Coordinate planned work
Remind the lead before the window opens. Confirm the start. Chase an answer when the window is about to close. Publish start and end notices. All night, on a timer.
Calendar babysitting, every shift
AI operator for the 24/7 NOC
NOCless coordinates planned work, watches and correlates alerts, and diagnoses and escalates incidents — the repetitive 80% of a NOC operator's shift. It reads your systems through strictly read-only adapters, runs on your own infrastructure, and a human approves every action by default.
The problem
A NOC operator on shift does the same three things, over and over, all night. They are essential, repetitive — and none of them requires touching a system.
Remind the lead before the window opens. Confirm the start. Chase an answer when the window is about to close. Publish start and end notices. All night, on a timer.
Calendar babysitting, every shift
Stare at Grafana, Zabbix and status pages. Deduplicate the storm, connect the three alerts that are one incident, and decide what actually matters at 3 a.m.
Hours of screen-watching per night
Pull the logs, check VM and pod state, figure out roughly what broke — then find the right on-call engineer and wake them up with enough context to act.
20 minutes of lookup before every call
NOCless takes over all three. Your engineers get woken up with a diagnosis, not a pager tone.
How it works
NOCless connects to what you already run. Four specialised agents divide the operator's job between them, and everything they touch goes through read-only adapters.
orchestrator · task queue · LLM router
Coordinator
Runs the planned-work lifecycle — reminders, start and end notices, extension requests. Mostly a deterministic state machine.
Observer
Correlates and deduplicates the alert stream and qualifies what actually matters.
Investigator
Runs first-line diagnosis — logs, VM and pod state — through read-only tools only.
Escalator
Looks up the right on-call engineer and notifies them with a ready-made summary.
one adapter = one service account, read-only RBAC
The LLM is used only where reasoning is needed — interpreting a free-form "give us another hour" reply, correlating alerts, drafting a summary. The planned-work lifecycle itself is a deterministic state machine. That keeps cost, latency and hallucination risk down on critical paths.
Trust by design
NOCless was designed for telco and banking environments. The guarantees below are architecture, not configuration.
Every integration is a separate adapter with its own service account and read-only RBAC. No write path exists — not "disabled", not "restricted". NOCless cannot change anything in your systems, by construction.
Every action that reaches a human — a work notice, an escalation call — is gated by an autonomy policy. The default is L0: the agent proposes, your operator sends. Autonomy is earned per action type, with data.
Every agent decision, every prompt sent to a model, every outbound message lands in an append-only audit log. No exceptions. It is your compliance trail and the evidence base for raising autonomy.
Deployed on-prem — Kubernetes via Helm or docker-compose — with an air-gapped option. Bring a local model (Ollama, LM Studio) or your own API key. Your data never leaves your infrastructure.
L0 · Proposedefault
Agent proposes every notice and escalation; the operator reviews and sends. Shadow mode — rollout starts here.
L1 · Partial
Routine work notices go out automatically; escalations still need operator approval.
L2 · Full
Full autonomy on gated actions; one operator supervises many instances.
Set per action type, per tenant. You climb the ladder only as agreement data accumulates — never by default.
Integrations
Every integration is read-only: one adapter, one service account, read-only permissions. Nothing to install on the monitored side.
Prometheus
Metrics
read-only
Grafana
Dashboards & alerts
read-only
Kubernetes
Pods & workloads
read-only
Kibana
Logs
coming soon
Zabbix
Monitoring
coming soon
Proxmox / VMware / Hyper-V
Virtualization
coming soon
Teams / SMS
Notifications
coming soon
"Coming soon" means exactly that — the adapter is designed but not shipped yet. We would rather tell you now than surprise you in a PoC.
FAQ
No. Every adapter is strictly read-only — a separate service account with read-only permissions, and no write path anywhere in the codebase. NOCless observes, diagnoses and communicates. Changing systems is a design boundary, not a setting.
By default nothing reaches a human without operator approval: NOCless starts at autonomy level L0, where the agent proposes and your operator sends. Every decision and message is also written to an append-only audit log, so a wrong proposal is reviewable evidence — not an outage.
Yes. NOCless deploys on your own infrastructure (Kubernetes via Helm, or docker-compose) and can run with a local model via Ollama or LM Studio instead of a cloud API — or with your own API key if you prefer a hosted model. No data has to leave your network.
Nowhere. Alerts, logs and diagnosis context stay inside your deployment. State and the audit log live in your PostgreSQL. With a local model, even prompts never cross your perimeter.
It is not an auto-remediation bot. It will not restart your pods, roll back a deploy or "fix" anything — no such action exists in the product. A human always makes the fix decision; NOCless hands them the diagnosis.
NOCless is deployed per environment and priced accordingly — talk to us and we will scope it with you. Book a demo and bring your hardest shift.
Thirty minutes, your scenarios. We will show you the console, the autonomy ladder and the audit log — and where the write access would be, if there were any.
Book a demoBuilt by Bitflip. Early access — shaped with design partners.