ceven

Mezmo

Streams Mezmo log events into your incident response flow, triggers automated remediation based on log patterns, and manages your telemetry pipelines from the chat interface.

Try Mezmo in Ceven

Ask Ceven anything
Standard

Why use Ceven?

  1. AI native Mezmo integration

    • Describe the outcome and Ceven picks the right Mezmo calls, fills the parameters, and checks the result.
    • Structured, agent friendly tool schemas so each call runs reliably instead of by guesswork.
    • Rich coverage for reading, writing, and querying your Mezmo data, across all 36 of its actions.

  2. Managed auth

    • Built in OAuth with automatic token refresh and rotation.
    • One place to manage, scope, and revoke Mezmo access.
    • Per user and per environment credentials instead of shared keys.

  3. Agent optimized design

    • Actions are tuned from real success and error rates so reliability climbs over time.
    • Full execution logs so you always know what ran in Mezmo, when, and on whose behalf.
    • The agent pauses and asks when Mezmo is unclear instead of plowing ahead.

  4. Enterprise grade security

    • Fine grained access so you control which agents and people can reach Mezmo.
    • Least privilege by default, read scopes first and only the writes a workflow needs.
    • A full audit trail of every Mezmo action to support review and sign off.

Supported tools

Every action Ceven's agents can run on Mezmo, and when to use it.

Ingest logs
Use this when sending structured logs from a host to Mezmo for analysis or archival.
Delete pipeline alert
Remove a specific alert from a pipeline component after confirming the pipeline and alert IDs.
Search logs
Query log data using specific keywords or time ranges to find system errors.
Get pipeline status
Pull the current health and configuration state of a specific data pipeline.
Create pipeline alert
Set up a new alert trigger based on log patterns or threshold breaches.
List pipelines
Pull a list of all active telemetry pipelines to identify bottlenecks.
Update pipeline filter
Modify the rules for which logs are kept or dropped to manage storage costs.
Get alert history
Pull a list of recently triggered alerts for a specific component.
Pause pipeline
Temporarily stop log ingestion for a specific pipeline during maintenance.
Resume pipeline
Restart log flow for a previously paused telemetry pipeline.
Fetch log sample
Pull a small set of raw log entries to verify the format of incoming data.
Update alert threshold
Change the trigger limit for an existing alert to reduce false positives.
Ingest logs to Mezmo
Tool to ingest log events to mezmo. use when sending structured logs from a host to mezmo log analysis.

13 actions · scroll to see them all

Frequently asked questions

Ceven implements a smart queuing system to handle Mezmo API rate limits. If the agent attempts to ingest logs or query data faster than your specific Mezmo tier allows, Ceven will catch the 429 Too Many Requests response and apply an exponential backoff strategy. This ensures that critical telemetry is not lost and that your workflow does not crash during a system outage when log volume is highest. You can configure the retry window in the workflow settings to match your business priority, ensuring that high priority alerts jump to the front of the queue while routine health checks wait for the rate limit window to reset.
Yes. The agent can design and deploy pipeline configurations by translating your natural language requirements into the specific JSON structures Mezmo expects. For example, if you tell the agent to drop all debug logs from the staging environment but keep them for the production environment, it will identify the correct pipeline components and apply the filters. It validates the pipeline configuration against the Mezmo API schema before submitting the change to prevent breaking your telemetry flow. This allows you to manage your observability infrastructure through a chat interface rather than manually configuring every filter and processor in the Mezmo dashboard.
No. Ceven acts as a conduit between Mezmo and your downstream tools. When the agent pulls logs for an incident report or a summary, that data exists only in the transient memory of the workflow execution. Once the action is complete, such as posting a summary to Slack or creating a Jira ticket, the raw log data is purged from the Ceven execution context. We do not maintain a secondary database of your telemetry data, ensuring that your data retention policies defined within Mezmo remain the single source of truth for your compliance and auditing requirements.
If the authentication token expires or is revoked, the agent will immediately trigger an authentication failure event. If you have a notification workflow configured, Ceven will alert the owner that the Mezmo connection is broken and provide a direct link to reauthorize the integration. Any pending actions in the queue will be paused and held in a retry state for a limited time. Once the new credentials are provided, the agent resumes the pending tasks from where it left off, ensuring that no critical alerts are missed during the credential rotation window.
Absolutely. One of the most powerful uses of the agent is cost optimization. You can ask the agent to analyze which pipelines are producing the most volume and identify the most frequent log patterns. The agent can then suggest specific filter rules to drop noisy, low value logs before they are indexed. Once you approve the suggestion, the agent updates the Mezmo pipeline filters in real time. This prevents your account from hitting overage charges and ensures that your storage budget is spent on high signal data that actually helps your team resolve incidents faster.
Yes. To ensure performance and avoid model context window limits, Ceven limits the amount of raw log data it pulls in a single call. If a search returns millions of lines, the agent will not attempt to read them all. Instead, it uses a sampling strategy or requests aggregated counts from the Mezmo API first. If you need to analyze a massive dataset, the agent will perform multiple targeted queries to isolate the relevant time frames or error codes. This prevents the workflow from timing out and ensures the AI provides a concise summary based on the most representative data points.
The agent is designed to handle both structured and unstructured logs. For structured logs in JSON format, the agent can directly map fields to other tools, such as putting a user ID from a log into a CRM search. For unstructured plain text logs, the agent uses pattern recognition to identify timestamps, log levels, and error messages. If the logs are in a proprietary format, you can provide the agent with a sample and a description of the format, and it will apply that logic to all subsequent logs it processes from that specific pipeline, effectively creating a virtual parser for your custom data.
Access control is managed primarily through the API permissions of the account used to connect Mezmo to Ceven. If you use a scoped API key or a user account with limited permissions, the agent can only see and modify the pipelines that the account has access to. Within Ceven, you can further refine this by adding guardrails to your workflows, such as specifying that the agent should only perform write actions on pipelines that contain the word staging in their name. This provides a double layer of security to prevent accidental changes to critical production telemetry pipelines.

Alternatives to Mezmo

Other tools that solve a similar problem. Ceven supports these too, so you can switch or run more than one at once.

Datadog logoDatadogSplunk logoSplunkLoggly logoLogglyNew Relic logoNew Relic

Try Ceven on your stack

Plug Ceven on top of the tools you already run. Connect Mezmo and the rest of your stack, describe the outcome, and its agents handle the work end to end, days of it in minutes.

Get started for free