SUMMARIZATION
Axiom Log-Cost Spike Detector with AI Root-Cause to PagerDuty
When any service's hourly log ingest jumps above its baseline, summarizes the likely cause from recent log patterns and opens a PagerDuty incident with the explanation attached.
How it runs
The automated pipeline, trigger to output.
- TriggerHourly schedule
- ActionQuery Axiom: current vs 14d baseline ingest by serviceAxiom
- LogicFilter to services over spike threshold
- ActionFetch sample of dominant log linesAxiom
- ActionSummarize likely root cause + cost impactOpenAI
- OutputOpen PagerDuty incident with summaryPagerDuty
What it does
Watches Axiom log-ingest rates per service on an hourly cadence. When a service's volume exceeds its rolling baseline by a configured threshold, it samples the offending logs, asks an LLM to characterize what changed (new error loop, debug logging left on, retry storm), and files a PagerDuty incident so cost runaways get caught the same hour they start.
When to use it
Use it when a single misconfigured deploy can 10x your log bill overnight. This catches the spike while it's small and hands on-call a written hypothesis instead of a raw graph.
How it works
- 1An hourly schedule trigger runs the check.
- 2An Axiom query computes current-hour ingest by service against each service's 14-day baseline.
- 3A logic step filters to only services breaching the spike threshold; if none, the run ends quietly.
- 4For each breaching service, Axiom returns a sample of the dominant log lines.
- 5An OpenAI step writes a concise root-cause hypothesis and estimated incremental cost.
- 6A PagerDuty incident opens with the service, the delta, and the summary.
Set it up
What you configure once, before turning it on.
- 1Connect AxiomLog streams, queries, dashboards.
- 2Connect OpenAIModels, embeddings, files.
- 3Connect PagerDutyIncidents, on-call, escalations.
- 4Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
- 5Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
- 6Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.
More Summarization workflows
On-submit Loom standup roll-up archived to Confluence
When a standup video is submitted via webhook, transcribes it, generates a per-person written summary, and appends it to a running team standup page in Confluence.
Front Escalation Handoff Doc in Notion
When a Front escalation closes, drafts a structured handoff document in Notion capturing the resolution, customer commitments, and open follow-ups, then alerts the AE in Slack.
Front Escalation War-Room Brief to Slack
On a Front escalation, posts a concise threat-assessment brief to a Slack channel only when the AI judges the situation high-severity.
VIP Front Escalation Instant Exec Page-Out
Detects escalations from VIP accounts in Front, generates a one-paragraph executive recap, and pages the named account exec via Slack and Salesforce task within minutes.
Release health note per Vercel deploy
When a Vercel deploy goes live, summarizes the Sentry errors observed in the release window into a plain-English health note that separates brand-new error classes…
Rollback recommendation when a deploy spikes errors
When a Sentry alert fires for an error spike, attributes it to the most recent deploy, summarizes whether the spike is dominated by new error classes introduced by that release.
Run it inside a business
This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.
Run this workflow in your colony.
14-day trial. No DevOps. No Sales call. Provisioned in under a minute.