OneAnalytics docs

Anomaly detection

OneAnalytics' anomaly detector runs continuously over every time-series measure in your dataset and flags outliers. No training, no tuning — pick a measure, pick a grain, enable the detector.

How it works

We use STL decomposition (Seasonal-Trend-LOESS) to split a series into three components:

  • Trend — the long-term direction
  • Seasonality — repeating patterns (weekly, monthly)
  • Remainder — what is left after removing trend + seasonality

The remainder is the "noise". A point is flagged as an anomaly if its remainder is more than (configurable: 2σ / 2.5σ / 3σ) from the mean of the last 90 days of remainders.

For series with too few points (< 30), we fall back to a simpler median absolute deviation (MAD) method.

Where it shows up

  • In reports: dots on a line chart get a red ring when anomalous. Hover shows expected range and deviation.
  • In alerts: create an alert with condition anomaly detected — see Alerts.
  • In the exec brief: "Top 5 anomalies last week" is a standard section.
  • Via API: POST /v1/ai/anomalies returns anomalies for a measure + range.

Tuning

From Dataset → Settings → Anomaly detection:

  • Sensitivity — 2σ (more alerts, more noise) to 3σ (fewer alerts, higher precision)
  • Min cycles — don't flag anything until we have at least N periods of seasonality (default 4)
  • Exclude windows — whitelist known events (launch day, Diwali sale) so they aren't re-flagged every year

Explaining anomalies

Click a flagged point → Why? and Claude walks through the top contributing dimensions:

Expected ₹82L ± ₹4L, observed ₹71L (-13 % or -2.8σ). The South region (-38 %) accounts for 65 % of the deviation. The "Retail" channel in South is the primary driver (-52 %).

This uses the same LLM integration as NL Q&A — tool-driven, grounded in actual rows, no hallucinated explanations.

Limitations

  • Works best on daily or hourly grain with at least 90 points.
  • Sparse data (many zeros / nulls) inflates the remainder and causes false negatives. We warn you in the UI if your series has > 30 % zeros.
  • Business calendar effects (FY-end spikes) need exclude_windows or they'll be flagged year after year.

Cost

Runs on our infrastructure — no per-run pricing. Included in all plans.