BigQuery Metric Anomaly Detector with AI-Triaged Slack Alerts

This workflow watches a single business-critical metric in BigQuery — daily revenue, signups, checkout conversion, API error rate, whatever you care about — and catches when it drifts outside normal bounds. On each run it pulls the latest value plus a trailing window (default 30 days), computes a rolling mean and standard deviation, and flags any point that breaches a configurable z-score threshold (default ±3σ). When something looks off, it asks OpenAI to turn the raw numbers into a tight, human-readable explanation ("Signups dropped 41% vs. the 30-day average, the steepest single-day fall in the window") and posts that to Slack with the deviation, direction, and the exact query used. Healthy runs stay silent so you only hear from it when it matters.

Use it when a metric is too important to eyeball but not urgent enough to staff a 24/7 watch. Good fits: revenue or GMV that should never crater overnight, funnel conversion that quietly degrades after a release, infra cost or query spend creeping up, or an error-rate KPI warehoused in BigQuery. It is built for the gap between a static dashboard nobody checks and a heavyweight observability stack — give it a metric and a threshold and it becomes a tireless analyst. Run it hourly for fast-moving signals or daily for trend metrics.

1. 1A schedule trigger fires on your cadence (daily at 08:00 by default).
2. 2A BigQuery query returns the metric's latest value and its trailing window in one shot.
3. 3A logic step computes the rolling mean, standard deviation, and z-score, then decides whether the latest point breaches the threshold. If it is within bounds, the run ends quietly.
4. 4On a breach, OpenAI receives the window and the deviation and writes a concise root-cause-style summary plus a severity call.
5. 5The summary, the magnitude and direction of the anomaly, and the source query are posted to a Slack channel for the on-call team.