| Category | Connections |
|---|---|
| Work & Collaboration | GitHub (required), Slack, Linear, Asana |
| Observability Platforms | Sentry, Datadog, Grafana, Prometheus, Loki, SumoLogic, Render |
| Cloud Log Providers | AWS CloudWatch, Azure Monitor, Google Cloud Logging |
| Container & Orchestration | Kubernetes |
All observability and cloud log integrations are read-only. Struct never modifies your monitoring configuration, log groups, or workspaces.
Work & Collaboration
GitHub
With GitHub connected, Struct can:
- Cross-reference errors with recent commits and deployments
- Search your codebase for relevant code paths
- Create branches and pull requests when a fix is approved
Slack
Connect Slack to receive investigation reports and trigger on-demand investigations.Triggering Investigations
Mention Struct in any channel where it’s been invited:Auto-Investigation
Struct can also automatically investigate messages in your configured investigation channels. Configure keyword filters to control which alerts trigger investigations, or let AI classification decide. See Auto-Investigations for setup details.Linear
Connect Linear to trigger investigations from issues and receive updates as comments. Assign an issue to Struct or @tag it in a comment to trigger an investigation. Struct posts its findings as a comment on the issue.Auto-Investigation
Enable auto-investigation to have Struct automatically investigate new issues created in your default team. Configure keyword filters to focus on specific issue types. See Auto-Investigations for setup details.Asana
Connect Asana to trigger investigations from tasks. See Auto-Investigations for setup details.Observability Platforms
Struct queries your observability platforms during investigations to pull error details, metrics, traces, and alert context. The more sources connected, the richer the investigation.| Platform | What Struct Pulls |
|---|---|
| Sentry | Stack traces, breadcrumbs, error frequency, affected users |
| Datadog | Metrics, monitors, APM traces, event context |
| Grafana | Dashboard data, alert rules, annotations |
| Prometheus | Metrics, alerting rules, time-series data |
| Loki | Log streams, label-based log queries |
| SumoLogic | Log analytics, search results |
| Render | Service logs, deploy events |
| Snowflake | Telemetry (event tables), query history, read-only SQL |
Sentry
What Struct uses from Sentry
- Stack traces — Pinpoints the exact code path that threw the error
- Breadcrumbs — Reconstructs the sequence of events leading to the error
- Error frequency — Determines if this is a new issue or a recurring pattern
- Affected users — Assesses impact scope
Example
When a Sentry alert fires, Struct automatically:- Pulls the full stack trace and breadcrumbs
- Cross-references the failing code with recent commits
- Checks if this error pattern has appeared in previous investigations
- Delivers a root cause report to Slack
Datadog
Required application key scopes
Datadog enforces read permissions on the application key’s role, not the API key. The role attached to the application key you provide must grant all of the following scopes, or Struct will receive403 Forbidden from the corresponding endpoints:
| Scope | Permission | Used for |
|---|---|---|
logs_read_data | Logs Read | Searching and reading logs |
timeseries_query | Metrics Query | Querying metric timeseries values |
monitors_read | Monitors Read | Reading monitors and alert state |
dashboards_read | Dashboards Read | Listing and reading dashboards |
What Struct uses from Datadog
- Metrics — CPU, memory, latency, error rates, and custom metrics
- APM traces — Distributed traces across services; fetch a full trace by trace ID to inspect span timing and pinpoint the slow or failing service
- Monitors — Alert context and monitor history
- Events — Deployment events, configuration changes
APM trace retrieval requires the Datadog Application Key to have the
apm_read (APM Read) scope.Grafana
What Struct uses from Grafana
- Dashboard data — Queries panels for relevant metrics
- Alert rules — Understands what thresholds triggered
- Annotations — Correlates deployments and incidents with metric changes
Prometheus
What Struct uses from Prometheus
- Metrics — Queries PromQL-compatible metrics during investigations
- Alerting rules — Reads active and pending alerts for context
- Time-series data — Analyzes trends around the time of the incident
Loki
What Struct uses from Loki
- Log streams — Queries logs by labels, service, and time range
- Log context — Pulls surrounding log lines for errors
Example query Struct might run
SumoLogic
What Struct uses from SumoLogic
- Log search — Runs targeted searches across your log data
- Analytics — Aggregates and patterns from log analytics
Render
What Struct uses from Render
- Service logs — Pulls application logs from your Render services
- Deploy events — Correlates errors with recent deployments
Snowflake
Struct connects to Snowflake with key-pair authentication: a fresh RSA key pair is generated for each connection, you set the public key on a dedicated read-only service user, and Struct signs a short-lived JWT per request. There is no password or token to rotate or renew, and no network policy is required.Run the setup command
Copy the generated SQL into a Snowsight worksheet and run it as an admin (e.g.
