Itential + Kentik

From Network Alert to Automated Action

Kentik Sees Everything, Itential Acts on It

Kentik surfaces network performance degradation, traffic anomalies, BGP events, and security threats across hybrid and multi-cloud infrastructure. Connect Itential and every Kentik alert becomes a trigger for a governed, auditable remediation workflow. Detection to resolution without manual handoff, at any scale.

Current Challenges

Observability Without Action Is Just Visibility

Network teams have more telemetry than ever. Kentik surfaces degrading performance, possible attacks, and traffic changes before they become incidents. But surfacing an insight and acting on it are two completely different things. Acting still means switching context, finding the right runbook, escalating across teams, and executing manually while the clock runs. The gap between knowing something is wrong and fixing it is where SLAs slip.

Alerts Without Execution

Kentik fires the alert. Someone still has to triage it, find the right playbook, and execute a fix manually. That handoff takes time the network doesn’t have.

Manual Remediation Introduces Risk

Ungoverned, manual responses to network events lack pre/post validation, audit trails, and rollback controls. The fix can create new problems.

Network Teams Are Already Buried

NetOps teams managing the backlog of daily changes don’t have capacity to act on every observability signal. Automation is the only path to actually closing the loop.

How It Works

From Every Kentik Signal, a Governed Response

Kentik connects to Itential via REST API or the Itential MCP Server. Every performance alert, traffic anomaly, BGP event, or security detection becomes a structured trigger that routes to the appropriate FlowAgent or governed workflow, with pre-checks, remediation, post-checks, and ITSM lifecycle managed automatically.

Kentik Detects, Itential Routes

Kentik surfaces the event with full context: affected infrastructure, traffic flows, severity, and recommended action. Itential receives the signal via REST API or the Itential MCP Server and routes it to the appropriate FlowAgent or remediation workflow automatically, no manual triage required.

Pre-Checks Validate Before Anything Changes

Before any remediation executes, Itential runs pre-checks against live infrastructure state. Current device configuration, routing tables, and service health are validated to confirm the right remediation path and prevent changes that could cause unintended side effects.

Governed Remediation Executes Across Domains

The remediation workflow executes across the affected infrastructure, coordinating changes across network devices, cloud platforms, and ITSM systems simultaneously. RBAC enforced. Blast-radius limits applied. Human approval gates triggered at the thresholds you define.

Post-Checks Confirm and Loop Closes

Post-checks verify the outcome against the pre-change baseline. The ITSM ticket closes with full execution evidence. Kentik confirms restored performance. Every step logged with an immutable audit trail from first detection to final resolution.

Joint Benefits

From Detection to Resolution in a Single Governed Loop

Closed-Loop Detection & Remediation

Kentik detects network performance issues and security events. Itential receives the signal via REST API or MCP and executes governed remediation automatically, with pre/post validation and a full audit trail.

AI-Enriched Network Context

Kentik enriches every alert with infrastructure, application, user, routing, and traffic context. Itential uses that context to select the right remediation workflow and pass structured inputs to FlowAgents.

Multi-Domain Governed Execution

Remediation workflows coordinate changes across network devices, cloud platforms, and ITSM systems in a single governed execution path, with conditional branching and automatic rollback on failure.

Self-Service Network Operations

Publish Kentik-triggered remediation workflows as governed catalog items, giving NOC and network teams one-click resolution for common network events without escalating to senior engineers.

About Itential

Agentic Operations for Infrastructure, Governed at Every Step

Itential is the agentic infrastructure operations platform, connecting AI reasoning to deterministic execution across network, cloud, and IT systems. When Kentik detects an event, Itential receives the signal via REST API or MCP, routes it to the appropriate FlowAgent or workflow, and executes remediation through a single policy-governed engine. Every action validated. Every change attributed. Human approval enforced wherever you define it.

API & MCP Connectivity
Kentik connects to Itential via REST API or the Itential MCP Server, giving any observability event a governed execution path without custom integration work.

FlowAgent-Driven Remediation
FlowAgents receive the Kentik trigger, reason through current infrastructure state, select the right remediation workflow, and execute – with human-in-the-loop approval above configured thresholds.

Multi-Domain, Multi-Tool Orchestration
Coordinate across Cisco, Juniper, Arista, AWS, Azure, and ServiceNow, natively running Ansible, Python, Terraform, and OpenTofu without rework.

About Kentik

Network Observability That Turns Signal Into Action

Kentik is the network observability platform that gives NetOps and SecOps teams complete visibility across data center, edge, cloud, and internet traffic. Kentik ingests flow, routing, and performance data, applies AI to surface threats and anomalies, then emits high-fidelity events that Itential receives via REST API or MCP to drive governed remediation.

Unified Telemetry
Network, cloud, host, container, routing, and synthetic test data in one queryable database, giving Itential the context it needs to act with precision.

AI-Driven Detection
Kentik’s AI surfaces attacks, performance issues, and traffic shifts early, then sends actionable signals to Itential for closed-loop remediation.

Open API Architecture
Kentik exposes its observability data and alerts through a robust API, making every event – AWS blocked traffic, route degradation, DDoS detection – available to trigger Itential workflows.

Go Deeper on Network Observability & Automated Remediation

Blogs

Itential + Kentik: Integrating Observability with Automation for Closed-Loop Remediation of Infrastructure Events

Frequently Asked Questions

–+

Kentik connects to Itential via REST API and the Itential MCP Server. When Kentik detects a network performance issue, traffic anomaly, BGP event, or security threat, it sends a structured trigger to Itential with full context including affected infrastructure, traffic flows, and severity. Itential routes that payload to the appropriate FlowAgent or remediation workflow and initiates governed execution automatically.

–+

Closed-loop automation means that detection and remediation happen in a single automated cycle with no manual handoffs. Kentik detects the problem and provides enriched context. Itential receives the signal, validates infrastructure state with pre-checks, executes governed remediation across affected domains, confirms the outcome with post-checks, and closes the ITSM ticket with full execution evidence. The loop closes automatically with a complete audit trail from first alert to final resolution.

–+

Kentik enriches every alert with contextual data: infrastructure details, application performance, user and customer information, geo, routing data, and policy context including the PeeringDB data set. Itential passes that enriched context as structured inputs to FlowAgents and remediation workflows, enabling them to reason through the right remediation path without requiring human interpretation of raw telemetry.

–+

Every action triggered by a Kentik event flows through Itential’s policy engine before anything touches infrastructure. FlowAgents operate within explicitly defined tool allowlists. Pre-checks validate infrastructure state before execution. Blast-radius limits restrict the scope of any change. Human-in-the-loop approval gates apply at the thresholds you configure per event type. A complete audit log captures every step from detection to resolution.

–+

Any Kentik alert or event that can fire a webhook or REST API call can trigger an Itential workflow. Common triggers include network performance degradation, DDoS detection, BGP anomalies, traffic volume thresholds, security policy violations, and application delivery issues. The workflow selection is based on event type and context, so different Kentik signals route to different remediation paths automatically.

–+

Yes. Itential automatically creates and updates ServiceNow or Jira tickets as part of every Kentik-triggered remediation workflow. Tickets are created when the workflow initiates, updated at each execution step, and closed with full execution evidence when remediation is confirmed. The ITSM lifecycle runs in parallel with the technical remediation, keeping all stakeholders informed without manual ticket management.

Turn Every Kentik Alert Into a Governed Remediation Action

See how the Itential Platform connects to Kentik so every network performance event, traffic anomaly, and security detection triggers a governed remediation workflow automatically, with pre/post validation and a full audit trail.

Request a Demo