This analytic rule identifies anomalous high resource utilization within Kubernetes processes, leveraging metrics collected through an OpenTelemetry (OTEL) collector and host metrics receiver. The detection mechanism utilizes a lookup table that contains average and standard deviation values for comparing current resource usage against historical norms. Employing statistical thresholds, the rule flags processes that exceed typical performance baselines by more than four standard deviations. This detection is vital as elevated resource consumption can signify potential security threats, including cryptojacking, unauthorized access, or compromised container instances, which may lead to service disruptions, increased operational costs, and prolonged attacker access. The implementation of this rule involves deploying the OTEL collector in the Kubernetes environment, configuring it for the necessary host metrics, and incorporating the Splunk Infrastructure Monitoring add-on for effective data ingestion.