Insights Rules | Yarken Help

Overview

Insights Rules enable proactive monitoring of spend and usage data by continuously scanning for unusual patterns, risks, and optimization opportunities. Instead of relying on manual reviews or static dashboards, Insights Rules automate anomaly detection and surface actionable signals as data is updated.

Each Insights Rule defines:

What to monitor — the metric and data source
How anomalies are detected — the detection method and thresholds
Who is notified — the notification channel or group
How often rule should run — hourly, daily, weekly, or monthly

Once configured and enabled:

Rules run automatically at a defined frequency
An Insight is generated when behavior falls outside the expected range
Insights appear on the Insights page for review, acknowledgment, investigation, and resolution

Insights Rules are designed to:

Scale across cloud and non‑cloud spend

Concepts

Understanding the following core concepts is essential for configuring and interpreting Insights Rules effectively:

Anomaly
A data point or pattern that deviates significantly from expected or historical behavior based on the selected detection method.
Baseline
The expected range of values learned from historical data, against which current values are compared to identify deviations.
Volatility
The degree of variation in a dataset over time (low, moderate, or high), which influences the choice of detection method.
Seasonality
Recurring, predictable patterns in the data (for example, month-end billing cycles or annual renewals).
False positive
An Insight triggered for behavior that appears abnormal but is actually expected or acceptable (for example, Q4 bonus incorrectly flagged as an anomaly).
Change point
A structural shift in the data that represents a new normal rather than a temporary spike or drop (example, spend increase following a new SaaS contract).
Cooldown days

Cooldown days define how long the system waits before generating a new Insight for the same condition after one has already been triggered.

How Insights Rules work

Insights Rules follow a consistent lifecycle from configuration to resolution.

1. Rule configuration

An admin defines the rule by selecting:

Data source — Spend Cube or Cloud Cube
Metric to monitor
Detection method
Dimensions and filters
Thresholds, severity, and notification settings
Processing frequency and cooldown period

2. Automated execution

The rule runs automatically based on the configured schedule and analyzes incoming and historical data.

3. Anomaly evaluation

The selected detection method compares observed values against the learned baseline or defined thresholds.

4. Insight generation

If abnormal behavior is detected, an Insight is created and displayed in the Insights page for review.

5. Insight lifecycle management

Each Insight moves through defined statuses:
New → Acknowledged → Resolved
Insights can be reopened if additional investigation is required.

Anomaly detection method

The Insights feature supports a single detection method: Z-Score statistical anomaly detection. This method is suited for specific types of cost or usage data.

Method	Description	Suitable for	Why use it	Limitations
Z-Score - Statistical anomaly detection	Measures how far a data point deviates from the mean, expressed in standard deviations. Values that exceed a defined threshold (for example, > 3σ) are flagged as anomalies. Uses a rolling mean, typically over a ~12-month window. Flags points that are more than 2.5 standard deviations from the rolling mean.	Stable datasets with predictable patterns. Examples: Labor, hardware, facilities, and power cost pools	Simple and effective for detecting sharp spikes or sudden drops	Sensitive to natural variance and may over-flag anomalies in noisy data Does not account for seasonality (for example, Q4 bonuses) or recent trend shifts

Next step

Create an Insight Rule

Manage Insights Rules