惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

www.infosecurity-magazine.com
www.infosecurity-magazine.com
D
DataBreaches.Net
T
Tailwind CSS Blog
M
MIT News - Artificial intelligence
Stack Overflow Blog
Stack Overflow Blog
F
Full Disclosure
V2EX - 技术
V2EX - 技术
N
News and Events Feed by Topic
Help Net Security
Help Net Security
L
LangChain Blog
Y
Y Combinator Blog
宝玉的分享
宝玉的分享
Google Online Security Blog
Google Online Security Blog
P
Proofpoint News Feed
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
The Blog of Author Tim Ferriss
Google DeepMind News
Google DeepMind News
The Register - Security
The Register - Security
B
Blog RSS Feed
N
Netflix TechBlog - Medium
N
News | PayPal Newsroom
TaoSecurity Blog
TaoSecurity Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
V
Vulnerabilities – Threatpost
B
Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
I
Intezer
H
Hackread – Cybersecurity News, Data Breaches, AI and More
博客园_首页
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
AI
AI
aimingoo的专栏
aimingoo的专栏
大猫的无限游戏
大猫的无限游戏
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Cyberwarzone
Cyberwarzone
P
Proofpoint News Feed
Google DeepMind News
Google DeepMind News
G
GRAHAM CLULEY
Vercel News
Vercel News
罗磊的独立博客
MyScale Blog
MyScale Blog
Last Week in AI
Last Week in AI
博客园 - 司徒正美
C
CERT Recently Published Vulnerability Notes
GbyAI
GbyAI
Scott Helme
Scott Helme
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
T
Troy Hunt's Blog
A
About on SuperTechFans
P
Privacy International News Feed

