Skip to main content

Investigate anomalies

The DoiT console provides multiple ways to help you understand each cost anomaly.

Required permissions

  • Attributions Manager, Anomalies Viewer, Cloud Analytics

View a cost anomaly

To view a specific cost anomaly:

  1. Sign in to the DoiT console, select Governance from the top navigation bar, and then select Cost anomalies.

  2. On the Cost anomalies page, find the anomaly of interest.

  3. Select View at the rightmost end of the anomaly entry to launch the cost anomaly details page, which shows several summary cards, a cost anomaly chart, a list of contributory resources, and options to check additional info, acknowledge the cost anomaly, or open the anomaly in a report.

    The details page of a cost anomaly

Summary cards

Anomaly summary is displayed in four summary cards. Descriptions of fields not listed below can be found at anomaly properties.

  • Status: The anomaly's Status, Start date, End date, and Duration.

  • Cost impact: The anomaly's impact on the cost. The amount shown in the Cost impact field is the difference between the actual total cost and the maximum cost in the normal range.

  • Context: Information about where the anomaly was detected, including the Account name, Service, and SKU.

    • Account name: For Google Cloud it is the Cloud Billing account ID that the usage is associated with. For AWS it is your DoiT customer ID (if you're on a Dedicated payer account) or your CloudHealth account ID (if you're on a Consolidated billing account). For Azure it is the unique identifier of your Azure subscription; you can also find the Subscription ID on the DoiT console's Assets page.

  • Next steps: Shows whether the anomaly has been acknowledged and the management options. Note that being acknowledged means the anomaly has been reviewed and classified. See Acknowledge a cost anomaly for more information.

Cost anomaly charts

On a cost anomaly chart, you'll see two annotations indicating when a spike was identified as an anomaly (Anomaly detected) and when the anomaly became inactive (Anomaly inactive, see Dynamic updates).

Moving your mouse over the Anomaly detected bar will reveal the following numbers:

  • Cost at time of detection: Value derived from the available cost data when an anomaly was detected. This field applies only to the point of Anomaly detected.

  • Cost since time of detection: Value derived from the cost data received after an anomaly was detected. The anomaly detection system keeps updating this field until the anomaly becomes Inactive.

  • Cost adjustment since time of detection: Negative value derived from the cost data received since an anomaly was detected.

  • Normal range: It's depicted as a shaded area on an anomaly chart. The example below shows one point that exceeds the upper bound of the normal range while also meeting the other criteria. It is reported as an anomaly.

  • Cost of anomaly: The difference between the actual total cost and the maximum cost in the normal range calculated at that moment.

Contributory resources

A list of Resources contributing to this anomaly is displayed after the cost anomaly chart. Combining with Additional info, this list helps you better understand what caused the anomaly and enables you to make informed decisions swiftly.

The example below shows the contributory resources of a service-level anomaly caused by multiple SKUs across different projects.

The cost anomaly contributory resources

Additional info of an anomaly

Note

Additional info is available only for anomalies detected after May 25, 2023.

To gain a quick understanding of an anomaly, select Additional info in the upper-right corner of the anomaly details page.

The additional info consist of three parts:

  • Summary: a brief on the anomaly, including the rationale and the main contributors to the spike

  • SKU explanation: a breakdown of top SKUs that drove the cost increase

  • Optimization: a list of suggestions on how you can optimize the costs associated with the specific service

    The anomaly additional info sidebar

Open in reports

To decide whether a detected anomaly is really an issue in the context of your business, select Open in Report in the upper-right corner of the cost anomaly chart. It will open a cloud analytics report that groups costs by SKUs and uses the provider, service, billing account, project/account ID, and attribution as filters. Select Run report to see the result.

Investigative report of a cost anomaly

Tip

Cloud analytics reports always use the latest usage and cost data available, while the data in cost anomaly charts is only updated until the anomaly becomes Inactive.

See also

Edit report settings

Acknowledge a cost anomaly

When you receive a cost anomaly, you can classify it as an anomaly or a false alarm and specify the reason for your choice. Classifying cost anomalies helps your team work through them quicker and also helps us get better at detecting future anomalies.

To acknowledge a cost anomaly:

  1. Navigate to the Cost anomalies page, find the anomaly of interest, and then select View at the rightmost end of the anomaly entry to open its details page.

  2. In the Next steps panel, select Manage anomaly, and then select Acknowledge anomaly.

  3. Classify the anomaly. You can also add comments for future reference.

    Acknowledge a cost anomaly

  4. Save your changes.

Once an anomaly is acknowledged, the acknowledged field in the Next steps panel will show Yes, and its status on the Cost anomalies page will update accordingly.

For an acknowledged anomaly, you can:

  • Select Yes in the Next steps panel to view its classification and other details such as when and by whom it's acknowledged.

  • Select Edit in the acknowledgment card to update the classification and comments.

The cost anomalies page

Last updated on