Goal
Learn what is normal for each pod over 7 days. Score every alert against baseline. Eliminate 90% of false positives automatically.
Tasks
- Build baseline.py: rolling 7-day window of alert patterns per pod
- Track: alert rules seen, frequency, time-of-day distribution
- Anomaly score = deviation from baseline (z-score)
- Integrate anomaly score into Claude reasoning prompt
- Build GET /baseline/:namespace/:pod endpoint
- Persist baseline to disk (JSON) so it survives restarts
Acceptance criteria
- Baseline built after 100+ alerts per pod
- memfd_create suppressed automatically after 7 days of false positives
- New unusual behavior scored higher than baseline behavior
- UI shows baseline status per pod
Goal
Learn what is normal for each pod over 7 days. Score every alert against baseline. Eliminate 90% of false positives automatically.
Tasks
Acceptance criteria