Application anomaly detection API - PUT configuration

Updates the configuration of anomaly detection for applications.

The request consumes an application/json payload.

PUT
  • Managed https://{your-domain}/e/{your-environment-id}/api/config/v1/anomalyDetection/applications
  • SaaS https://{your-environment-id}.live.dynatrace.com/api/config/v1/anomalyDetection/applications

Parameters

Parameter Type Description In Required
body ApplicationAnomalyDetectionConfig

The JSON body of the request, containing parameters of the application anomaly detection configuration.

body optional

The ApplicationAnomalyDetectionConfig object

The configuration of anomaly detection for applications.

Element Type Description Required
metadata ConfigurationMetadata

Metadata useful for debugging.

optional
responseTimeDegradation ResponseTimeDegradationDetectionConfig

How to detect response time degradation.

required
trafficDrop TrafficDropDetectionConfig

How to detect traffic drops.

required
trafficSpike TrafficSpikeDetectionConfig

How to detect traffic spikes.

required
failureRateIncrease FailureRateIncreaseDetectionConfig

How to detect failure rate increase.

required

The FailureRateIncreaseDetectionConfig object

Configuration of failure rate increase detection.

Element Type Description Required
detectionMode string

How to detect failure rate increase: automatically, or based on fixed thresholds, or do not detect.

The detectionMode element can hold these values.
required
automaticDetection FailureRateIncreaseAutodetectionConfig

Parameters of automatic failure rate increase detection.

Required if detectionMode is DETECT_AUTOMATICALLY. Not applicable otherwise.

The absolute and relative thresholds both must be exceeded to trigger an alert.

Example: If the expected error rate is 1.5%, and you set an absolute increase of 1%, and you set a relative increase of 50%, the thresholds will be: Absolute: 1.5% + 1% = 2.5% Relative: 1.5% + 1.5% * 50% = 2.25%

optional
thresholds FailureRateIncreaseThresholdConfig

Fixed thresholds for failure rate increase detection.

Required if the detectionMode is DETECT_USING_FIXED_THRESHOLDS. Not applicable otherwise.

optional

The FailureRateIncreaseThresholdConfig object

Fixed thresholds for failure rate increase detection.

Required if detectionMode is DETECT_USING_FIXED_THRESHOLDS. Not applicable otherwise.

Element Type Description Required
threshold integer

Failure rate during any 5-minute period to trigger an alert, %.

required
sensitivity string

Sensitivity of the threshold.

With low sensitivity, high statistical confidence is used. Brief violations (for example, due to a surge in load) won't trigger alerts.

With high sensitivity, no statistical confidence is used. Each violation triggers alert.

The sensitivity element can hold these values.
required

The FailureRateIncreaseAutodetectionConfig object

Parameters of failure rate increase auto-detection. Required if detectionMode is DETECT_AUTOMATICALLY. Not applicable otherwise.

The absolute and relative thresholds both must exceed to trigger an alert.

Example: If the expected error rate is 1.5%, and you set an absolute increase of 1%, and a relative increase of 50%, the thresholds will be: Absolute: 1.5% + 1% = 2.5% Relative: 1.5% + 1.5% * 50% = 2.25%

Element Type Description Required
failingServiceCallPercentageIncreaseAbsolute integer

Absolute increase of failing service calls to trigger an alert, %.

required
failingServiceCallPercentageIncreaseRelative integer

Relative increase of failing service calls to trigger an alert, %.

required

The TrafficSpikeDetectionConfig object

The cofiguration of traffic spikes detection.

Element Type Description Required
enabled boolean

The detection is enabled (true) or disabled (false).

required
trafficSpikePercent integer

Alert if the observed traffic is more than X % of the expected value.

optional

The TrafficDropDetectionConfig object

The configuration of traffic drops detection.

Element Type Description Required
enabled boolean

The detection is enabled (true) or disabled (false).

required
trafficDropPercent integer

Alert if the observed traffic is less than X % of the expected value.

optional

The ResponseTimeDegradationDetectionConfig object

Configuration of response time degradation detection.

Element Type Description Required
detectionMode string

How to detect response time degradation: automatically, or based on fixed thresholds, or do not detect.

The detectionMode element can hold these values.
required
automaticDetection ResponseTimeDegradationAutodetectionConfig

Parameters of automatic response time degradation detection.

Required if detectionMode is DETECT_AUTOMATICALLY. Not applicable otherwise.

Violation of any criterion triggers an alert.

optional
thresholds ResponseTimeDegradationThresholdConfig

Fixed thresholds for response time degradation detection.

Required if detectionMode is DETECT_USING_FIXED_THRESHOLDS. Not applicable otherwise.

optional

The ResponseTimeDegradationThresholdConfig object

Fixed thresholds for response time degradation detection.

Required if detectionMode is DETECT_USING_FIXED_THRESHOLDS. Not applicable otherwise.

Element Type Description Required
responseTimeThresholdMilliseconds integer

Response time during any 5-minute period to trigger an alert, in milliseconds.

required
slowestResponseTimeThresholdMilliseconds integer

Response time of the 10% slowest during any 5-minute period to trigger an alert, in milliseconds.

required
loadThreshold string

Minimal service load to detect response time degradation.

Response time degradation of services with smaller load won't trigger alerts.