ACCOUNTADMIN). It creates the service user (if it doesn’t exist), sets the generated public key on it, and grants a read-only role.What Struct uses from Snowflake
- Telemetry (event tables) — Logs, traces, and metrics emitted by stored procedures, UDFs, Snowpark code, tasks, and dynamic tables
- Query history — Failed loads, pipeline errors, and slow queries from the last 7 days, with error codes and timing breakdowns
- Read-only SQL — Answers data questions (counts, lookups, aggregations) against tables you’ve granted access to
Access is read-only
The setup command grants Struct read access only: theSNOWFLAKE.EVENTS_VIEWER application role for telemetry, USAGE on one warehouse to run queries, and SELECT across your databases. Struct can never write to your account.
The database grants are applied by a loop over your current standard databases (shared databases and Native Apps are skipped). FUTURE grants cover new tables, views, and schemas created inside those databases automatically — but if you create a brand-new database later, re-run the EXECUTE IMMEDIATE block from the setup command to include it (Snowflake has no account-wide grant).
To revoke access at any time, run:
IP allowlisting (optional)
You can restrict where the Struct service user is allowed to connect from with a Snowflake network policy:Cloud Log Providers
Struct queries your cloud logs in real time during investigations—pulling relevant log entries, filtering by time range, and correlating log patterns with errors and alerts.| Provider | Status |
|---|---|
| AWS CloudWatch | Available |
| Azure Monitor / Log Analytics | Available |
| Google Cloud Logging | Available |
AWS CloudWatch
What Struct queries
- Log groups — Application and service logs
- Log streams — Filtered by time range and keywords
- CloudWatch Insights — Structured queries across log groups
Example
During an investigation into a Lambda timeout, Struct might query:Azure Monitor
What Struct queries
- Log Analytics workspaces — Application logs, custom logs, diagnostic logs
- KQL queries — Structured queries across Azure log data
- Resource logs — Logs from Azure services (App Service, Functions, AKS, etc.)
Example
Investigating a spike in Azure App Service errors, Struct might run:Google Cloud Logging
What Struct queries
- Cloud Logging entries — Application logs, request logs, system logs
- Log-based queries — Filtered by resource, severity, and time
- GKE and Cloud Run logs — Container and serverless application logs
Example
Investigating a Cloud Run service crash, Struct might query:How Struct Uses Cloud Logs
During every investigation, Struct:- Identifies relevant log sources based on the alert and affected services
- Builds targeted queries to pull error logs, warnings, and contextual entries
- Correlates log patterns with metrics, traces, and code changes
- Highlights key log lines in the investigation report with timestamps and context
Container & Orchestration
Struct can query your Kubernetes clusters directly to pull pod logs, events, and resource status during investigations.| Platform | What Struct Pulls |
|---|---|
| Kubernetes | Pod logs, events, namespace resources |
Kubernetes
What Struct uses from Kubernetes
- Pod logs — Pulls application logs directly from pods
- Events — Surfaces Kubernetes events (restarts, scheduling issues, OOM kills)
- Namespace resources — Lists pods and their status
ServiceAccount Token Setup (Recommended)
This approach uses a secret-bound token that works with all Kubernetes clusters, including GKE, GKE Autopilot, EKS, and AKS:Getting the API Server URL
Run this command to find your cluster’s API server URL:CA Certificate (Optional)
If your cluster uses a self-signed CA, you’ll need to provide the CA certificate:Need an integration we don’t support yet? New integrations can be built in days — reach out at [email protected]. Jira, ClickUp, and PagerDuty integrations are coming soon.