The RCA Agent ships with built-in connectors for Prometheus, Elasticsearch, and Jaeger, but the connector system is designed as an open plugin architecture — any observability platform, internal data store, or custom signal source can be integrated by implementing a single abstract base class and registering the connector in two places. The agent discovers connectors at startup, so once your class is registered it becomes available immediately in both the Streamlit UI source selector and the Python APIDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/vrashmanyu605-eng/devops-root-cause-analysis-agent/llms.txt
Use this file to discover all available pages before exploring further.
sources parameter.
Connector Interface
Every connector must extendBaseConnector from app/connectors/base.py and implement two methods: fetch_signals, which retrieves raw signals for a given time window, and health_check, which the agent calls to verify the data source is reachable before dispatching a task.
context string passed to fetch_signals is the same incident description the user provided at analysis time. Use it to scope queries to relevant services or namespaces — for example, extracting a service name from the context and filtering your search index accordingly will produce cleaner, more focused signals.
The Signal Model
fetch_signals must return a list of Signal objects (defined in app/models.py). The agent’s correlation and LLM ranking steps operate entirely on this standard model, so the quality of your connector’s output directly affects the quality of the hypotheses produced.
| Field | Type | Required | Description |
|---|---|---|---|
source | str | ✅ | Unique identifier for this connector (e.g. "my-splunk"). Appears in evidence excerpts. |
signal_type | str | ✅ | One of "log", "metric", or "trace". |
timestamp | datetime | ✅ | When the signal occurred. Should be timezone-aware UTC. |
content | str | ✅ | Raw signal content: a log line, metric value string, or trace span summary. |
severity | str | ❌ | One of "info", "warning", "error", or "critical". Used to weight signals during correlation. |
metadata | dict | ❌ | Arbitrary key-value pairs for additional context (e.g. {"service": "payment-api", "region": "us-east-1"}). |
The LLM reasoning step receives
content and severity as its primary inputs. Richer, more specific content strings produce better hypotheses — prefer full log lines and labeled metric readings over truncated or unlabeled values.Implementing a Connector
The example below implements a Splunk connector that searches a configured index and maps each result event to aSignal object. Use it as a reference for your own integration.
app/connectors/splunk.py. Keep one connector per file and name the file after the connector key you plan to register in the next step.
Registering the Connector
Connector registration happens in two places: the connector registry (so the agent can instantiate your class by name) andagent.yaml (so it appears in the source selector and is included in analyses).
1. Add the class to the connector registry in app/connectors/__init__.py:
sources list, in agent.yaml, and in the source field of the Signal objects your connector emits.
2. Enable the connector in agent.yaml:
sources parameter in the Python API).
Add the environment variables your connector needs to
.env (or your secrets manager) before starting the agent. For the Splunk example above, set SPLUNK_URL, SPLUNK_TOKEN, and optionally SPLUNK_INDEX. Missing environment variables will cause fetch_signals to fail at runtime with an unhelpful requests error rather than a clear configuration message — validate them in __init__ and raise a ValueError early if any are absent.