Alert Processing Pipeline

How the agent transforms raw alerts into enriched tickets

Raw Conviva Payload

Incoming webhook data

{
  "source": "Conviva",
  "alert_source": "AI Alert",
  "event_id": 1457888888,
  "account_name": "c3.Parkin",
  "root_cause": "iOS 26.1 and Riyadh",
  "cumulative_impacted_unique_devices": 19192,
  "metric_name": "Checkout Duration",
  "alert_time": "02:45 Jan 18, 2026 PST",
  "value": "21 sec",
  "severity": "info",
  "custom_fields": {
    "additionalValue": "example"
  }
}

Agent Pipeline

Total: 4.2 seconds
Ingest Alert0.1s

Received Conviva webhook payload

Classify Severity0.8s

Reclassified from INFO to HIGH based on impact analysis

Search Knowledge Base0.6s

Semantic search across 847 articles

Search Historical Incidents0.4s

Pattern matching against 2,341 past incidents

Generate Diagnostic1.8s

LLM analysis with context from KB and historical data

Create ITSM Ticket0.3s

Enriched ticket with full diagnostic context

Route to Team0.2s

Auto-assigned based on root cause classification

Enriched ITSM Ticket

Auto-generated output

INC-5102HighAI Enriched

Checkout Duration Spike - iOS 26.1 Riyadh

TeamMobile App Support
SourceConviva #1457888888
Impacted Devices19,192
KB Articles2 matched
Historical Matches2 similar
AI Diagnostic Included

Full root cause analysis with correlation to historical incidents and recommended actions...

Before vs After

Value demonstration

Before (Manual L1)

  • Raw alert with no context
  • 30+ minutes investigation
  • Manual KB search
  • Inconsistent ticket quality
  • Delayed team routing

After (With Agent)

  • Enriched alert with full context
  • 4.2 seconds processing
  • Automatic KB matching
  • Consistent, complete tickets
  • Instant intelligent routing