Cloud Services

Cost & Asset Management

Anomaly policies
Published On May 23, 2024 - 11:44 AM

Anomaly policies

Define custom policies to detect anomalies in cost, utilization and age of service type.
The Anomaly policies set up help you set rules for specific assets, where different criteria are given and an email alert is established so that you know how your assets perform and make informative decisions based on the anomaly policy data.
  • Only supported asset types will be available for configuration.
  • All the policies set up, will be reflected on the Anomaly Dashboard where you can view anomaly policy recommendations, anomaly count, segment charts, and anomaly summaries.
On this page, you are able to:

Create an Anomaly Policy

To learn more about navigating to the different services from each tenant, refer to Landing page navigation or Kyndryl Bridge Landing page navigation. Click the
Anomaly Policies
 tab to display a list of your anomalies policies.
To create an anomaly policy, follow the steps:
  1. A new window will appear with a table listing columns such as Name, Rule, Visibility, Creation Date, and Update Date. Click on
    Create Policy
     located in the upper right corner of the table.
  2. In the
    Define Anomaly Policy, rule, and targets
     section, you'll set up the policy to detect cost, utilization, and age anomalies and define the target resources they apply to.
  3. Proceed to fill in the required information in the following order:
    • Name of the policy
      : Input the desired name for the policy.
    • Rule for anomaly detection
      : Set the rules for detecting anomalies. You can add multiple rules if needed by clicking on "Add Rule." (Define the
      Rule Type
      ,
      Operation
      ,
      Value
       and
      Measure
      )
    • Anomaly Severity
      : Choose the severity level for the policy from options such as critical, high, medium, or low.
    • Time Period of Detection
      : Select the appropriate period for the anomaly detection, such as daily, weekly, or monthly.
    • Active
      : The activate the policy toggle is set to
      Active
       by default on the 'On' position in the section's upper right corner.
  4. In the
    Target asset definition
     section defines the specific assets or group of assets the policy will apply to using the selection filters provided.
  5. Preview your filter set to ensure it captures the intended trend and data set by clicking on
    Generate Preview
    .
  6. Once all information is correctly entered and reviewed, click
    Next
     to proceed to the next steps in the policy creation process, which may include setting notification preferences and reviewing the policy before finalizing it.

Anomaly rules by default

When setting up an anomaly policy, rules are set by default to your policies, which can be customized, and additional rules can be added. In addition, you can set the time to monthly.
The following anomaly policies are set by default:

Underutilized Assets

The Underutilized Assets policy identifies assets based on CPU utilization to evaluate whether you need to decommission the asset not being used or distribute the workload across other assets with additional capacity.
  • Default policy
    : Underutilized assets are those that have been used less than 35% of the time for the past 30 days, a fixed period.
  • User-defined policy
    : Utilized < { THRESHOLD } for the past 30 days. Input values: The range of values is 1% to 100%.

Overutilized Assets

The Overutilized Assets policy identifies assets based on CPU utilization to evaluate whether the user should provision more resources, add more VMs and different types of VMs or distribute workload across more assets. Users can then determine if they should accommodate current and future resource demands.
  • Default policy
    : Overutilized assets have been used over 80% of the time for the past 30 days, a fixed period.
  • User-defined policy
    : Utilized > {THRESHOLD} for the past 30 days. Input values: The range of values is
    1%
     to
    100%
    .

Utilization Drop for Assets

This policy is calculated by taking the difference of the average of all the available values of
utilization datapoint
. This calculation covers the period of the past 30 days for two periods of time. The first time period is from the current day to the 30th day. The second time period is from the 31st day to the 60th day. The calculation for the 60th day is calculated from the data points for the period from the 60th day to the 90th day.
To obtain the anomaly for utilization drop, ingestion must be run for 60 days, but not necessarily daily.
  • Default policy
    : A1 - an average of values from current to 30th day. A2 - an average of values from the 31st to the 60th day. Drop = ((A2 – A1)/A2) *100
  • User-defined policy
    : If the drop percentage is more than the threshold that you set, it is reported as the active utilization drop issue for the asset.
    When there is no data for the current period or for a recently onboarded tenant that has no data for the period from the 31st to the 60th day, no utilization drop anomalies are generated.

Age of Assets

This policy identifies older assets to determine if the assets need to be decommissioned or upgraded with more efficient, better performing assets.
  • Default policy
    : The age of the assets is older than 365 days.
  • User-defined policy
    : Provisioned > {THRESHOLD} days ago. Input values: The range of values is
    1
     day to
    1095
     days, 3 years.

