← Back to all projects

Project / 2025

Manual Triage Automation With Enrichment

An enrichment-driven workflow that replaced manual incident creation by adding routing metadata, onboarding teams through lookup tables, and making ownership decisions automatable.

This project started from a recurring operational gap in the tools teams were using before the workflow existed. They could surface issues, but they did not support reliable routing and did not carry enough metadata to decide ownership cleanly, so incidents were often created manually.

I solved that by using enrichment and custom metadata to turn ownership into data the workflow could read directly, then pairing that with lookup tables for onboarding. The goal was not just to automate ticket creation. The goal was to automate the triage decisions that had previously depended on people.

Outcome Snapshot
  • Replaced manual incident creation with metadata-driven automation.
  • Made team onboarding easier through lookup tables and ownership metadata.
  • Created a reusable automation pattern centered on enrichment and routing context.

Challenge

The signal existed, but the routing context did not. Legacy tooling lacked the metadata needed to identify ownership and did not provide a clean way to onboard teams into consistent routing logic. As a result, analysts were manually creating incidents and reconstructing context before the right team could even be engaged.

  • Replace manual incident creation with workflow-driven routing.
  • Attach team and environment context before human review.
  • Support team onboarding without rewriting logic for every exception.

Approach

Enrichment changed the shape of the problem. Once services and entities carried custom metadata for ownership, environment, and operational context, the workflow could evaluate those fields directly and decide how an incident should be routed.

Lookup tables handled onboarding for teams, queues, and fallback mappings. With that structure in place, the workflow could use enriched context to create incidents automatically and route them with much less manual interpretation.

  • Custom metadata to capture ownership and routing context.
  • Lookup tables to support team onboarding and mapping changes.
  • Workflow logic that turned enriched problem data into automated incident creation.

Outcome

The finished automation reduced manual triage, removed repeatable incident-creation work, and made ownership clearer at first touch. Instead of rebuilding context for every escalation, responders received incidents that were already routed with the right metadata attached.

It also created a better onboarding path for teams because routing behavior could be extended through enrichment and lookup data, not by depending on one-off human interpretation.

  • Less time spent validating ownership by hand.
  • More consistent routing across teams and services.
  • A repeatable enrichment pattern for future onboarding and automation work.