Anomaly detection is the backbone of Baresquare. It refers to a series of statistical techniques that are used to determine whether a data observation should be considered anomalous or not. It also assigns a weight to identified anomalies so that tickets are created for the most important ones.

Every incident reported as a ticket on Baresquare refers to a time-series data anomaly that was spotted for a metric and a set of dimensions.

Anomaly detection employs a look-back window (28 days by default for daily granularity actionflows) and performs a series of tasks that aim to examine every single metric and all possible dimension combinations included in the actionflow's data schema.

First, the algorithm determines whether seasonality (e.g., weekly) comes into play in each examined time series after an outlier detection model is applied.

Then, different techniques are used for time series without seasonality and seasonal ones. This means that the algorithm treats a time series differently in cases where a spike is recorded, for example, every Monday and the expected limits that are to be calculated refer to this weekday.

In both cases, the stationary and the trend of the data, the noise, as well as the range and the volume are taken into consideration.

After the model is evaluated, the output involves the calculation of the expected limits (higher and lower expected values). These are used to assign a weight to the time series at hand, along with the volume of the dataset in terms of contribution to the total and the deviation from the limits.

Lastly, some adjustments take place taking into account holidays and special events (this is a work-in-progress, expected to go live soon), as well as the type of metric at hand.

The final result is illustrated in the 'Trend view' tab, which can be found below the main description of each ticket.

By hovering over the graph, users can quickly view the data, including the actual and expected values: