What is an Alert Agent?
TierZero picks up every alert from PagerDuty, Datadog, Sentry, and Slack and investigates automatically. Known issues get resolved. Related alerts get grouped. No more manual triage.Key Capabilities
Auto-Investigates Every Alert
The moment an alert arrives, TierZero starts investigating — pulling in telemetry data, code, deployments, relevant runbooks, and past incidents to produce a likely root cause and recommended next actions.Groups Related Alerts
Cascading failures are handled as one. TierZero correlates related alerts across services to reduce noise and give you the full picture, not fragmented signals.Escalates with Full Context
When human attention is needed, TierZero escalates with impact and severity analysis included — not just the raw alert, but the investigation findings.Supported Alert Sources
TierZero can respond to alerts from:- Slack
- Opsgenie
- PagerDuty
- FireHydrant
- Rootly
- Datadog (coming soon)
- New Relic (coming soon)
Use Cases
Accelerate Incident Response
- Challenge: Engineers lose time context-switching, gathering telemetry, and triaging severity.
- How it works: Slack and webhook alerts trigger an immediate investigation using your investigation runbook; the details page shows a concise summary, tags (category, services), and a link to the full investigation.
- Outcome: Faster triage with pre-populated likely causes and relevant evidence before responders join.
Reduce Alert Fatigue
- Challenge: High-volume channels and duplicate alerts obscure what needs action.
- How it works: Configure alert agents to focus on relevant alerts, use debounce to prevent frequent repeated investigations during noisy spikes, and use alert insights to extract significant alerts and reduce noise.
- Outcome: Higher signal-to-noise, fewer duplicate investigations, and clearer prioritization.
Scale Team Knowledge
- Challenge: Investigation know-how lives in tribal knowledge and inconsistent practices.
- How it works: Codify investigation steps in your Investigation Runbook, then iterate in Prompt Studio using real alert inputs. Every run produces a summarized, searchable history.
- Outcome: Consistent investigations across rotations and faster onboarding for new responders.
How to Create an Alert Agent
Step 1: Alert Source
Connect your alert source to automatically respond to alerts.- Go to Alert Agents and click “Create Alert Agent”
- Choose a source: Slack, Opsgenie, PagerDuty, FireHydrant, or Rootly
- Slack: Select the channel to monitor
- Webhooks: Select one or more webhook subscriptions
Step 2: Filtering & Notifications
Define which alert events to respond to and where to send notifications.- Text Matches: Specify text patterns to match against (e.g., alert name or monitor ID)
- Sender ID (Slack only): Optionally filter by Slack bot, app, or user ID
- Notifications: Configure where to send investigation results
Step 3: Advanced Instructions (Optional)
Customize how your agent investigates alerts. These settings are optional but can improve investigation quality.- Investigation Runbook: Provide custom instructions that TierZero should follow when investigating alerts. This helps the agent focus on what matters most for your specific alerts.
- Impact & Severity Analysis Runbook: Define how TierZero should assess the impact and severity of alerts for better prioritization.
Step 4: Review
Review your configuration and create the alert agent.- Set a name for your alert agent
- Review all settings
- Click “Create Agent”
Best Practices
1. Configure Investigation Runbooks- Custom runbooks instruct the agent to focus on what matters and produce consistent results
- Begin with alerts that already have documented steps or predictable diagnostics
- Keep these prompts shorter than investigation runbooks for quick triage
- Focus on identifying blast radius: which users, orgs, or services are affected
- Define severity criteria specific to your business (e.g., revenue impact, customer-facing vs internal)
- Helps responders prioritize when multiple alerts fire simultaneously
- Test prompts against real alert inputs, compare versions, and refine quickly
- Save improved prompts back to the agent once satisfied
- Filter alerts to specific monitors, services, or alert types
- Reduce noise by only investigating relevant alerts