Anomaly chart viewlets are useful to quickly see data distribution deviations compared to the normal distribution. The red dashed line displays the average event count and the blue displays the actual event count. The point at which the blue line surpasses the red dashed line is when the anomaly is suspected.
In the example below, anomaly chart uses the function Bollinger Bands to automatically detect anomalies in the number of events per specified time range.
jKQL > Get number of events group by starttime bucketed by minute show as anomalychart