# AgentOps Events Firefly's AgentOps Events surface cloud actions performed by **AI agents** — a third class of cloud operator alongside ClickOps (manual changes) and IaC. By classifying agent-driven activity as a first-class event source within the Event Center, Firefly gives you a clear view of *which agent* did *what*, *where*, and *why*. Think of AgentOps Events as the audit trail for your automation: it's where you go to answer "What did agent X do in the last 24 hours?" without spelunking through CloudTrail. ## Overview AgentOps Events are a dedicated source type within the [Event Center](/detailed-guides/event-center.md). Each entry corresponds to an operational action performed by an AI agent — for example, an AWS DevOps Agent, an automation service principal, or an Azure MCP Server-originated call — displayed in the same chronological timeline as ClickOps, CLI/SDK, and Mutation events. Entries include details like timestamp, the agent that acted, the target asset, the action taken, and an AI-generated summary of what happened. This gives you a unified view of AI-driven operational activity across your environments, so you can tell apart routine automated work from unexpected agent behavior — all in the same place you already track human-driven and IaC-driven changes. ### Key Benefits * **Centralized Operational Visibility**: Monitor AI-driven operational activity from a single place across environments, accounts, and providers. * **Faster Troubleshooting**: Investigate failures and unexpected agent behavior with enriched, contextual event details — no jumping between provider consoles. * **Improved Governance & Transparency**: Gain clear visibility into automated operational actions and the decisions behind them, supporting audit and compliance needs. * **Reduced Investigation Time**: Correlate agent events with adjacent operational signals (Mutations, ClickOps, CLI/SDK) to accelerate incident resolution. ## How Events Are Classified Firefly identifies AgentOps activity at ingestion and tags the event with a dedicated `AgentOps` source type. Classification is based on identification patterns including: * **Agent IAM principals** — recognized agent identities such as the AWS DevOps Agent. * **Automation service principals** — service principals carrying an MCP / automation user-agent signature. * **MCP Server-originated calls** — for example, calls originating from the Azure MCP Server. Once classified, the event flows through the Event Center pipeline like any other source, enriched with an AI-generated summary describing what the agent did. ## Capabilities ### Filtering AgentOps Events AgentOps Events appear alongside other Event Center entries and can be isolated using the **Source Type** filter set to *AgentOps*. They can be further refined using the standard Event Center filters: * **Data Source**: Narrow to a specific cloud provider. * **Action Type**: Focus on creates, updates, deletes, etc. * **Asset Type**: Investigate agent activity against specific resource types. * **Owner / Actor**: See which agent performed the action. * **Location**: Filter by region or scope. * **Timeframe**: 24 hours, 7 days, 30 days, or a custom range. A dedicated **AgentOps** hero card on the Event Center landing page provides an at-a-glance entry point, and AgentOps events are marked with a distinct badge and icon in the event list so they're easy to spot. ### Investigating an Event Selecting an AgentOps event opens a side panel with the context needed to investigate: * **AI Summary**: A generated, human-readable description of what the agent did. * **Actor**: The agent identity responsible for the action. * **Source**: Marked as *AgentOps*. * **Target asset and action**: The resource affected and the operation performed. Use the timeline view to correlate the agent's activity with adjacent ClickOps, CLI/SDK, or Mutation events and understand the full sequence of changes. ## Best Practices * Review AgentOps activity regularly to understand what your agents are doing in production. * Use the AI summary as a starting point, then drill into the event details and timeline for root-cause analysis. * Correlate AgentOps events with Mutation and ClickOps events to distinguish intended automation from unexpected behavior. * Track the volume and outcomes of agent-driven actions as part of your operational governance. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.firefly.ai/detailed-guides/event-center/agentops.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.