AIMO Docs

Appearance

Outlier detection

Monitors produce aggregate numbers over time: counts, rates, sums, and similar summaries per time window. Outlier detection flags unusual points—values that do not match the pattern of earlier monitor readings.

Line chart of one monitor's value over time. A shaded green band shows the range AIMO has learned to be normal from past readings, with a dashed median line through it. Most points sit inside the band. One point spikes far above the band and is circled in red, labelled as an unlikely value that drives an alert. The vertical axis is the monitor value; the horizontal axis is time.
The shaded band is the "normal" range learned from history; the dashed line is its center. A point that lands far outside the band is unlikely under that history, so it is flagged.

The chart shows the idea at a glance: AIMO learns a band of normal from a monitor's past values, then judges each new reading against it. Points inside the band are expected; the red point falls outside the range history suggests, so it surfaces as an alert. The band is learned, not fixed—it widens or shifts as the series itself changes.

Conceptually:

  1. A model of “normal” is inferred from past monitor values for that series—a set of quantiles that describe which values are common vs rare at a given moment. The middle quantile is the series' typical level (the dashed center line); the outermost quantiles mark the edges of the normal range.

  2. Each new point is scored against that learned range. AIMO compares the reading to the outermost quantiles: a value that lands outside that band—below the lower edge or above the upper edge—is the kind of value history rarely produced, so it can drive alerts or review in the product. (A tiny tolerance at the edge absorbs rounding noise, so a value sitting exactly on a natural floor like zero isn't flagged spuriously.)

The goal is to catch shifts and anomalies in monitor metrics after enough history exists to learn what “typical” means for your table.

Violations and stable baselines

If monitors count violations per window, outliers reflect changes in those counts—not a requirement that counts be zero. Stable high violation rates adapt as the baseline. See Monitors for how aggregates are produced.

The band adapts to each series

AIMO fits the band to the shape of each metric:

  • For metrics that move with time—daily or hourly rhythms, trend, seasonality—the band tracks those patterns, so the same value can be normal at one time of day and unusual at another.
  • For metrics that look the same regardless of when they occur, AIMO fits the band from the recent distribution of values—using a count-aware model for whole-number counts and a continuous model otherwise.

Either way, the band is rebuilt for each window from a rolling history of that series, so it keeps pace as the metric drifts, grows, or settles into a new normal.

Warm-up

A band is only as trustworthy as the history behind it. AIMO waits for enough observed values in a series before it scores points against the band; until then it holds back rather than alert on a thin, unreliable fit. Detection warms up for each series as history accumulates.

Modeling runs on aggregates and artifacts in AIMO after the agent has supplied monitor time series. Raw rows stay on your side. For what the agent computes first, see Operations.