AI & RAG
Datadog Spike Explainer with Runbook Citations in Slack
When a Datadog monitor fires, this looks up the matching runbook knowledge base and posts a plain-English 'why this spiked' answer to Slack with linked Confluence citations.
How it runs
The automated pipeline, trigger to output.
- TriggerDatadog monitor enters Alert stateDatadog
- ActionFetch spiking metric, tags, and time-series windowDatadog
- ActionEmbed alert context and search runbook vectorsPostgres
- ActionDraft grounded explanation from retrieved passagesOpenAI
- LogicBranch on retrieval confidence (answer vs. escalate)
- OutputPost explanation with Confluence citations to SlackSlack
What it does
Turns a raw Datadog alert into an answer. The moment a monitor crosses threshold, it pulls the spiking metric and recent context, searches your indexed runbooks for the most relevant fixes, and posts a concise explanation to the on-call Slack channel — every claim backed by a deep link to the source Confluence page.
When to use it
Use it when on-call engineers waste the first ten minutes of every incident asking 'what does this alert even mean and where's the runbook.' Best for teams that already keep runbooks in Confluence and want the answer pushed to them instead of hunting for it.
How it works
- 1A Datadog monitor transitions to Alert and fires the webhook.
- 2The flow fetches the triggering metric, tags, and the surrounding time-series window from Datadog.
- 3It embeds the alert context and runs a similarity search over the runbook chunks stored in Postgres (pgvector).
- 4An LLM drafts a grounded explanation, citing only the retrieved passages.
- 5A confidence check decides whether to post a full answer or a 'no strong match — escalate' note.
- 6The answer, with Confluence citation links, lands in the incident Slack channel.
Set it up
What you configure once, before turning it on.
- 1Connect DatadogMetrics, traces, log search.
- 2Connect PostgresAny Postgres URL — query, write, migrate.
- 3Connect OpenAIModels, embeddings, files.
- 4Connect ConfluenceSpaces, pages, blueprints.
- 5Connect SlackChannels, DMs, threads, mentions.
- 6Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
- 7Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
- 8Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.
More AI & RAG workflows
RFP and security questionnaire drafter grounded in Coda
Drafts answers to inbound RFP and security questionnaire questions by retrieving approved language from your Coda hub, then files the cited draft for review before a rep sends it.
Detect Breaking API Changes from Spec Diffs and Alert Owners
Compares the new OpenAPI spec against the previous version on each GitLab merge, uses retrieval over the changelog to classify whether changes are breaking.
Grounded reply suggestions for inbound sales email
Reads inbound prospect emails, retrieves the matching answers from your Coda hub.
Coda-grounded sales answer bot with citations in Slack
Reps ask product, pricing, or competitive questions in Slack and get an answer drawn only from your Coda knowledge hub, with links to the exact docs and rows it pulled from.
On-Call Spec Answerer from Dropbox Engineering Corpus
Answers on-call questions posted in a Slack channel by retrieving the most relevant Dropbox engineering specs and replying with a grounded, source-cited answer in the thread.
Agentic Deep-Dive API Researcher for Hard Spec Questions
An agent fielded via webhook that answers multi-part API questions by iteratively searching OpenAPI specs, changelogs, and Confluence runbooks.
Run it inside a business
This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.
Run this workflow in your colony.
14-day trial. No DevOps. No Sales call. Provisioned in under a minute.