Triage and analyze alerts agentic workflow
Use the Triage and analyze alerts agentic workflow to complete preliminary alert tasks and analysis.
Triage and analyze alerts agentic workflow overview
- Acknowledge alerts.
- Assign alerts to individual users and assignment groups.
- Summarize alert and alert group data to create a human-readable description and add technical analysis.
- Investigate relevant past incidents to analyze the significance of the alert and present options for resolution.
Use the information on this page to learn about the agents related to the Triage and analyze alerts agentic workflow. To modify the Triage and analyze alerts agentic workflow, you must duplicate it and adjust the settings according to your requirements. For more information, see Duplicate an agentic workflow.
Triage and analyze alerts agentic workflow
Acknowledge, assign, and investigate current and past alerts to determine significance and possible resolutions.
To access the agentic workflow, use the Now Assist panel. For more information about using the agentic workflow in the Now Assist panel, see Now Assist panel.
AI agents used in the Triage and analyze alerts agentic workflow
The Triage and analyze alerts agentic workflow uses a team of AI agents to perform preliminary tasks and support alert resolution.
| AI agent | AI agent role |
|---|---|
| Alert handling AI agent | Assign, acknowledge, and maintain an up-to-date alert record. |
| Alert analysis AI agent | Perform alert analysis, and update alert description, when applicable. |
| Alert history analysis AI agent | Analyze past occurrences, assess its significance, and close the alert when applicable. |
| Related incidents analysis AI agent | Analyze past incidents and provide insights on common assignments and summarized resolution notes. |
| Alert verification AI agent | Assess data completeness and determine whether the alert is suitable for analysis. |