What this Zendesk agent handles
SLA breaches hurt customer trust and create internal fire drills. A Zendesk SLA breach agent keeps watch on ticket timelines and surfaces at-risk tickets before the deadline passes, giving your team time to act.
The agent handles three main SLA scenarios:
- First response SLA risk. The agent reads the ticket creation time and SLA target, then flags tickets approaching the first response deadline.
- Resolution SLA risk. For tickets with active resolution SLAs, the agent calculates time remaining and proposes escalation or notification when the buffer drops below your threshold.
- Priority tier differentiation. The agent applies different warning thresholds based on ticket priority, so critical tickets surface earlier than low-priority ones.
How the agent works
The table below shows the trigger, inputs, outputs, and approval step so you can judge fit quickly.
| Agent stage | What happens | Output | Approval |
|---|---|---|---|
| Trigger | Runs on schedule, typically every 15-30 minutes during business hours | Monitoring job starts | No approval for read phase |
| Inputs | Open tickets, SLA targets, current response/resolution time, ticket priority | At-risk ticket list with time-to-breach calculations | No approval for data gathering |
| Proposed action | Flag ticket, escalate to group, notify owner, or add internal note | Prepared ticket updates and notifications | Approval before any write |
| Operator review | Reviewer checks flagged tickets and proposed escalation or notification actions | Approve, reject, or edit | Explicit approval required |
How to set up this Zendesk agent
Define your SLA warning thresholds: how many hours or what percentage of SLA time remaining should trigger a flag for each priority level.
Connect Zendesk with access to ticket views, SLA policies, and the fields needed to read current SLA status.
Choose escalation actions: assign to group, notify owner, add tag, or flag for manual review. All actions require approval before execution.
Set the monitoring schedule: how frequently the agent should check for at-risk tickets during business hours.
Permissions and approval checks
- Read access should cover ticket fields, SLA policies, and current SLA status data.
- Write scope should be limited to assignee, group, tags, priority escalation, and approved note fields.
- Notification actions should be logged with recipient, reason, and timestamp for audit purposes.
- Approval views should show time-to-breach calculations and proposed actions before commit.
Frequently asked questions
Does the agent automatically escalate tickets or just flag them?
By default, the agent flags tickets and prepares the next step for review. You decide which actions stay review-first and which alerts should move fastest, and every ticket change stays visible.
How does the agent determine SLA breach risk?
The agent reads the ticket's SLA target, current response time, and resolution time, then calculates time remaining. It flags tickets that are within a threshold you define, such as 2 hours before breach or 10% of SLA time remaining.
What happens if SLA targets change in Zendesk?
The agent reads SLA policies directly from Zendesk via the API. If you update SLA targets in your Zendesk configuration, the agent will use the updated values on the next monitoring pass without needing a new agent setup.
Can the agent notify specific people when SLA breach risk is detected?
Yes. The agent can prepare notifications for the ticket owner, team lead, or escalation group. Those notifications can be reviewed alongside assignment changes before they execute.