Set rules for anomaly detection

Follow steps to set a rule for policy to detect cost, utilization and age anomaly:
  1. Select the anomaly type in which you want the rule to be applied to your assets, by default it is ‘east asset individually’, however you can change it.
If selecting each asset individually
: This is for the rule to be applied for assets individually.
Fill out the information required:
  1. Rule type
    : Select the rule which gives the limit that the specific asset can reach such as:
    • Cost spike
      : A significant increase of costs.
    • Cost drop
      : A significant drop in the costs.
    • Cost
      : An amount that has been paid or spent.
    • Utilization spike
      : An increase in the utilization of assets.
    • Utilization drop
      : A decrease in the utilization of assets.
    • Utilization
      : The utilization of assets.
    • Age of assets
      : How long assets have been available, utilized etc.
    • Anomalous patterns for asset name
      : A characteristic or keyword that defines a specific asset this to have a more certain search. For anomalous patters, you are required to add
      Regular expression
       which are tags/keywords to indicate the pattern placement starts, ends, or contains a specific word that you wish to find which is the one you type on the search bar.
    • Operation
      : Assign the related operation to the policy.
    • Value
      : Assign the number value you require to view.
    • Measure
      : Measure options are % or currency selected, you select the desired measurement.
      Measure is not supported for utilization and pattern rule type.
  2. Add
    Conditions
    : Click the
    Add Condition
     option and repeat the steps to add, rule type, operation, value, and measure.
  3. You can add more rules to the policy, click
    Add Rule
     and fill out the information as indicated from step 1 on.
If selecting Entire group of assets as a whole
: This is for the rule to be applied to your assets in groups.
  1. Click ‘
    Entire group of assets as a whole’
    .
  2. An alert window opens indicating the ‘Switch anomaly type’. Click
    Confirm
     to proceed.
    Note
    : when changing anomaly type, your current data for the selected anomalies will be lost.
  3. Fill out the information required,
    Rule type
    : Select the rule which gives the limit that the specific asset can reach such as:
    • Count spike
      : The count of assets/services in increase.
    • Count drop
      : The count of assets/services dropped.
    • Count
      : The count of assets/services.
    • Operation
      : Assign the related operation to the policy.
    • Value
      : Assign the number value you require to view.
    • Measure
      : Measure options are % or absolute value, you select the desired measurement.
      Only one group per policy is allowed.
  4. Add
    Conditions
    : Click the
    Add Condition
     option and repeat the steps to add, rule type, operation, value, and measure.
  5. You can add more rules to the policy, click
    Add Rule
     and fill out the information as indicated from step 1 on.

Target Asset Definition

By default your policy rule applies to all resources, however, users can select an existing group or create a new one by selecting filters.
Only one group per policy is allowed.
Follow steps to use filters to select a subset of assets where the policy applies to:
  1. In the 'Target Resource Definition' section, click the
    Settings Adjust filter
    .
  2. Select the filters you required to set for your policy and click
    Apply
    :
    • Provider
    • Billing account
    • Asset account
    • Category
    • Asset type
    • Location
    • Provider tag
  3. Once you click apply, the 'Target Resource Summary table' is set to reflect the filtered data and specific details.
  4. Filter Set Preview
     by clicking the
    Generate preview
     option, this reflects a dashboard with the asset count by the timeline you've previously selected.

Line item preview

The Line item preview table displays detailed data of each asset related to the provider and filters previously selected. The table contains:
  • Asset ID
  • Providers
  • Asset account Name
  • Provision date
  • Location
  • Asset source
  • Asset type
By default, the table reflect 100 assets details. You can configure the table to show a different number of assets:
  1. Click the configuration option at the upper right corner of the table.
  2. A window opens where you can select the amount of assets you wish to view on the table, this can be between 100, 500 or 1000, select the one you wish to view.
  3. Click
    Apply
     or you can also click
    Set that number by default
     so that instead of 100, the table shows 500 or 1000 by default. The table refreshes, click
    Next
     located at the upper right side corner of the page to configure notifications.

Who can see the anomalies

To set anomalies visibility follow steps:
  1. Define context, select the context type, either an organization or team.
  2. Select context values which is the specific group which visibility permissions is granted.
  3. Add custom context which is adding more groups with permission to view the anomalies.
  4. Once the defined context is ready, click
    Next
    .

Notification Settings

Set the duration of notification emails about the violations of your custom policy:
  1. Select the frequency of your email notifications between: daily, weekly, monthly, or don't notify me options.
  2. Set how you would like to get the email for the policy, to
    mail it to you
     directly which is the specific group previously defined in the ‘defined context’ step.
  3. Choose an email template, this is optional. You have the option to select an email template which provides different visualizations of the policy. Select the template you want and click
    Next
    .
  4. When you click 'review' a new window displays with all the information you selected while creating your policy, click
    Next
     to continue and finalize the review of your selections.

Edit an existing Policy

Follow the steps to edit an existing policy:
  1. On the Anomaly Policy table, you find all the policies created with its: name, rule, visibility, and creation date. Click the policy you wish to edit.
  2. A new window displays, each section has the edit option located at the upper right side of the page.
    An alert message pops up if a mandatory field is empty, for you to complete the information.
  3. To cancel the policy creation
    : click
    cancel
     option located at the upper right side corner of the page.
Do you have two minutes for a quick survey?
Take Survey