"We automated the investigation, not the fix."
Every DevOps engineer knows the drill. Alert fires. Open AlertManager, switch to Kibana, check Grafana. Correlate manually across three tools. At 2AM, this takes a hour before you know enough to act.
On Kubernetes 1.33, we integrated an AI agent that reads alerts from AlertManager, queries logs from Elasticsearch, pulls metrics from Prometheus assembling a structured investigation before anyone is paged. The engineer receives a brief, not a fire alarm.
Three scenarios, same stack, different outcomes:
- CrashLoopBackOff: agent identifies OOMKill pattern across 3 restart cycles — engineer approves fix in 5 minutes, not 1 hour
- ImagePullBackOff: Kibana is empty because container never started
- OOMKilled: Prometheus memory trend reveals misconfigured resource limit — fix proposed before engineer opens a single tab
Attendees leave with a reusable investigation pipeline and approval gate design for AI-assisted alert response on Kubernetes.