Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

Overview

Now that all the data from all our telemetry streams are stored efficiently in the Kloudfuse platform, it is time to make use of this unified data. Kloudfuse platform does this by providing functionality that monitors Kubernetes services running in your clusters for any abnormal behavior and analyzing (upon detection of abnormal behavior) by correlating signals from each stream and narrowing down problematic areas in minutes. Please read more about HawkEye and BullsEye to gain more insight.

Services

Knight discovers peer to peer communication between services automatically. The communication is tracked for various protocols. The discovered services and their connection to other services (entities) is discovered and shown in the service list. The service map shows the communication edges. Each of the service list and service map shows the RED metric for the service or the edge.

HawkEye

HawkEye is a service designed to monitor any user configured signal (metric data from any stream) or all peer to peer communication signals (derived the RED metric). “Auto monitoring” feature monitors the communication between various endpoints in a detailed manner using instrumentation-less tracing. Using this data, HawkEye looks for anomalies in real-time fashion using state-of-the-art statistical learning algorithms. If an anomalous behavior is detected then an alert is raise which is then evaluated by BullsEye.

This feature is not enabled by default. Contact us for more information. Follow these steps to enable.

BullsEye

BullsEye is designed to narrow down to other anomalous areas of your infrastructure starting from the source which is captured in an alert. Due to the Kloudfuse Platform being unified, i.e., all data being present in a single platform, it can cast a wider net for looking into data derived from each of the streams present in the system, making it the most likely to identify problematic behavior in minutes.

Additionally, if instrumentation less tracing is enabled, it can sieve through this wider net in much more efficient manner to eliminate noise and present only the most relevant information which can tremendously reduce the time to resolution.

  • No labels