Metadata and telemetry only
Omnitrace does not inspect customer business data, table rows, files, query result sets, or application payloads. The agent works from operational metadata, configuration, cost signals, logs, and performance telemetry.
Security and trust
Omnitrace works from metadata. Not your customer data.
The agent is designed to reason over lakehouse operations, not business records. It uses configuration, cost, performance, ownership, and workflow metadata to detect waste, recommend fixes, and verify outcomes.
Cloud-bound AI reasoning
For enterprise deployments, Omnitrace can use model endpoints hosted by the customer's cloud provider so metadata and prompt context remain within the customer's cloud boundary.
Human guardrails by default
Every remediation strategy has an autonomy level. Teams decide which actions are manual, which require approval, and which low-risk fixes can run automatically.
Verifiable actions
A successful API response is not enough. Omnitrace reads back the target state, records the verifier outcome, and keeps evidence with the action record.
Omnitrace does not access
- Customer table contents or data files
- Query result sets
- Application payloads
- PII, PHI, or business records
- Secrets beyond scoped connection credentials
Omnitrace uses
- Cluster and warehouse configuration
- Usage and billing metadata
- Job, query, and table health signals
- Spark performance symptoms
- Cloud cost and infrastructure metadata
- Jira ownership and workflow context
Model boundary
AI reasoning can stay inside the customer's cloud.
Omnitrace can be configured to use models hosted by the customer's cloud provider. In that deployment pattern, the agent sends only operational metadata and reasoning context to the provider-hosted model endpoint, keeping the workflow inside the customer-controlled cloud environment.
Governance controls
Read-only discovery for pilots
Scoped Databricks and cloud permissions
Approval workflow before sensitive actions
Per-strategy autonomy levels
Blast-radius and savings thresholds
Immutable action and verification history
Security review checklist
The right questions before rollout.
Omnitrace is designed so platform, security, and FinOps teams can review the operating boundary before any governed remediation is turned on.
Data access
Confirm the connection scope is operational metadata, configuration, cost, workflow, and telemetry signals only.
Model hosting
Choose whether AI reasoning uses a cloud-provider-hosted model endpoint inside the customer's selected cloud boundary.
Identity and approval
Map users, approvers, Jira routing, SSO expectations, and per-strategy autonomy levels before remediation is enabled.
Verification evidence
Review how each action records the policy, tool response, read-back check, and verified final state.
Review the security model.
Use this overview to understand exactly what metadata Omnitrace reads, what it never touches, and how approval and verification guardrails work before rollout.