The loadThreshold element can hold these values.
required
sensitivity string

Sensitivity of the threshold.

With low sensitivity, high statistical confidence is used. Brief violations (for example, due to a surge in load) won't trigger alerts.

With high sensitivity, no statistical confidence is used. Each violation triggers an alert.

The sensitivity element can hold these values.
required

The ResponseTimeDegradationAutodetectionConfig object

Parameters of the response time degradation auto-detection. Required if the detectionMode is DETECT_AUTOMATICALLY. Not applicable otherwise.

Violation of any criterion triggers an alert.

Element Type Description Required
responseTimeDegradationMilliseconds integer

Alert if the response time degrades by more than X milliseconds.

required
responseTimeDegradationPercent integer

Alert if the response time degrades by more than X %.

required
slowestResponseTimeDegradationMilliseconds integer

Alert if the response time of the slowest 10% degrades by more than X milliseconds.

required
slowestResponseTimeDegradationPercent integer

Alert if the response time of the slowest 10% degrades by more than X %.

required
loadThreshold string

Minimal service load to detect response time degradation.

Response time degradation of services with smaller load won't trigger alerts.

The loadThreshold element can hold these values.
required

The ConfigurationMetadata object

Metadata useful for debugging

Element Type Description Required
configurationVersions integer[]

A Sorted list of the version numbers of the configuration.

optional
clusterVersion string

Dynatrace server version.

optional

Possible values

Possible values for the sensitivity element in the ResponseTimeDegradationThresholdConfig object:

  • HIGH
  • LOW
  • MEDIUM

Possible values for the loadThreshold element in the ResponseTimeDegradationAutodetectionConfig object:

  • FIFTEEN_REQUESTS_PER_MINUTE
  • FIVE_REQUESTS_PER_MINUTE
  • ONE_REQUEST_PER_MINUTE
  • TEN_REQUESTS_PER_MINUTE

Possible values for the detectionMode element in the ResponseTimeDegradationDetectionConfig object:

  • DETECT_AUTOMATICALLY
  • DETECT_USING_FIXED_THRESHOLDS
  • DONT_DETECT

Response format

A successful request doesn't return any content.

Validate payload

We recommend that you validate the payload before submitting it with an actual request. A response code of 204 indicates a valid payload.

The request consumes an application/json payload.

POST
  • Managed https://{your-domain}/e/{your-environment-id}/api/config/v1/anomalyDetection/applications/validator
  • SaaS https://{your-environment-id}.live.dynatrace.com/api/config/v1/anomalyDetection/applications/validator

Response codes

Code Description
204 Validated. The submitted configuration is valid. Response does not have a body.
400 Failed. The input is invalid

Example

In this example, the request updates the configuration of anomaly detection for applications from the GET request example. It activates traffic spikes detection and sets the threshold of 200%.

The API token is passed in the Authorization header.

You can download or copy the example request body to try it out on your own. Be sure to create a backup copy of your current configuration with the GET application anomaly detection configuration call.

Curl

curl -X PUT \
  https://mySampleEnv.live.dynatrace.com/api/config/v1/anomalyDetection/applications \
  -H 'Authorization: Api-token abcdefjhij1234567890' \
  -H 'Content-Type: application/json' \  
  -d '{
  "responseTimeDegradation": {
    "detectionMode": "DETECT_AUTOMATICALLY",
    "automaticDetection": {
      "responseTimeDegradationMilliseconds": 100,
      "responseTimeDegradationPercent": 50,
      "slowestResponseTimeDegradationMilliseconds": 1000,
      "slowestResponseTimeDegradationPercent": 10,
      "loadThreshold": "TEN_REQUESTS_PER_MINUTE"
        }
    },
    "trafficDrop": {
      "enabled": true,
      "trafficDropPercent": 50
    },
    "trafficSpike": {
      "enabled": true,
      "trafficSpikePercent": 200
    },
    "failureRateIncrease": {
      "detectionMode": "DETECT_AUTOMATICALLY",
      "automaticDetection": {
        "failingServiceCallPercentageIncreaseAbsolute": 5,
        "failingServiceCallPercentageIncreaseRelative": 50
      }
    }
}
'

Request URL

https://mySampleEnv.live.dynatrace.com/api/config/v1/anomalyDetection/applications

Request body

api-examples/config/anomaly-detection/apps/put-config.json
Download
{
  "responseTimeDegradation": {
    "detectionMode": "DETECT_AUTOMATICALLY",
    "automaticDetection": {
      "responseTimeDegradationMilliseconds": 100,
      "responseTimeDegradationPercent": 50,
      "slowestResponseTimeDegradationMilliseconds": 1000,
      "slowestResponseTimeDegradationPercent": 10,
      "loadThreshold": "TEN_REQUESTS_PER_MINUTE"
        }
    },
    "trafficDrop": {
      "enabled": true,
      "trafficDropPercent": 50
    },
    "trafficSpike": {
      "enabled": true,
      "trafficSpikePercent": 200
    },
    "failureRateIncrease": {
      "detectionMode": "DETECT_AUTOMATICALLY",
      "automaticDetection": {
        "failingServiceCallPercentageIncreaseAbsolute": 5,
        "failingServiceCallPercentageIncreaseRelative": 50
      }
    }
}

Response code

204

Result

The updated configuration has the following parameters:

Anomaly detection config - apps - updated