Abstract: A computerized method is disclosed that includes operations of receiving incoming data including event data, extracting entities from the event data based on a graph ontology, generating a graph-based dense representation of each graph entity according to the graph ontology, wherein the graph-dense representations are stored in a vector database, computing relatedness scores between each of the entities, generating a listing of events related to a selected event, wherein the listing of events is ordered by corresponding relatedness scores, generating a graphical user interface illustrating the listing of events related to the selected event, and causing rendering of the graphical user interface on a display screen of a network device. Generating the graph-based dense representations may include training a graph neural network model on a corpus of metapaths to produce node embeddings.

Abstract: Implementations of this disclosure provide an anomaly detection system that automatically tunes parameters of a forecasting detector that detects anomalies in a metric time series. The anomaly detection system may implement a three-stage process where a first stage tunes a historical window parameter, a second stage tunes a current window parameter, and a third stage tunes the number of standard deviation different from historical mean required to trigger an alert. The tuned historical window length determined by the first stage may be provided to the second stage as input. Both the tuned historical window length and the tuned current window length may be provided to the third stage as input as use in determining the tuned number of standard deviations.