Calculations for first and second level alarm generation in anomaly detection application

Hi,

       I have executed the anomaly detection application which is an existing application under example server. I want to understand the statistics behind the generation of alarms.

    After the autoregression analysis of time series data(training data) there was the predicted value and the actual value. The error and square error were calculated and mean and standard deviations of error and square error were calculated and all other colums got filtered.

  Then autoregression analysis of time series data(testing data) was performed and from that "abs(error)-mean(this is the mean of error values of training data)" and " square error-mean(this is the mean of error values of training data)" were calculated and the rule engine was given.

          I wan to know how these calculations was decided and performed. What is the advantage of these calculations and any other calculations available to generate the alarms.

       Please help me.

Hi,

The 2 level alarms was decided to avoid spike generated alarms. It was of course an arbitrary decision. Other alarm strategies could be implemented. Thresholds were also chosen arbitrarely for this examples. They could optimized throuh an optimization loop. Details are available in the whitepaper on the KNIME web site www.knime.org under RESOURCES then whitepapers, under IOT section. Let me know if you need more information.

Hi,

      Thanks for your reply and I will go through that whitepapers.