Datadog | The Monitor blog

Introducing our open source AI-native SAST Instrument and monitor Boomi integration flows with OpenTelemetry and Datadog Not all index scans are equal: How we cut query latency by over 99% Platform engineering metrics: What to measure and what to ignore Integrate Recorded Future threat intelligence with Datadog Cloud SIEM CI/CD security: threat modeling using a MITRE-style threat matrix CI/CD security: How to secure your GitHub ecosystem Ingress NGINX is EOL: A practical guide for migrating to Kubernetes Gateway API Operating agentic AI with Amazon Bedrock AgentCore and Datadog LLM Observability: Lessons from NTT DATA Introducing the Datadog Code Security MCP Capture and analyze custom heatmaps in Session Replay Understand session replays faster with AI summaries and smart chapters Monitor ClickHouse query performance with Datadog Database Monitoring How we designed empathetic alert sounds for on-call engineers Search and act across Datadog to resolve issues faster with Bits Assistant Measure the business impact of every product change with Datadog Experiments Analyzing round trip query latency Configuring JavaScript caches for better performance Introducing Bits AI Dev Agent for Code Security Datadog achieves ISO 42001 certification for responsible AI Monitor Nutanix clusters, hosts, and VMs with Datadog Monitor Juniper Mist in Datadog A new Host Map for modern infrastructure Annotate traces to improve LLM quality with Datadog LLM Observability What’s new in Cloud SIEM: AI-powered investigations, enhanced threat intelligence, and scalable security operations Explore Kubernetes with native OpenTelemetry data Monitor Oracle Fusion Cloud Applications with Datadog Announcing the Datadog Terraform provider v4.0.0 Scaling Kubernetes workloads on custom metrics How to design cloud environments for AI-powered threat analysis Monitor Aruba Central in Datadog How we centralize and remediate risks with Datadog Case Management Accelerate incident response with Datadog and ServiceNow Monitor your application and network load balancer logs Understanding Karpenter architecture for Kubernetes autoscaling Tools for collecting metrics and logs from Karpenter Monitor Karpenter with Datadog What your product data is actually saying Key metrics for monitoring Karpenter Securing Datadog’s platform in the AI age: The role of observability data Four ways engineering teams use the Datadog MCP Server to power AI agents Approaching your observability migration with the right mindset Meet the new Bits AI SRE: Deeper reasoning, twice as fast Key learnings from the 2026 State of DevSecOps study Use plain English to query your multi-cloud infrastructure in Resource Catalog Simplifying troubleshooting across the user journey with Datadog Synthetic Monitoring Protect your OCI resources with Datadog Cloud Security This Month in Datadog - February 2026 Amazon EC2 security: How misconfigured and public AMIs expand your cloud attack surface Enable end-to-end visibility into your Java apps with a single command Measure and improve mobile app startup performance with Datadog RUM Evaluating our AI Guard application to improve quality and control cost Identify untested code across every level of your codebase Make use of guardrail metrics and stop babysitting your releases Monitor Versa Networks SD-WAN performance in Datadog Improve performance and reliability with APM Recommendations Remediate transitive vulnerabilities faster with Datadog Software Composition Analysis Generate audit-ready vulnerability and compliance reports with Datadog Sheets Monitor Fortinet FortiManager performance in Datadog Improve test coverage across codebases with Datadog Code Coverage Move fast, don’t break things: Consistent testing standards at scale Enrich logs with ServiceNow CMDB context before routing to any SIEM or logging tool Monitor Lustre with Datadog Make faster, better product decisions with Datadog Product Analytics Surface and remediate runtime posture issues with Workload Protection Findings Protect agentic AI applications with Datadog AI Guard How to optimize JavaScript code with CSS Trace Google Pub/Sub workloads in Cloud Run with Datadog Detect human names in logs with ML in Sensitive Data Scanner How we cut our NLQ agent debugging time from hours to minutes with LLM Observability Debug PostgreSQL query latency faster with EXPLAIN ANALYZE in Datadog Database Monitoring Datadog acquires Propolis Unify and correlate frontend and backend data with retention filters Scale compliance across global frameworks with Datadog Cloud Security Monitor Arista VeloCloud SD-WAN performance with Datadog Building reliable dashboard agents with Datadog LLM Observability Simplify log collection and aggregation for MSSPs with Datadog Observability Pipelines Mitigation for Node.js denial-of-service vulnerability affecting Datadog APM Automate flaky test fixes with the Bits AI Dev Agent and Test Optimization Datadog integrations 2025 recap: Observability for AI, security, and hybrid cloud Design effective executive dashboards with Datadog Implement dbt data quality checks with dbt-expectations Bring faster visibility into AWS Lambda functions with remote instrumentation Troubleshoot faster with the GitLab Source Code integration in Datadog How Cambia Health Solutions saved $30,000 monthly with Cloud Cost Management and the Datadog Resource Catalog Normalize any logs for Cloud SIEM with Datadog's OCSF processor Optimizing Datadog at scale: Cost-efficient observability at Zendesk Detect, diagnose, and resolve network issues easily with CNM Network Health Securing customer logins with breach intelligence Connect engineering errors to user impact in early-stage products Cilium configuration for Kubernetes operations at scale Designing feedback loops for progressive delivery Ship features faster and safer with Datadog Feature Flags Choosing the right OpenTelemetry Collector distribution Route your monitor alerts with Datadog monitor notification rules Automate Cloud SIEM investigations with Bits AI Security Analyst Cloud threat detection: How to identify risky activity across control and data planes Collecting Kafka performance metrics Monitoring Kafka with Datadog Monitoring Kafka performance metrics
How we built an AI SRE agent that investigates like a team of engineers
2026-01-12 · via Datadog | The Monitor blog

We built Bits AI SRE to help engineers investigate and solve production incidents, one of the most difficult aspects of operating distributed systems today. As environments grow more dynamic and complex, resolving issues becomes more challenging. Failures now span more services, involve noisier signals, and encompass larger volumes of telemetry data, making it hard for on-call engineers to find root causes quickly. Today, Bits AI SRE is already helping teams decrease time to resolution by up to 95%.

Bits AI SRE is our new agent that automatically investigates incidents and monitor alerts by autonomously reasoning over complex telemetry data and producing audit-ready root cause analyses in minutes. Behind the scenes, it mimics the way human SREs think: by forming hypotheses, testing them using live telemetry data, and following promising evidence to a root cause.

Flow showing incident, gather context, test hypotheses, root cause analysis.

In this post, we’ll show how we evaluate Bits AI SRE against real-world data, share performance results, and highlight aspects of this agent’s design.

Benchmarked on real incidents

Evaluating against real incidents is fundamental and critical to building an effective AI SRE agent. This is the most reliable way to measure meaningful progress and ensure that an agent can generalize to the complexity of real-world environments. With the largest dataset of production telemetry data in the industry, Datadog is uniquely positioned to do this well.

We worked across hundreds of teams at Datadog to collect and label real incidents and used them to create a benchmark dataset of test scenarios. We evaluate Bits AI SRE’s performance by scoring its output against each scenario’s ground truth label.

Diagram showing the evaluation workflow: incidents and monitor alerts are labeled by human responders, archived telemetry is fed to the Bits AI SRE agent, and an LLM judge scores the agent's conclusions across multiple criteria. The scores are aligned with human judgments to generate a final pass/fail decision.

