Stateless ADTK Detector
The Stateless ADTK Detector plugin brings built in anomaly detection to InfluxDB, using ADTK to catch outliers, shifts, volatility changes, and seasonal anomalies without a separate analytics stack. It helps teams spot issues sooner, cut false positives, and respond faster across observability, IoT, industrial, and other fast-moving telemetry workflows.
Configuration
Plugin parameters may be specified as key-value pairs in the --trigger-arguments flag (CLI) or in the trigger_arguments field (API) when creating a trigger. Some plugins support TOML configuration files, which can be specified using the plugin’s config_file_path parameter.
If a plugin supports multiple trigger specifications, some parameters may depend on the trigger specification that you use.
Plugin metadata
This plugin includes a JSON metadata schema in its docstring that defines supported trigger types and configuration parameters. This metadata enables the InfluxDB 3 Explorer UI to display and configure the plugin.
Required parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
measurement |
string | required | Measurement to analyze for anomalies |
field |
string | required | Numeric field to evaluate |
detectors |
string | required | Dot-separated list of advanced ADTK detectors for different anomaly types |
detector_params |
string | required | Base64-encoded JSON parameters for each detector |
window |
string | required | Data analysis window with flexible scheduling. Format: <number><unit> (e.g., “1h”, “30m”) |
senders |
string | required | Dot-separated notification channels with multi-channel notification support |
Advanced parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
min_consensus |
number | 1 | Minimum detectors required to agree for consensus-based filtering to reduce false positives |
min_condition_duration |
string | “0s” | Minimum duration for configurable anomaly persistence before alerting |
Notification parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
influxdb3_auth_token |
string | env var | InfluxDB 3 API token |
notification_text |
string | template | Customizable notification template message with dynamic variables |
notification_path |
string | “notify” | Notification endpoint path |
port_override |
number | 8181 | InfluxDB port override |
TOML configuration
| Parameter | Type | Default | Description |
|---|---|---|---|
config_file_path |
string | none | TOML config file path relative to PLUGIN_DIR (required for TOML configuration) |
To use a TOML configuration file, set the PLUGIN_DIR environment variable and specify the config_file_path in the trigger arguments. This is in addition to the --plugin-dir flag when starting InfluxDB 3.
Example TOML configuration
adtk_anomaly_config_scheduler.toml
For more information on using TOML configuration files, see the Using TOML Configuration Files section in the influxdb3_plugins/README.md.
Supported ADTK detectors
| Detector | Description | Required Parameters |
|---|---|---|
GeneralizedESDTestAD |
Extreme Studentized Deviate test | alpha (optional) |
InterQuartileRangeAD |
Detects outliers using IQR method | None |
ThresholdAD |
Detects values above/below thresholds | high, low (optional) |
QuantileAD |
Detects outliers based on quantiles | low, high (optional) |
LevelShiftAD |
Detects sudden level changes | window (int) |
VolatilityShiftAD |
Detects volatility changes | window (int) |
PersistAD |
Detects persistent anomalous values | None |
SeasonalAD |
Detects seasonal pattern deviations | None |
Examples
Example 1: Quantile-based detection
Detect outliers using quantile-based detection. This plugin analyzes existing time series data and sends notifications when anomalies are detected.
# Base64 encode detector parameters: {"QuantileAD": {"low": 0.05, "high": 0.95}}
echo '{"QuantileAD": {"low": 0.05, "high": 0.95}}' | base64
influxdb3 create trigger \
--database sensors \
--path "gh:influxdata/stateless_adtk_detector/adtk_anomaly_detection_plugin.py" \
--trigger-spec "every:5m" \
--trigger-arguments "measurement=temperature,field=value,detectors=QuantileAD,detector_params=eyJRdWFudGlsZUFKIjogeyJsb3ciOiAwLjA1LCAiaGlnaCI6IDAuOTV9fQ==,window=1h,senders=slack,slack_webhook_url=$SLACK_WEBHOOK_URL" \
temp_anomaly_detectorSet SLACK_WEBHOOK_URL to your Slack incoming webhook URL.
Example 2: Multi-detector consensus
Use multiple detectors with consensus requirement:
# Base64 encode: {"QuantileAD": {"low": 0.1, "high": 0.9}, "LevelShiftAD": {"window": 10}}
echo '{"QuantileAD": {"low": 0.1, "high": 0.9}, "LevelShiftAD": {"window": 10}}' | base64
influxdb3 create trigger \
--database monitoring \
--path "gh:influxdata/stateless_adtk_detector/adtk_anomaly_detection_plugin.py" \
--trigger-spec "every:15m" \
--trigger-arguments "measurement=cpu_metrics,field=utilization,detectors=QuantileAD.LevelShiftAD,detector_params=eyJRdWFudGlsZUFEIjogeyJsb3ciOiAwLjEsICJoaWdoIjogMC45fSwgIkxldmVsU2hpZnRBRCI6IHsid2luZG93IjogMTB9fQ==,min_consensus=2,window=30m,senders=discord,discord_webhook_url=$DISCORD_WEBHOOK_URL" \
cpu_consensus_detectorSet DISCORD_WEBHOOK_URL to your Discord incoming webhook URL.
Volatility shift detection
Monitor for sudden changes in data volatility:
# Base64 encode: {"VolatilityShiftAD": {"window": 20}}
echo '{"VolatilityShiftAD": {"window": 20}}' | base64
influxdb3 create trigger \
--database trading \
--path "gh:influxdata/stateless_adtk_detector/adtk_anomaly_detection_plugin.py" \
--trigger-spec "every:1m" \
--trigger-arguments "measurement=stock_prices,field=price,detectors=VolatilityShiftAD,detector_params=eyJWb2xhdGlsaXR5U2hpZnRBRCI6IHsid2luZG93IjogMjB9fQ==,window=1h,min_condition_duration=5m,senders=sms,twilio_from_number=+1234567890,twilio_to_number=+0987654321" \
volatility_detectorReady to get started?
Download InfluxDB 3 and have running in minutes.
