Skip to content
Meddle Docs

Anomaly Detection Connector

Overview

Section titled “Overview”

The Anomaly Detection connector uses machine learning to detect anomalies in data streams.

Connector Type: MeddleAnomalyDetect

Algorithm: Isolation Forest

Configuration

Section titled “Configuration”
{
  "type": "MeddleAnomalyDetect",
  "config": {
    "algorithm": "IsolationForest",
    "parameterKeys": ["temperature", "pressure"],
    "iforestConfig": {
      "numTrees": 100,
      "subsampleSize": 256,
      "anomalyRatio": 0.05,
      "retrainEvery": 50,
      "windowSize": 1000
    }
  }
}

Configuration Parameters

Section titled “Configuration Parameters”
  • algorithm: IsolationForest (currently the only supported algorithm)
  • parameterKeys: Array of payload keys to analyze
  • iforestConfig: Isolation Forest specific configuration

Isolation Forest Parameters

Section titled “Isolation Forest Parameters”
  • numTrees: Number of trees in the forest (default: 100)
  • subsampleSize: Sample size for each tree (default: 256)
  • anomalyRatio: Expected ratio of anomalies (default: 0.05 = 5%)
  • retrainEvery: Retrain model every N samples (default: 50)
  • windowSize: Training window size (default: 1000)

How It Works

Section titled “How It Works”
  1. Training Phase: Collects initial data to build model
  2. Detection Phase: Scores new data points for anomalies
  3. Retraining: Periodically updates model with new data
  4. Output: Adds anomaly_score and is_anomaly to payload

Example Output

Section titled “Example Output”

Input:

{
  "temperature": 25.5,
  "pressure": 101.3
}

Output:

{
  "temperature": 25.5,
  "pressure": 101.3,
  "anomaly_score": 0.42,
  "is_anomaly": false
}

Anomaly detected:

{
  "temperature": 95.0,
  "pressure": 150.0,
  "anomaly_score": 0.89,
  "is_anomaly": true
}

Use Cases

Section titled “Use Cases”
  1. Predictive maintenance - Detect equipment anomalies before failure
  2. Quality control - Identify defective products
  3. Process monitoring - Detect unusual process behavior
  4. Security - Identify abnormal system behavior

Tuning Parameters

Section titled “Tuning Parameters”

For Noisy Data

Section titled “For Noisy Data”

Increase anomalyRatio and subsampleSize:

{
  "anomalyRatio": 0.1,
  "subsampleSize": 512
}

For Stable Processes

Section titled “For Stable Processes”

Decrease anomalyRatio and increase windowSize:

{
  "anomalyRatio": 0.01,
  "windowSize": 2000
}

For Fast-Changing Conditions

Section titled “For Fast-Changing Conditions”

Decrease retrainEvery:

{
  "retrainEvery": 25
}

Best Practices

Section titled “Best Practices”
  1. Select relevant parameters - Only include meaningful metrics
  2. Allow training period - Model needs initial data to learn
  3. Tune anomaly ratio - Adjust based on your domain
  4. Monitor false positives - Adjust parameters if too many false alarms
  5. Combine with alerts - Use with Alert connector for notifications

Example Workflow

Section titled “Example Workflow”
OpcuaReader → AnomalyDetect → Trigger → Alert
                                  
                            InfluxDb2Writer
  1. Read sensor data
  2. Detect anomalies
  3. Trigger on is_anomaly == true
  4. Send alert and store in database
Section titled “Related Connectors”