Creating an application performance policy

You can create an application performance policy based on the anomaly score for the application. Crossing thresholds triggers alerts that notify you about issues related to the resources in your application.

Before you begin

The anomaly detection engine must be running on your Insight server in order to monitor the thresholds set in an application performance policy.

About this task

You can create policies that provide alerts on different types of anomaly scores you might want to monitor:
  • To identify any anomaly spikes, create a policy that alerts on first occurrence with a threshold set to a high anomaly score (>90).
  • To identify a change in behavior over time, create a policy that alerts after 1 hour on a medium-high anomaly score. This policy provides an alert based on 3 consecutive anomaly detection scores.


  1. Open OnCommand Insight in your browser.
  2. Click Manage > Performance Policies
    The Performance Policies page is displayed.
  3. Click +Add.
    The Add Policy dialog box is displayed.
  4. Enter a unique policy name in the Policy Name field.
    You must use a name that is different from all the other policy names for the object.
  5. From the Apply to objects of type list, select Application.
  6. Select the application priority from the Application Priority list.
  7. From the Apply after a window of list, select when an alert is raised to indicate a threshold violation.
    The First occurrence option triggers an alert when a threshold is crossed on the first score. All other options trigger an alert when the threshold is crossed once and is continuously crossed for at least the specified amount of time.
    The anomaly score is provided in 30 minute intervals (at 5 minutes past the hour and 35 minutes past the hour), therefore only time periods divisible by 30 should be selected.
    Apply after window of Number of buckets required to throw violation
    First occurrence 1
    5 minutes 2
    10 minutes 2
    15 minutes 2
    30 minutes 2
    45 minutes 3
    1 hour 3
    2 hour 4
  8. From the Warning list, select Critical or Warning
  9. Configure Email if you want to change the default Email notification method.
  10. In the Create alert if section, select an operator, and then enter a value to create a threshold. The anomaly score is the only performance counter used for application performance policies.
    You can create a set of alerts using ranges similar to the following:
    • 0-20 Warning alert
    • 21-50 Warning alert
    • 51-80 Warning alert
    • >80 Critical alert
  11. Select the Stop processing further policies if alert is generated check box if you want the policy to stop processing when an alert occurs.


Notifications are not the only means of viewing violations. Violations are displayed on the application landing page and the violations dashboard, where you can filter them. You can also create a dashboard, add a violation table widget, and filter on your performance policy name to identify application violations.