Proactive Detection with New Relic AI

Free
preview

With New Relic AI's Proactive Detection, you can be notified of unusual app behavior in Slack. Or, you can set up a webhook to deliver messages when you need them.

Proactive Detection is currently free to use for a limited time. For more information, see Access and requirements.

Why it matters

With Proactive Detection, New Relic AI delivers insights about anomalies in your production system. Real-time failure warnings alert you when an anomaly is detected, and notifications are sent directly in your Slack channel where your teammates can see them.

How it works

New Relic Proactive Detection uses the following methods to detect anomalies in your app data:

  1. Proactive Detection monitors metric data reported by an APM agent, building a model of your typical application dynamics, and focuses on key golden signals: throughput, response time, and errors.

  2. If one of these golden signals shows anomalous behavior, the system flags it and tracks recovery to normal behavior.

  3. The system adapts to changes in your data, and continuously updates models based on new data.

Receiving notifications: We send notifications when we detect anomalous changes in throughput or response time. The notifications are sent to selected Slack channels, or sent via webhook. When the anomaly goes back to normal, a recovery message is sent.

Applications will not always generate anomalies, so it can be normal to not receive any detections.

Requirements

To use Proactive Detection, ensure you have:

  • A New Relic free trial or Pro account
  • An APM agent installed on applications to monitor
  • For Slack configuration: the New Relic AI Slack application installed into your Slack workspace by an IT administrator.

Set up Proactive Detection

You can configure these features in the Proactive Detection section of the New Relic AI dashboard:

Set up for Slack
  1. Go to one.newrelic.com > New Relic AI > Proactive Detection > Notifications.
  2. Select Real-time failure warnings in Slack. Then click plus Add configuration.
  3. Input the following information into the form:
    • Choose a name for your configuration that helps you easily identify it from others in your account.
    • Select an account.
    • Select up to 10 applications. Note that certain applications with low throughput might not be good candidates for Proactive Detection, as they can be more sensitive to smaller amounts of data fluctuation.
    • Choose which Slack channels receive notifications (you can send them to an existing channel or create a new one). This prompts the workflow to add the New Relic AI Slack application to your selected channel.

      If you experience an error when assigning Slack channels, make sure that the New Relic AI Slack application has been added to your Slack workspace.

    • Enable the configuration. You can modify the applications for each configuration at any time by selecting Edit configuration in the configuration table.
Set up for webhooks
  1. Go to one.newrelic.com > New Relic AI > Proactive Detection > Notifications.
  2. Select Real-time failure warnings in Slack. Then click plus Add configuration.
  3. Input the following information into the form:
    • Choose a name for your configuration that helps you easily identify it from others in your account.
    • Select an account.
    • Select up to 10 applications. Note that certain applications with low throughput might not be good candidates for Proactive Detection, as they can be more sensitive to smaller amounts of data fluctuation.
    • Provide the webhook URL.
    • Provide optional custom headers.
    • Choose to edit the custom payload, or enable using the default payload.
  4. Enable the configuration. You can modify the applications for each configuration at anytime by selecting Edit configuration in the configuration table.

Muting notifications (Slack only)

In Slack, detections coming from specific applications can be muted temporarily or permanently. The entire channel can also be muted temporarily. This is useful in the case of an incident or when the channel should otherwise not be interrupted.

To mute in Slack, select Mute this app’s warnings or Mute all warnings, then select the duration you wish to mute for. We will resume sending notifications for any detections once the muting duration has completed.

Muting an application permanently removes it from the configuration. To add it back in, navigate to New Relic AI > Proactive Detection, and select the configuration to edit.

Muting Proactive Detection notifications does not affect New Relic Alerts.

Feedback on notifications (Slack only)

Once an anomaly has returned to normal, we send a recovery notification with the option to provide feedback. Your feedback provides our development team with input to help us improve detection quality.

To provide feedback, select Yes or No in Slack.

Webhook payload and examples

Proactive Detection will send the event body in JSON format via HTTPS POST. The system expects the endpoint to return a successful HTTP code (2xx). If you use webhooks to configure Proactive Detection, use these examples of the webhook body format and JSON schema.

