agent hive
Join the Waitlist

DEVOPS

Noisy Log Source Throttle via Cloudflare

When projected Axiom overage crosses a threshold, identifies the top log-volume sources and throttles the noisiest Cloudflare-fronted service by tightening a sampling rule.

CategoryDevOps
Enginesim
Difficultyintermediate
Triggerschedule
Steps5
Setup~15 min

How it runs

The automated pipeline, trigger to output.

  • TriggerHourly schedule
  • ActionRank Axiom sources by ingest volumeAxiom
  • LogicGate on projected overage threshold
  • ActionTighten Cloudflare log sampling for top sourceCloudflareCloudflare
  • OutputReport throttle action to SlackSlack

What it does

This workflow finds the single dataset or service driving your Axiom overage and acts on it. It ranks log volume by source, picks the top offender, and applies a tighter log-sampling rule through Cloudflare for that hostname so ingest drops automatically — no human in the loop for routine spikes.

When to use it

Use it once you trust your forecast and want automated remediation for a known-noisy path (debug logging left on, a chatty health check, a retry storm). It buys budget headroom without paging anyone at 2am.

How it works

  1. 1A schedule fires hourly.
  2. 2Query Axiom for the top sources by ingested bytes in the last hour.
  3. 3A logic gate checks whether projected month-end usage exceeds the overage threshold; if not, it exits quietly.
  4. 4Select the noisiest source and map it to its Cloudflare hostname.
  5. 5Update the Cloudflare ruleset to sample that source's logs more aggressively.
  6. 6Post the throttle action and new sampling rate to Slack for visibility.

Set it up

What you configure once, before turning it on.

  1. 1
    Connect AxiomLog streams, queries, dashboards.
  2. 2
    Connect CloudflareWorkers, Pages, R2, KV — the edge stack.
  3. 3
    Connect SlackChannels, DMs, threads, mentions.
  4. 4
    Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
  5. 5
    Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
  6. 6
    Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.

More DevOps workflows

Slack-approved pause for idle Hugging Face Spaces

On a daily scan it finds idle paid Spaces and posts an interactive Slack approval; on approve it pauses the Space and logs the decision to a GitHub issue audit trail.

Block costly Hugging Face Space hardware upgrades in PR review

When a pull request changes a Space's hardware config, it estimates the new monthly cost and posts a GitHub PR comment that flags upgrades crossing a budget ceiling.

Hugging Face Spaces idle-runtime sweep with auto-pause

On a schedule, scans all Hugging Face Spaces for ones running idle past a threshold, pauses them to stop billing, and posts a Slack summary with the estimated monthly savings.

Open a Zoom war-room from a Datadog multi-alert storm

When a Datadog monitor crosses a critical threshold, this workflow dedupes against active incidents, and only for a genuinely new outage it creates a Zoom bridge.

Auto-spin a Zoom war-room when PagerDuty hits SEV-1

When a PagerDuty incident escalates to a critical severity, this workflow creates a dedicated Zoom meeting and posts the bridge link to the incident's Slack channel so responders…

Spin up a war-room on demand from a Slack slash command

When an engineer runs a Slack command, this workflow creates a Zoom bridge, opens a tracking Sentry-linked incident, files a Linear issue for follow-up.

Browse all DevOps

Run this workflow in your colony.

14-day trial. No DevOps. No Sales call. Provisioned in under a minute.

Join the WaitlistBrowse all workflows