Response time monitoring is straightforward in concept: measure how long your endpoints take to respond and alert when they're too slow. In practice, setting effective thresholds is surprisingly difficult. Too strict and you're overwhelmed with alerts for normal variation. Too loose and real degradation slips through unnoticed.
Understanding Response Time Percentiles
Before setting thresholds, understand what you're measuring. A single "average response time" hides important information:
| Metric | Meaning | Use Case | |--------|---------|----------| | P50 (Median) | Half of requests are faster, half slower | Typical user experience | | P75 | 75% of requests are at or faster than this | Good representation of most users | | P90 | 90% of requests complete at or before this | Catches slower experiences | | P95 | 95% of requests complete at or before this | Alerts for slower tail experiences | | P99 | 99% of requests complete at or before this | Catches extreme slow outliers | | Max | Slowest single request | Edge cases, potential timeouts |
Which percentile to alert on?
- P50/P75 alerts: Catch broad degradation affecting most users. High signal, but may miss tail latency issues.
- P95/P99 alerts: Catch issues affecting a minority of users but often indicating deeper problems. Lower false positive rate for "most users fine" scenarios.
For most production services, monitoring P95 and alerting when it significantly exceeds baseline is the sweet spot — it catches real problems while tolerating natural variation.
Why Static Thresholds Fail
Many teams set static thresholds based on an initial benchmark:
Alert if response time > 500ms
This seems reasonable, but static thresholds break down in several ways:
Natural variation: An API that normally responds in 200ms might spike to 600ms briefly during garbage collection, scheduled jobs, or database maintenance. Static thresholds generate alerts for these normal variations.
Traffic-dependent performance: Many endpoints are slower under high traffic and faster under low traffic. A threshold appropriate for peak hours generates constant alerts during off-peak hours when performance is naturally better.
Seasonal patterns: E-commerce sites are slower during sale events. A threshold appropriate for normal traffic generates alerts during expected-but-acceptable high-traffic slowness.
Gradual drift: An endpoint that starts at 200ms and gradually drifts to 400ms over three months will never trigger a static 500ms threshold, but the 100% performance degradation represents a real problem.
Adaptive Threshold Strategies
Relative Thresholds (Baseline Multiplier)
Alert when current performance is X times worse than the historical baseline:
Alert condition: current_p95 > (7_day_average_p95 × 2.0)
This approach:
- Automatically adjusts for traffic patterns
- Catches gradual drift (as baseline rises, the multiplier keeps pace)
- Generates fewer false positives from normal variation
- Requires a baseline period to be useful
Implementation in AzMonitor:
response_time_alert:
metric: p95_response_time
condition: exceeds_baseline_by
baseline_window: 7_days
threshold_multiplier: 2.0
minimum_absolute_threshold: 200ms # Never alert if under this
Time-of-Day Baselines
Response times vary predictably by time of day. Compare to the same-time-yesterday baseline:
Alert if: current_p95 > (same_hour_yesterday_average × 1.5)
This accounts for daily traffic patterns. Monday 9 AM traffic looks different from Sunday 3 AM traffic — compare like to like.
Statistical Anomaly Detection
More sophisticated approach: alert when response times deviate from the statistical expected value by more than 2-3 standard deviations:
# Simplified anomaly detection logic
baseline_mean = calculate_7_day_average(endpoint, hour_of_day)
baseline_stddev = calculate_7_day_stddev(endpoint, hour_of_day)
z_score = (current_p95 - baseline_mean) / baseline_stddev
if z_score > 3: # 3 standard deviations above mean
fire_alert(endpoint, current_p95)
AzMonitor's anomaly detection uses a variant of this approach, learning the normal variation pattern for each endpoint and alerting on statistically significant deviations.
Response Time Thresholds by Service Type
While adaptive thresholds are better, here are baseline absolute thresholds by service type:
| Service Type | Warn | Critical | |-------------|------|----------| | REST API (simple read) | 200ms | 500ms | | REST API (write operation) | 500ms | 1500ms | | GraphQL API | 300ms | 800ms | | HTML page (server-rendered) | 800ms | 2000ms | | CDN-served static assets | 50ms | 200ms | | Database queries | 50ms | 200ms | | Third-party API calls | 500ms | 2000ms | | Background job processing | 5000ms | 30000ms |
Multi-Dimensional Response Time Monitoring
Single-endpoint monitoring misses the full picture. Monitor response time distribution across:
By endpoint: Which specific endpoints are slow? An aggregated "API is slow" alert is less actionable than "checkout API is slow."
By geographic region: Is the slowness global or regional? A CDN issue might cause slowness in EU but not US.
By HTTP method: GET requests might be fast while POST requests (writes) are slow, indicating a database write bottleneck.
By response size: Larger responses naturally take longer. Correlation between size and latency reveals whether you have a network or processing bottleneck.
Response Time in SLA Contexts
If your SLA includes response time commitments, monitoring response time is not optional. Typical B2B SaaS response time SLAs:
API response time SLA: 95% of requests < 500ms (measured monthly)
To comply, you need:
- Continuous response time measurement (every request logged)
- P95 calculation for SLA reporting period
- Automated reporting against SLA threshold
- Historical data for trend analysis
AzMonitor tracks response time as part of every monitoring check and includes this data in SLA compliance reports.
Connecting Response Time to Business Metrics
Response time doesn't exist in isolation — it affects user behavior:
- E-commerce: Every 100ms increase in page load time correlates with ~1% reduction in conversion (Google/Deloitte research)
- SaaS: Higher API latency correlates with increased support tickets and churn
- News/Media: Slower pages have higher bounce rates and fewer pages per session
Instrument your business metrics alongside response time metrics. When you can show "our API slowdown last Tuesday correlated with a 3% drop in checkout conversion," response time monitoring becomes a business priority, not just a technical one.
Monitor response time continuously with AzMonitor — every check records response time with historical trending and adaptive alerting. See our API latency monitoring guide for API-specific percentile monitoring.
3 monitors free forever · No credit card needed · Set up in 2 minutes
Start monitoring free →