Attribute Description

category

Enum (“web throughput”,
“non-web throughput”,
“web transactions”,
“non-web transactions”,
“error class”)

The category of data that was analyzed.

Categories include: web throughput, non-web throughput, web transactions, non-web transactions, and error class.

data

List​

The time series data leading up to the detection.

data[].timestamp

Number​

The timestamp of the data point in epoch milliseconds.
Example: 1584366819000

data[].unit

String​

The unit describing the value of the data point.
Data units include: count, milliseconds, and error_rate

data[].value

Number​

The value of the data point.

Example: 1.52

detectionType

Enum(“latency”, “throughput”,
“error_rate”)​

The type of data that was analyzed.

Types include: error_rate, latency, throughput

entity

Object​

The entity that reported the unusual data.

entity.accountId

Number​

The ID of the account to which the entity belongs.

entity.domain

Enum

The domain to which the entity belongs.

Example: APM

entity.domainId

String​

The id used to uniquely identify the entity within the domain.

entity.guid

String​

The guid used to uniquely identify the entity across all products.

entity.name

String​

The name of the entity.

Example: “Laura’s coffee service”

entity.link

String​

A link to view the entity.

Example: ‘https://rpm.newrelic.com/accounts/YOUR_ACCOUNT_ID/applications/987654321”

severity

Enum (“NORMAL”,
“WARNING”,
“CRITICAL”)

A description of how unusual of a change occurred.

version

String​

Version used to describe the data being provided.

Example: v1

JSON schema example

New Relic AI will send the event body in JSON format via HTTPS POST. The system expects the endpoint to return a successful HTTP code (2xx).

Template:

{
  "version": "{{version}}", 
  "entity": {
    "type": "{{entity.type}}",
    "name": "{{entity.name}}",
    "link": "{{entity.link}}",
    "entityGuid": "{{entity.entityGuid}}",
    "domainId": "{{entity.domainId}}",
    "domain": "{{entity.domain}}",
    "accountId": {{entity.accountId}}
  },
  "detectionType": "{{detectionType}}",
  "category": "{{category}}",
  "data": [{{#each data}}
    {
      "value": {{value}},
      "unit": "{{unit}}",
      "timestamp": {{timestamp}}
    }
    {{#unless @last}},{{/unless}}
  {{/each}}]
}
    

Sample Payload:

{
  "version": "v1", 
  "entity": {
    "type": "APPLICATION",
    "name": "My Application",
    "link": "https://rpm.newrelic.com/accounts/ACCOUNT_ID/applications/123",
    "entityGuid": "foo",
    "domainId": "123",
    "domain": "APM",
    "accountId": YOUR_ACCOUNT_ID
  },
  "detectionType": "metric",
  "category": "web throughput",
  "severity": "CRITICAL",
  "data": [
    {
      "value": 100,
      "unit": "count",
      "timestamp": 1584047560917
    }
    ,
  
    {
      "value": 99,
      "unit": "count",
      "timestamp": 1584047620917
    }
    ,
  
    {
      "value": 0,
      "unit": "count",
      "timestamp": 1584047680917
    }
  ]
}

    

Access and requirements

This product is currently generally available and free of charge until May 4th, 2020. During this "Free Preview" all New Relic APM customers may use Proactive Detection, subject to these limitations:

  • The number of APM Applications you can proactively monitor is limited to 10 per configuration.
  • The number of Slack configurations is limited to 100 per account.
  • The number of Webhook configurations is limited to 100 per account.
  • At the end of the free period we intend to have a free offering with lower limits than the Free Preview. If your configuration is above the limits your service may be interrupted and we may send messages via the channels configured to upgrade to the paid offering.
  • New Relic reserves the right to terminate or restrict your free access for this service at any time, including if you: (i) exceed the configuration limitations noted above, or (ii) the expiration of the Free Preview, but New Relic may increase or extend either case at its sole discretion.

For more help

Recommendations for learning more: