Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Whats-New-10-25-Aggregration-Methods #4476

Merged
merged 3 commits into from Oct 25, 2021
Merged

Whats-New-10-25-Aggregration-Methods #4476

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
3d7c6ad
Whats-New-10-25-Aggregration-Methods
daynaslord Oct 22, 2021
1ed52e7
fix(what's new): added a .md and added underscores to make the page p…
mmfred Oct 23, 2021
43c6a0b
chore(WN new aggregation methods): File name had spaces and was not s…
dbarnesbrownNR Oct 25, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
30 changes: 30 additions & 0 deletions src/content/whats-new/2021/10/wn-new-aggregation-methods.md
View file
Open in desktop
@@ -0,0 +1,30 @@
---
title: 'New aggregation methods for NRQL alert conditions'
summary: 'Flexibility on aggregation methods provide fewer false alerts and improved incident time to detection.'
releaseDate: '2021-10-25'
learnMoreLink: 'https://discuss.newrelic.com/t/new-aggregation-methods-for-nrql-alert-conditions/158831'
---

Data latency has caused many users to have inaccurate alert violations. Since data has the potential to come in too late to be evaluated, New Relic has added two new streaming aggregation methods for NRQL alert conditions. With this addition, users have three options to choose from for data aggregation methods:

* **Event Flow** (the new default aggregation method)
* **Event Timer** (the other new aggregation method)
* **Cadence** (the classic aggregation method)

## **Event Flow**

Event Flow aggregation is best designed to be used for situations when data come in frequently and with low event spread, or mostly "in-order.” For every 1-minute processing window, there should be minimal difference between the earliest and least event timestamps.

Event Flow is the default data aggregation option because this method is more likely to result in fewer dropped data points due to latency in most situations, and decreased time-to-detect.

## **Event Timer**

Event Timer is designed to work best for data that comes infrequently and potentially in batches, such as cloud integrations, or error logs. that may for instance, have infrequent error logs.

Event Time, as its namesake, has a Timer setting that starts counting down as soon as the first data point shows up for the aggregation window, and resets every time another data point arrives for that window.

## **Cadence**

Cadence is the legacy data aggregation everyone has grown to know. For this data aggregation option each evaluation window waits exactly as long as the Delay setting is set for. A limitation of this option is that a certain amount of data may be dropped as it comes in "too late" to be evaluated and such dropped data may trigger false alerts.

For further details on each use case, check out [this post](https://discuss.newrelic.com/t/relic-solution-how-can-i-figure-out-which-aggregation-method-to-use/164288).