Anomaly Detection
Anomaly Detection Console
Centralizes seeded anomaly cases into a review console where operators can filter by severity, status, search text, and score floor before making a disposition decision. The workflow ranks the highest-risk signals, compares each candidate against baseline and current values, and highlights the selected anomaly with score, confidence, window, owner, and history context. Users can escalate, suppress, investigate, or reopen the active row and then log a new anomaly candidate directly into the managed table. A score distribution chart keeps the current queue visually ordered while deterministic seed data preserves a stable preview state before workbook rows are loaded. Teams use the console to reduce triage lag while keeping a traceable action record for every anomaly decision.
Anomaly Triage Queue
Converts detected anomalies into a prioritized work queue with ownership, urgency, and disposition tracking. Users filter the queue by status, severity, owner, and search text before selecting the next item to process in SLA order. The workflow supports claiming work, escalating, suppressing, reopening, and resolving items while appending activity notes to the managed table. Queue health indicators reveal open volume, overdue items, unassigned work, and average age so teams can spot backlog risk and assignment bottlenecks quickly. Deterministic seed rows keep the preview stable until workbook sync loads actual queue items.
Baseline Variance Monitor
Monitors short-horizon variance against reference baselines so teams can judge whether detection thresholds remain trustworthy. Users review seeded scenarios, filter the watch list by status, tune the sensitivity limit, and compare the current drift against the alert band before choosing to hold, tune, or reset the baseline policy. The workflow emphasizes preventive calibration and decision support instead of incident queue processing. It highlights the selected scenario with trend, owner, note, and recommended action context to support governance reviews. Deterministic seed data keeps the variance monitor stable in preview mode while workbook sync initializes.
Change Point Explorer
Identifies potential structural breaks in metric trajectories and supports evidence-based acceptance or rejection of each candidate break. Users filter the candidate list by status, search text, and confidence floor, then select a break to inspect pre- and post-break means, slope shifts, score, owner, and triggering event context. The workflow is hypothesis-driven and suited for root-cause timelines, release impact checks, and policy-change validation. It emphasizes temporal reasoning rather than queue management by linking breakpoints to known events and showing an overview chart plus a selected-break comparison view. Teams use deterministic candidate scoring to standardize break adjudication across weekly anomaly reviews.
False Positive Audit
Audits closed anomaly cases to quantify false-positive patterns by metric, rule, team, and time window. Users review filtered audit slices, inspect precision and workload-cost signals, and drill into a selected case to compare the original alert context against the reviewer’s decision. The workflow supports marking cases as false positive, true positive, or needing tuning, then captures a recommendation for threshold changes, suppression rules, or additional feature work. Teams can also add new audit rows to track follow-up investigations and keep the review log aligned with monthly quality checks. Deterministic seed data keeps the dashboard stable in preview mode while workbook sync hydrates the managed audit table.
Outlier Cluster Diagnostics
Examines anomaly points as spatial and temporal clusters to determine whether outliers share a common operational mechanism. Users filter the cluster shortlist by severity, status, search text, and compactness floor before drilling into the selected cluster. The workflow pairs summary metrics and a density-versus-compactness plot with member-level diagnostics so analysts can confirm whether the pattern is isolated or correlated. It supports decision-making on whether to route work to service owners, infrastructure teams, or data quality stewards. Analysts rely on deterministic cluster summaries to make reproducible triage calls across recurring review cycles.
Seasonality Break Detector
Detects when established seasonal patterns no longer explain observed behavior, signaling potential process or demand regime shifts. Users filter a review queue by status, segment, search text, and confidence floor before selecting a candidate to inspect baseline, recent, expected, and break magnitude context. The workflow supports confirm, false-alarm, and monitor decisions, then logs follow-up notes so teams can track why a seasonal assumption was accepted, rejected, or deferred. A selected-case summary keeps the current review focused on the active metric while the seeded rows preserve a stable preview state until workbook sync replaces them. Teams use deterministic break evidence to decide whether to retrain models, adjust features, suppress known calendar effects, or pause automation.