AI Team Use Cases

End-to-end investigation scenarios showing how to configure connectors, pipelines, and AI teammates for common operational workflows.

  3 minute read  

This section provides complete setup guides for common AI Team investigation scenarios. Each use case shows which connectors and pipelines to configure, how data flows through the system, and how AI teammates collaborate to resolve issues.

For a high-level introduction to specialized teammates and their capabilities, see Specialized Teammates.

Investigation Pattern

Each use case follows a common Input-Process-Output pattern that connects external systems to AI teammates.

flowchart LR
    subgraph Input
        A[Webhooks]
        B[User Requests]
        C[Monitor Alerts]
    end
    subgraph Process
        D[Pipelines]
        E[Monitors]
        F[AI Teammates]
        G[Human Approval]
    end
    subgraph Output
        H[Connector Actions]
        I[Recommendations]
        J[Communications]
    end
    Input --> Process --> Output

Input routes events to AI Team through event connectors that push webhooks, user requests submitted to channels, and monitor notifications that trigger when patterns spike. AI teammates also pull additional context through connector tools during investigations.

Process transforms raw events into actionable findings. Telemetry pipelines pre-process data with pattern extraction and enrichment. Monitors detect anomalies and route alerts. AI teammates correlate evidence across sources. Human approval gates control changes to production systems.

Output delivers results through connector tools that push changes (GitHub PRs, Jira tickets), remediation recommendations, and communications through Slack or PagerDuty.

Component Relationships

flowchart LR
    subgraph Inputs
        W[Event Webhooks]
        U[User Requests]
        T[Periodic Tasks]
    end
    subgraph Pipelines
        P[Telemetry Pipeline]
        M[Monitors]
    end
    subgraph AI[AI Team]
        C[Channels]
        O[OnCall AI]
        S[Teammates]
    end
    subgraph External[External Systems]
        E[GitHub, AWS, Jira...]
    end
    W --> C
    U --> C
    T --> C
    P --> M
    M --> C
    C --- O
    C --- S
    O <--> MCP[MCP Connectors]
    S <--> MCP
    MCP <--> E

Channels receive all inputs and provide the collaboration space where OnCall AI coordinates with teammates and humans. Monitors bridge telemetry pipelines and channels, detecting anomalies and pushing alerts. MCP connectors bridge AI Team and external systems bidirectionally: teammates pull context during investigations and push changes (PRs, tickets, notifications) as outputs.

Use Cases

Anomaly-Triggered Investigation

Pattern anomaly monitors detect unusual log patterns and trigger autonomous AI investigations. OnCall AI receives anomaly events and delegates to SRE and Code Analyzer to identify root causes.

Connectors: Edge Delta MCP, GitHub, Pattern Anomaly Monitor

View use case

Coordinate across observability and security domains when degradation has potential security implications. Security Engineer joins SRE to assess whether infrastructure changes indicate compromise.

Connectors: Edge Delta MCP, AWS, GitHub

View use case

Cross-Platform Telemetry Investigation

Query logs, metrics, and traces across Elasticsearch and Edge Delta to correlate findings from multiple observability platforms. SRE uses both MCP connectors to build a complete picture from distributed data sources.

Connectors: Edge Delta MCP, Elastic MCP

View use case

Database Performance Investigation

Correlate telemetry across NGINX, backend services, and PostgreSQL to identify cascading database failures. SRE traces errors from frontend through backend to identify long-running queries or connection pool exhaustion.

Connectors: Edge Delta MCP, GitHub, Streaming Connectors

View use case

CI/CD Pipeline Failure

Determine whether build failures stem from code changes, test flakiness, or environmental problems. Code Analyzer pulls structured job metadata and correlates with GitHub context to distinguish regressions from transient issues.

Connectors: CircleCI, GitHub, Edge Delta MCP

View use case

Ingest Failure Investigation

Investigate cascading ingest failures across message buses, frontends, and storage tiers. SRE correlates telemetry from Kafka brokers, ingest APIs, and storage services while Code Analyzer checks for deployment-related causes.

Connectors: Edge Delta MCP, GitHub, Pattern Anomaly Monitor

View use case

Next Steps

In This Section