AI Anomaly Detection & Human Triage

AI → Human

System monitors metrics, AI classifies severity, routes to human.

5 nodes · 4 edgessecurity

eventagenthuman

Visual

Continuous Monitoringevent

Stream metrics from production systems.

↓sequential→ Anomaly Detection

Anomaly Detectionagent

ML model identifies deviation from baseline.

↓conditional→ Classify Severity

Classify Severitysystem

P1-Critical, P2-High, P3-Medium, P4-Low.

↓sequential→ Send Alert

Send Alertapi

Page on-call for P1-P2, Slack for P3-P4.

↓sequential→ Engineer Decision

Engineer Decisionhuman

Investigate, acknowledge, or dismiss.

Open in Editor

uc-anomaly-detection.osop.yaml

osop_version: "1.0"
id: "anomaly-detection"
name: "AI Anomaly Detection & Human Triage"
description: "System monitors metrics, AI classifies severity, routes to human."

nodes:
  - id: "monitor"
    type: "event"
    name: "Continuous Monitoring"
    description: "Stream metrics from production systems."

  - id: "detect"
    type: "agent"
    subtype: "llm"
    name: "Anomaly Detection"
    description: "ML model identifies deviation from baseline."

  - id: "classify"
    type: "system"
    name: "Classify Severity"
    description: "P1-Critical, P2-High, P3-Medium, P4-Low."

  - id: "notify"
    type: "api"
    name: "Send Alert"
    description: "Page on-call for P1-P2, Slack for P3-P4."

  - id: "human_decision"
    type: "human"
    subtype: "review"
    name: "Engineer Decision"
    description: "Investigate, acknowledge, or dismiss."
    security:
      approval_gate: true

edges:
  - from: "monitor"
    to: "detect"
    mode: "sequential"
  - from: "detect"
    to: "classify"
    mode: "conditional"
    when: "anomaly.detected == true"
  - from: "classify"
    to: "notify"
    mode: "sequential"
  - from: "notify"
    to: "human_decision"
    mode: "sequential"

←

Production Incident Response

AI Content Moderation

→