Purpose
The Anomaly Detection page provides real-time visibility into unusual patterns, deviations, and potential security threats across cloud environments. It leverages advanced anomaly detection algorithms and integrates IDS/IPS capabilities for proactive monitoring and operational resilience.Elements
- Anomaly Summary Panel: Displays detected anomalies with severity and impacted resources.
- Topology View: Visualizes anomaly location and affected gateways.
- Flow Data Panel: Shows traffic flows triggering anomaly alerts.
- Policy Status: Indicates if anomaly detection policies are active and compliant.
- Performance Metrics: Monitors detection accuracy and resource utilization.
Actions
View Anomaly Detection
View Anomaly Detection
To view anomaly detection data and alerts:
- Go to Security > Anomaly Detection.
- The Anomaly Detection page appears with the Anomaly Summary Panel showing detected anomalies with severity and impacted resources.
- Review Topology View to visualize anomaly location and affected gateways.
- Use Flow Data Panel to inspect traffic flows triggering anomaly alerts.
- Check Policy Status for anomaly detection policy compliance and Performance Metrics for detection accuracy and resource utilization.
Parameter Details
| CoPilot Parameter Name | Description |
|---|---|
| Anomaly Summary | Lists anomalies detected with severity levels. |
| Topology View | Displays network topology highlighting impacted gateways. |
| Flow Data | Shows source/destination IPs and ports for anomalous traffic. |
| Policy Status | Indicates if anomaly detection policies are enforced. |
| Detection Accuracy | F1 score for anomaly detection algorithms. |
| Response Time | Average time to respond to detected anomalies. |
| Resource Utilization | CPU and memory usage for anomaly detection services. |