We use this benchmark to regularly measure our agent’s performance and improve the agent over time. Our agent’s capabilities have significantly improved over the past year, and we expect them to get even better as we continue to build.

Bar chart showing improvements on our benchmark, with the current version being the most performant.

Investigates like humans, not a summary engine

Bits AI SRE investigates like a team of SREs performing an on-call investigation. Rather than simply summarizing raw telemetry data all at once, Bits AI SRE investigates like a human.

Bits AI SRE will:

  • Formulate hypotheses about the root cause
  • Validate or reject hypotheses using data from targeted queries
  • Repeat this process until it reaches a root cause

This significantly reduces noise that can distract or derail the agent from getting to the correct root cause, and allows the agent to perform deep, insightful investigations by following the evidence where it leads.

Diagram of the branching hypothesis strategy, where each validated hypothesis triggers deeper sub-hypotheses, and branches are explored or pruned based on supporting evidence.

Focuses on causal relationships instead of noise

Early SRE agents scaled by performing more tool calls across the platform and prompting an LLM to summarize the responses. This approach, however, proved to have a notable shortcoming: Increasing the number of tool calls caused the input token count for the summarization prompt to scale linearly. This meant incorporating additional telemetry data slowly degraded model performance or exceeded the context window limit.

In the following incident, Kafka lag was caused by a spike in commit latency. An early version of Bits AI SRE issued 12 tool calls across logs, traces, and metrics. One of the tool calls correctly pinpointed the root cause. But because other tool responses included suspicious signals like critical application errors in an upstream service, the summarization prompt returned an incorrect root cause.

Line graph showing a sharp spike in Kafka offset commit latency for the flights-booked-e0e5 cluster during the investigation period.
Log search results showing critical errors and segmentation faults in the flights-booked-processor service, including repeated failures related to TiktokenCounter.

The newest version of Bits AI SRE correctly surfaces the commit latency as the root cause because the agent focuses on the causal relationship between the monitor alert and specific telemetry data pertaining to a hypothesis, rather than looking at all of the available telemetry data at once.

Graph showing several telemetry signals over time, with most lines displaying minor fluctuations while the commit latency line shows a pronounced spike during the incident window.

Performs deep investigations of multi-component issues

In complex incidents, root causes can span multiple systems or require multiple steps to find. Finding multi-component root causes requires the model to connect multiple independent signals.

When investigating, Bits AI SRE breaks down complex hypotheses into sub-hypotheses. When a sub-hypothesis is supported by evidence, the agent digs deeper. If not, it looks elsewhere, just like a human SRE following the most promising lead.

In the following incident, the agent was alerted to pods in CrashLoopBackOff. An early version of Bits AI SRE surfaced that the alert fired because a pod ran out of memory.

Results view showing confirmed investigation findings, including key results that attribute CrashLoopBackOff events to excessive memory usage causing Out Of Memory (OOM) kills, along with supporting log evidence and an investigation summary.

While this answer is superficially correct, the newest version of Bits AI SRE digs one level deeper to surface that the OOMs were caused by an influx of abnormally large payloads, which led a single pod to crash, triggering the alert. This version of the agent recursively generates deeper root cause hypotheses until it exhausts the search space, allowing for deeper, more insightful investigations into an alert.

Investigation flow diagram beginning with a monitor alert for pods in CrashLoopBackOff and branching into hypotheses. The agent validates that repeated OOM kills were caused by large Kafka payloads, with deeper validated causes such as inefficient parsing logic and corrupt sourcemaps, and alternative hypotheses like excessive concurrency and memory leaks shown but not selected.

What’s next for Bits AI SRE

Over the past year, we’ve seen that solving real-world SRE problems starts with having a robust evaluation framework grounded in data from real production systems. We believe that this is the best way to ensure agents can reliably solve the problems they will encounter every day, and that effectively using production data will be the defining factor in who can build the most capable SRE agent.

We’re just beginning to see what’s possible with autonomous SRE agents. Bits AI SRE has already received overwhelmingly positive feedback from customers who’ve observed reduced time to root cause detection for complex incidents, and it’s only getting better.

We’re actively expanding Bits AI SRE to cover additional real-world situations and data sources. We’re also deepening its capabilities by integrating it with more expert investigator and optimization agents we’re building across the Datadog platform, enabling Bits AI SRE to drive end-to-end resolution workflows.

Get started with Bits AI SRE today. If you don’t already have a Datadog account, sign up for a 14-day free trial.