Skip to main content

Investigate anomalies

When viewing the details of a specific anomaly, you have access to multiple resources that help you investigate and address the anomaly, including:

Required permissions

  • Allocations Admin, Anomalies Viewer, Cloud Analytics User

View a cost anomaly

To view a specific cost anomaly:

  1. Sign in to the DoiT console, select Monitor from the top navigation bar, and then select Cost anomalies.

  2. On the Cost anomalies page, find the anomaly of interest.

  3. Select View at the rightmost end of the anomaly entry to launch the cost anomaly details page.

    Note that the time granularity of a cost anomaly chart varies with the data source. See below for two examples.

    An example anomaly based on billing data (daily granularity):

    The details page of a cost anomaly

    An example anomaly based on AWS CloudTrail events (Real-time anomaly, hourly granularity):

    The details page of a cost anomaly

Summary cards

Anomaly summary is displayed in four summary cards. Descriptions of fields not listed below can be found at anomaly properties.

  • Status: The anomaly's Status, Start date, End date, and Duration.

  • Cost impact: The anomaly's impact on the cost. The amount shown in the Cost impact field is the difference between the actual total cost and the maximum cost in the normal range.

  • Context: Information about where the anomaly was detected, including the Account name, Service, and SKU. The format of the Account name varies with cloud provider.

    • Google Cloud: The Cloud Billing account ID that the usage is associated with.

    • Amazon Web Services: Your DoiT customer ID if you're on a Dedicated payer account, or your CloudHealth account ID if you're on a Consolidated billing account.

    • Microsoft Azure: The unique identifier of your Azure subscription; you can also find the Subscription ID on the DoiT console's Assets page.

  • Next steps: Shows whether the anomaly has been acknowledged and the management options. Note that being acknowledged means the anomaly has been reviewed and classified. See Acknowledge anomalies for more information.

Cost anomaly charts

On a cost anomaly chart, you'll see two annotations indicating when a spike was identified as an anomaly (Anomaly detected) and when the anomaly became inactive (Anomaly inactive, see Dynamic updates).

Moving your mouse over the Anomaly detected bar will reveal the following numbers:

  • Cost at time of detection: Value derived from the available cost data when an anomaly was detected. This field applies only to the point of Anomaly detected.

  • Cost since time of detection: Value derived from the cost data received after an anomaly was detected. The anomaly detection system keeps updating this field until the anomaly becomes Inactive.

  • Cost adjustment since time of detection: Negative value derived from the cost data received since an anomaly was detected.

  • Normal range: It's depicted as a shaded area on an anomaly chart. The example below shows one point that exceeds the upper bound of the normal range while also meeting the other criteria. It is reported as an anomaly.

  • Cost of anomaly: The difference between the actual total cost and the maximum cost in the normal range calculated at that moment.

Contributory resources

A list of Resources contributing to this anomaly is displayed after the cost anomaly chart. Combining with Additional info, this list helps you better understand what caused the anomaly and enables you to make informed decisions swiftly.

The example below shows the contributory resources of a service-level anomaly caused by multiple SKUs across different projects.

The cost anomaly contributory resources

Additional info of an anomaly

Note

Additional info is available only for anomalies detected after May 25, 2023.

To gain a quick understanding of an anomaly, select Additional info in the upper-right corner of the anomaly details page.

The additional info consist of three parts:

  • Summary: a brief on the anomaly, including the rationale and the main contributors to the spike

  • SKU explanation: a breakdown of top SKUs that drove the cost increase

  • Optimization: a list of suggestions on how you can optimize the costs associated with the specific service

    The anomaly additional info sidebar

Get expert advice

If you have a DoiT Cloud Intelligence Enhanced or Enterprise plan, you can get expert advice from DoiT by selecting Contact a human expert in the Next steps panel. This will create a support request with prefilled information, where applicable.

Cost anomaly next steps

Open in reports

Note

Cloud Analytics Reports does not support real-time usage data at this time. To investigate a real-time anomaly, check Contributory resources or Additional info.

To decide whether a detected anomaly is really an issue in the context of your business, select Open in Report in the upper-right corner of the cost anomaly chart. It will open a Cloud Analytics report that groups costs by SKUs and uses the provider, service, billing account, project/account ID, and attribution as filters. Select Run report to see the result.

Investigative report of a cost anomaly

When viewing a report, be aware that reports always use the latest usage and cost data available, while the data in cost anomaly charts is only updated until the anomaly becomes Inactive.

See also

Edit report settings

Last updated on