Unomaly 2.28 was released on May 21, 2018.


Structured tokenization is now the default

We first introduced structured tokenization in version 2.26, to improve how Unomaly parses logs with nested structures and key-value pairs. In this release, structured tokenization is the default tokenization for new systems. If needed, you can migrate existing systems to use structure tokenization by manually setting them into training (which means that they will be re-learned using the new tokenizer).

Structured tokenization does not need to be applied to existing systems where you do not see tokenization problems. For new systems, this means that you can expect fewer tokenization issues when ingesting data and better segmentation of the data for defining knowns. See the blog post about Structural Tokenization.

New Situation views

After upgrading to Unomaly 2.28, you will find four new views added to the Situations page. These views will make it easier for you to quickly find different types of situations:

  • Known issues where user have defined events that are classified as warning or greater.
  • New events where systems are producing never before seen events.
  • Significant anomalies where systems have situations containing high score spikes and event stops. Frequency anomalies need to be enabled for this view to be available.
  • Starred where users have starred situations for later review.

If you have existing custom views that share the name with a new view, after upgrading you will retain both. You can delete one of the views (or change the name). We recommend keeping the new view, because they are built using the updated condition filters.

Improvement to frequency anomalies

This iteration of the frequency anomalies feature brings you the following changes:

  • New condition options that allow you to filter and create actions based on “large” and “medium” spikes, which makes it faster and easier to find and act on important situations that contain these anomalies.
  • A new algorithm to detect stopped events. The algorithm detects periodic events and creates anomalies when they stop happening. For example, this stop detection will alert users when important processes such as “cron” stop running. The detection is faster than the old algorithm, so when a daily event is missing can be detected within minutes.
  • If you have frequency anomalies enabled, you will see a new view in the Situations page called “Significant anomalies”. You can use this view to monitor anomalies that contain large spikes or event stops.

We are continuing to improve how Unomaly detects and classifies frequency anomalies, but it is still an experimental feature. We recommend that you do not enable frequency anomaly detection in your production environments. Read more about how the feature works in the tech note for frequency anomalies.

Additional updates

  • The console menu provides more information about the Manager and Workers, making it easier for you to see the entire deployment and the active connections between instances.
  • You can now filter events in the Situations page using the known ID.
  • Systems are now listed alphabetically in the Situations page sidebar.

Release versions

You can upgrade automatically to the latest release from the console menu or download manually.

2.28.0.4

June 5, 2018

Unomaly 2.28.0.4 includes the following changes:

  • Fix issue where upgrading from certain versions could fail
  • Fix issue where resetting the admin password could fail

2.28.0.3

May 31, 2018

Unomaly 2.28.0.3 includes the following changes:

  • Fix issue were a new installation could fail because of a Postgres configuration issue

2.28.0.2

May 22, 2018

Unomaly 2.28.0.1 includes the following changes:

  • Fix issue where plugins were not executed properly
  • Fix issue where techdump were not attached to notifications

2.28.0.1

May 21, 2018

Unomaly 2.28.0.1 includes the following changes:

  • Service(s) are restarted when settings are updated
  • Fix issue where a broken known could cause a crash

2.28

May 21, 2018

Unomaly 2.28 includes the following changes:

  • A user without a valid signed in session will now be redirected to the login page if they try to access the web interface
  • Add extra index to situations collection to fix regression in instance analytics collection
  • Add frequency spike colors to the score annotations
  • Reformat Microsoft Teams message to include link to situation
  • Settings modal now says close instead of cancel when there are no unsaved changes
  • Update PostgreSQL to 10
  • Fix bug where jump to events broke after commenting
  • Fix issue where email wan’t fectched correctly when using LDAP- Add manager and worker related information to the console menu
  • Fix issue where the exclude anomalies option in the backup script does not work
  • Fix system alias not used in email notifications