Skip to content

Autonomous agent

Olly's autonomous agent runs end-to-end investigations and root cause analysis (RCA) across your logs, metrics, traces, and alerts. Instead of returning a single answer to a single question, the agent gathers evidence, forms hypotheses, validates them against your data, and returns a root cause with the supporting evidence and recommended next actions — all in one pass.

This is what differentiates Olly from a query assistant: you describe a symptom or hand it an alert, and Olly drives the investigation itself.

What "autonomous" means

The agent operates beyond single-turn question answering:

  • Multi-step reasoning — the agent breaks an investigation into sub-questions, runs the queries it needs to answer them, and chains the results together.
  • Proactive evidence gathering — when one signal points elsewhere, the agent follows the trail across logs, metrics, traces, and alerts without waiting for you to ask.
  • End-to-end output — every investigation returns a root cause, the supporting evidence, and a recommended fix or next step in the same response.
  • Permission-scoped — the agent inherits the permissions of the logged-in user and accesses only the data that account is authorized to view.

When to use it

Reach for the autonomous agent for any investigation where the answer is not a single query result:

  • Incident triage — "What's going on with the payment service right now?"
  • Alert root cause — "What is the root cause of this alert?"
  • Performance regressions — "Why is checkout latency higher than yesterday?"
  • Anomaly investigation — "Why are login errors increasing? How do I fix this?"
  • Cross-service flow — "Analyze the request flow between these two services."
  • Service health — "Which service is impacting user experience the most?"

For narrower tasks, use the targeted Capabilities instead — for example, DataPrime query assistance for natural-language-to-query conversion, or Explain log for single-entry analysis.

How an investigation runs

Each investigation follows the same loop:

  1. Interpret the request — the agent parses your question (or the context from an alert, case, or page) and identifies the entities involved: services, environments, time ranges, severities.
  2. Gather evidence — the agent queries logs, metrics, traces, and alerts across the relevant data tiers, correlating signals across telemetry types.
  3. Form and test hypotheses — the agent proposes likely causes and validates each one against the data, discarding hypotheses the evidence does not support.
  4. Surface the answer — the agent returns a plain-language explanation of the root cause, the supporting data views, and recommended next steps.

The agent works across all Coralogix data tiers it has access to:

  • High priority data — business-critical telemetry, fully indexed and available for real-time querying.
  • Medium priority data — monitoring telemetry useful for dashboards, alerts, and trends.
  • Low priority data — compliance or archival telemetry stored with limited query capabilities.

Olly does not operate on telemetry in the Block tier, since that data is dropped and not stored in Coralogix. Olly currently accesses data from the team's archive and does not query data from frequent search.

What the agent returns

Each investigation includes:

  • Root cause explanation — a plain-language summary of what happened and why.
  • Supporting data views — alongside the answer, the agent attaches the evidence it relied on:
    • Logs — a raw data table of matching log entries
    • Metrics — a line chart showing returned metric values and labels
    • Spans — a Gantt view of the full trace containing the span
    • Alerts — the logs that triggered the alert
  • Recommended actions — guided recommendations for an immediate fix and, where applicable, for preventing recurrence.
  • Visualizations — line, bar, pie, stacked bar, area, horizontal bar, or multi-series bar charts. Olly selects the most effective type automatically, or generates one on request.

Why answers are reliable

Olly delivers high-quality answers through a Context Engineering Triangle:

  • A purpose-built agent architecture with multiple specialized agents that handle planning, retrieval, and synthesis.
  • An advanced proprietary knowledge system that deeply understands customer telemetry and environments.
  • A rigorous agent evaluation system that continuously measures and improves output quality.

Like any AI-powered system, Olly may occasionally produce incorrect insights, incomplete analyses, or sub-optimal recommendations. The agent is designed to support human decision-making rather than silently replace it, with transparency, control, and feedback signals built into the response. For details on data handling, see Data processing, privacy, and compliance.

Limitations

  • The agent operates only on data tiers Olly has access to (High, Medium, Low). Telemetry in the Block tier is not investigated.
  • The agent currently queries the team's archive rather than frequent search.
  • LLM-based reasoning can make mistakes — review the returned root cause and supporting evidence before acting on it.

Next steps

For natural-language-to-query conversion, see DataPrime query assistance.

Need help? Contact Support.
What's new? Find out here.
LLM? Read llms.txt.
Previous Dynamic tables and export
Next DataPrime query assistance