finding data and what will that do to page load times?
    • How will adding 100, 1000, 10000 new monitors to a cluster affect cluster performance?
    • How will we be logging performance data for later consumption in logs?

Administration

  • Default State (on)
  • Turn on/off
    • As an administrator who is concerned about users creating anomalies in my system, I want to turn off the feature for all users, so I can rest easy that detectors are not using critical indexing resources
      • If alerts in the visualization is turned off, no users will see the feature
  • Performance
    • As an administrator, I want a mechanism which will tell me monitors are taking up too much compute, so I can react before things get bad on my cluster.
    • As an administrator, I want to know what monitors are using inefficient queries, so I can optimize performance.
      • Access Controls (Predefined Roles)
      • As an administrator who wants to lock down their system, I want to know what predefined roles are required for displaying anomaly detection on visualizations on dashboards
        • Either for Dashboards
          • opensearch_dashboards_read_only - A special role that prevents users from making changes to visualizations, dashboards, and other OpenSearch Dashboards objects.
          • opensearch_dashboards_user - Grants permissions to use OpenSearch Dashboards: cluster-wide searches, index monitoring, and write to various OpenSearch Dashboards indices.
        • Either for Anomaly Detection
          • anomaly_read_access - Grants permissions to view detectors, but not create, modify, or delete detectors.
          • anomaly_full_access - Grants full permissions to all anomaly detection actions.
      • As an administrator who wants to lock down their system, I want to designate users/groups who can view anomaly detectors on visualizations in dashboards
        • opensearch_dashboards_read_only + anomaly_read_access = can view detectors created by others
        • opensearch_dashboards_read_only + anomaly_full_access = can view detectors created by others
        • opensearch_dashboards_read_only + anomaly_read_access = can view detectors created by others
      • As an administrator who wants to lock down their system, I want to designate users/groups who can create anomaly detectors on visualizations in dashboards
        • opensearch_dashboards_user + anomaly_full_access = can create dashboards and create detectors
      • Role Conflicts
        • If a user who does not have anomaly_full_access or anomaly_read_access is provided a dashboard link which has visualizations with anomaly detectors enabled, they will not be able to see them because they won’t have anomaly detection permissions.

Not included in the initial release

What alternatives have you considered?
A clear and concise description of any alternative solutions or features you've considered.

Do you have any additional context?
Add any other context or screenshots about the feature request here.

@dtaivpp
Copy link

dtaivpp commented Jul 14, 2022

Hey all, just wanted to drop the meetup that featured this in for anyone who wants to watch. https://youtu.be/U_UGxwDAZjo?t=352

@ohltyler
Copy link
Member

This is completed and is part of the 2.9 release. For more details on the feature and its PRs in various docs, please see the meta issue in OSD

@ohltyler ohltyler unpinned this issue Jul 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants