There are plenty of existing algorithms for anomaly detection. Each of them have their own strength, but they often require a quite significant sample size in order to get an accurate detection.
At the heart of Unomaly, we are a group of engineers that want to get the value of anomaly detection in the hands of our peers. This is why we’ve decided to offer our product free for all engineers & start-ups for a maximum of 10 data sources.
In our latest release, Unomaly 3.0, we made significant improvement to our search functionality to make finding specific information easier by adding multiple values for the same filter type.
Unomaly 3.0 offers more ways to investigate the anomalies plaguing your environment by introducing the Anomaly Page. This page gives you a complete list of anomalies that have occurred across your entire environment, unlike the situations view, which are time-based clusters of anomalies based on each of your individual log sources.
I’d like to take you behind the scenes of my team’s process, findings and considerations in building a better user experience for filtering through anomalies, in Unomaly.
AWS CloudTrail is a powerful tool for auditing your AWS usage, giving you complete insight in what’s going on across your AWS account(s) by giving you access to the raw events formatted as JSON — however, making sense of the AWS CloudTrail logs, finding those needles in the haystack type of events, the ones you really want to detect, is not necessarily the easiest task. Usually, it involves creating advanced search patterns, and knowing beforehand whichevents to look for, which you typically don’t.