Prometheus + ML Intermediate
Prometheus is the leading open-source monitoring system. While it does not include ML natively, you can extend it with ML capabilities for anomaly detection, forecasting, and intelligent alerting using complementary tools and custom exporters.
Adding ML to Prometheus
| Approach | Tool | How It Works |
|---|---|---|
| Forecasting | Prometheus + Prophet | External service reads Prometheus data, runs Prophet, writes predictions back |
| Anomaly Detection | Custom exporter | Python service computes anomaly scores and exposes as Prometheus metrics |
| Built-in Functions | PromQL | Use predict_linear() and holt_winters() for basic predictions |
| ML Platform | Grafana ML | Grafana Cloud's ML-powered anomaly detection and forecasting |
PromQL Forecasting Functions
PromQL
# Predict disk usage 24 hours ahead using linear regression predict_linear(node_filesystem_avail_bytes{mountpoint="/"}[7d], 86400) # Holt-Winters smoothing for seasonal patterns holt_winters(ifHCInOctets{device="eth0"}[1w], 0.3, 0.7) # Alert if interface utilization is predicted to exceed 90% in 4 hours predict_linear( ifHCInOctets_rate5m{job="network"}[6h], 14400 ) > 0.9 * ifHighSpeed * 125000
Custom Anomaly Detection Exporter
Python
from prometheus_client import start_http_server, Gauge from sklearn.ensemble import IsolationForest import requests anomaly_score = Gauge('network_anomaly_score', 'Anomaly score for network interface', ['device', 'interface']) def compute_anomalies(): # Query Prometheus for recent metrics response = requests.get('http://prometheus:9090/api/v1/query', params={'query': 'rate(ifHCInOctets[5m])'}) # Run Isolation Forest and update gauge metrics # ... (training and scoring logic) anomaly_score.labels(device='router1', interface='eth0').set(score) start_http_server(8000) # Prometheus scrapes this endpoint
Grafana ML: If you use Grafana Cloud, its built-in ML features provide anomaly detection and forecasting without building custom exporters. It integrates directly with Prometheus data sources.
Next Step
Learn how to design intelligent alerting systems with dynamic baselines and composite alerts.
Next: Alerting →