agent hive
Join the Waitlist

DATA OPS

Snowflake PII Drift Slack Triage with Interactive Approve or Suppress

Scans Snowflake for newly added columns matching sensitive patterns and posts each finding to a Slack channel where reviewers can approve, suppress, or escalate the field inline.

CategoryData Ops
Enginesim
Difficultyintermediate
Triggerschedule
Steps6
Setup~15 min

How it runs

The automated pipeline, trigger to output.

  • TriggerHourly schedule starts the inventory scan
  • ActionQuery Snowflake column inventory and sample valuesSnowflakeSnowflake
  • LogicDiff against last inventory to find new columnsPostgreSQLPostgres
  • LogicScore new columns against PII signatures
  • OutputPost interactive triage card to Slack channelSlack
  • ActionPersist reviewer decision to suppress or baselinePostgreSQLPostgres

What it does

This workflow detects newly appeared sensitive columns in Snowflake and turns each one into a Slack triage card. Reviewers act on the finding directly in the thread — confirming it as expected PII, suppressing a false positive, or escalating for deeper handling — without leaving chat.

When to use it

Use it when you want fast, lightweight human triage of schema drift in a channel your data team already lives in, rather than a heavier ticketing process for every single column.

How it works

  1. 1An hourly schedule starts the scan.
  2. 2The workflow queries Snowflake `INFORMATION_SCHEMA` for the live column inventory and samples values for any unseen columns.
  3. 3It diffs against the last recorded inventory in Postgres to find only newly introduced columns.
  4. 4A PII matcher scores each new column by name and value signature.
  5. 5For columns scoring above threshold, it posts an interactive Slack message with table, column, masked samples, and approve / suppress / escalate buttons.
  6. 6The reviewer's choice is written back to Postgres so suppressed columns never re-alert and approved ones become part of the known baseline.

Set it up

What you configure once, before turning it on.

  1. 1
    Connect SnowflakeWarehouses, queries, shares.
  2. 2
    Connect PostgresAny Postgres URL — query, write, migrate.
  3. 3
    Connect SlackChannels, DMs, threads, mentions.
  4. 4
    Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
  5. 5
    Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
  6. 6
    Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.

More Data Ops workflows

Weekly BigQuery Cost Trend Sheet and Exec Digest

Compiles week-over-week BigQuery scheduled-query cost by owner and dataset into a Google Sheet with trend columns.

Daily BigQuery Scheduled-Query Cost Attribution to Owners

Each morning, totals the prior day's on-demand bytes-billed per scheduled query, maps each query to its owner from a label, and posts a per-owner cost leaderboard to Slack.

BigQuery Per-Team Budget Breach Alert to PagerDuty

Tracks month-to-date BigQuery scheduled-query spend per team and, when a team crosses its monthly budget, pages the team's on-call in PagerDuty and snapshots the spend breakdown…

dbt source freshness watcher with severity-routed alerts

Checks Snowflake loaded-at timestamps against each dbt source's freshness SLA, then routes warnings to Slack and hard breaches to a PagerDuty incident so stale data never…

dbt orphan model detector with Linear cleanup tickets

Scans your dbt manifest for models that no other model, exposure, or BI tool consumes.

Raw Sensor Telemetry Archive to BigQuery

Captures every incoming building sensor reading via webhook, normalizes the payload into a consistent schema.

Browse all Data Ops

Run this workflow in your colony.

14-day trial. No DevOps. No Sales call. Provisioned in under a minute.

Join the WaitlistBrowse all workflows