Smarter anomaly detection — fewer false alarms, more context
Traffic-blackout alerts now probe your site before firing. Redirect-storm alerts include the top source IP and a scraper-detection flag. Crawler thresholds tightened across the board.
Several anomaly-detection changes that together cut false-alarm noise and add useful context to the alerts that do fire:
- Traffic-blackout false-positives. Before raising "no traffic" we now probe the site directly. If it responds, the dip is almost certainly upstream sampling noise and we suppress.
- Redirect-storm enrichment. Redirect-storm alerts now name the top source IP and flag whether it matches a known scraper pattern, so you can act without opening the IP page.
- Tighter thresholds for crawler frequency / drop / error spikes. Recalibrated against three months of real traffic so the bar for "unusual" is high enough that low-volume sites don't get spammed.
- Cooldowns honoured. A bug where alerts could fire repeatedly inside their cooldown window is fixed.
- Warm-up bypass. Newly-onboarded sites get an absolute-rate floor and baseline freeze so they don't generate phantom alerts in their first day.