Skip to main content

Investigate anomalies

The DoiT console provides multiple ways to help you understand each cost anomaly.

Required permissions

  • Attributions Manager, Anomalies Viewer, Cloud Analytics

View a cost anomaly

To view a specific cost anomaly:

  1. Sign in to the DoiT console, select Governance from the top navigation bar, and then select Cost anomalies.

  2. On the Cost anomalies page, find the anomaly of interest.

  3. Select View at the rightmost end of the anomaly entry to launch the cost anomaly details page, which shows the main properties of the anomaly, a cost anomaly chart, a list of contributory resources, and options to acknowledge the cost anomaly, check anomaly details, or open the anomaly in a report.

    The details page of a cost anomaly

Anomaly properties

In addition to the anomaly properties displayed on the Cost anomalies list page, two additional properties are shown above the anomaly chart:

  • Billing account ID: For Google Cloud it is the Cloud Billing account ID that the usage is associated with. For AWS it is your DoiT customer ID (if you're on a Dedicated payer account) or your CloudHealth account ID (if you're on a Consolidated billing account). For Azure it is the unique identifier of your Azure subscription; you can also find the Subscription ID on the DoiT console's Assets page.

  • Attribution: The group of resources being monitored. By default, the anomaly detection service monitors three preset attributions: All AWS Resources, All GCP Resources, and All Azure Resources. You can also Monitor cost anomalies on other specific subsets of your overall cloud spend.

Cost anomaly charts

On a cost anomaly chart, you'll see two annotations indicating when a spike was identified as an anomaly (Anomaly detected) and when the anomaly became inactive (Anomaly inactive, see Dynamic updates).

Moving your mouse over the Anomaly detected bar will reveal the following numbers:

  • Cost at time of detection: Value derived from the available cost data when an anomaly was detected. This field applies only to the point of Anomaly detected.

  • Cost since time of detection: Value derived from the cost data received after an anomaly was detected. The anomaly detection system keeps updating this field until the anomaly becomes Inactive.

  • Cost adjustment since time of detection: Negative value derived from the cost data received since an anomaly was detected.

  • Normal range: It's depicted as a shaded area on an anomaly chart. The example below shows one point that exceeds the upper bound of the normal range while also meeting the other criteria. It is reported as an anomaly.

  • Cost of anomaly: The difference between the actual total cost and the maximum cost in the normal range calculated at that moment.

Contributory resources

A list of Resources contributing to this anomaly is displayed after the cost anomaly chart. Combining with Anomaly details, this list helps you better understand what caused the anomaly and enables you to make informed decisions swiftly.

The example below shows the contributory resources of a service-level anomaly caused by multiple SKUs across different projects.

The cost anomaly contributory resources

Check anomaly details

Note

Anomaly details are available only for anomalies detected after May 25, 2023.

To gain a quick understanding of an anomaly, select Anomaly details in the upper-right corner of the cost anomaly chart.

The anomaly details consist of three parts:

  • Summary: a brief on the anomaly, including the rationale and the main contributors to the spike

  • SKU explanation: a breakdown of top SKUs that drove the cost increase

  • Optimization: a list of suggestions on how you can optimize the costs associated with the specific service

    The anomaly details sidebar

Open in reports

To decide whether a detected anomaly is really an issue in the context of your business, select Open in Report in the upper-right corner of the cost anomaly chart. It will open a cloud analytics report that groups costs by SKUs and uses the provider, service, billing account, project/account ID, and attribution as filters. Select Run report to see the result.

Investigative report of a cost anomaly

Tip

Cloud analytics reports always use the latest usage and cost data available, while the data in cost anomaly charts is only updated until the anomaly becomes Inactive.

See also

Edit report settings

Acknowledge a cost anomaly

When you receive a cost anomaly, you can classify it as an anomaly or a false alarm and specify the reason for your choice. Classifying cost anomalies helps your team work through them quicker and also helps us get better at detecting future anomalies.

To acknowledge a cost anomaly:

  1. Sign in to the DoiT console, select Governance from the top navigation bar, and then select Cost anomalies.

  2. On the Cost anomalies page, find the anomaly you want to acknowledge, and select View at the rightmost end of the anomaly entry.

  3. On the specific anomaly page, select Acknowledge anomaly.

  4. Classify the anomaly with one of the options available, and add comments for your future reference.

    The cost anomalies page

  5. Select Save.

After you acknowledge an anomaly, you'll see the information you entered in the Acknowledge anomaly dialog every time you view its details. Additionally, its status will get updated in the Cost anomalies page.

The cost anomalies page

Last updated on