Overview
CelerFlow continuously monitors your agents and generates risk alerts when it detects anomalous behavior. Alerts help you catch problems before they escalate — a sudden spike in token usage, an agent going offline, or an unusually high rate of blocked operations.Alert types
| Type | Trigger | Severity | What to do |
|---|---|---|---|
token_spike | Token usage exceeds 3x the 7-day average | High | Check if the agent is in a loop or processing unexpectedly large inputs |
latency_spike | Tool call latency exceeds 3x the 7-day average | Medium | Check the target service for outages or rate limiting |
high_block_rate | More than 30% of tool calls blocked in the last hour | High | Review service permissions — the agent may need access to a new service |
security_anomaly | Unusual pattern of write operations to sensitive services | Critical | Investigate immediately — the agent may be compromised or misconfigured |
offline | Agent hasn’t sent a health check in 30+ minutes | Low | Check if the agent process is running. Run celerflow doctor for diagnostics |
Where alerts appear
- Workspace overview — the alert count badge on the stat card
- Agent detail page — alerts specific to that agent
- Notifications — if configured, alerts are forwarded to Telegram, Slack, or WhatsApp
Resolving alerts
Alerts can be resolved from the dashboard:- Open the alert detail
- Review the evidence (trace data, timeline, metrics)
- Click Resolve with a resolution note