Features

How QueueFlow Sentinel works.

A deterministic, four-stage pipeline from raw camera event metadata to actionable operational signal — with full audit trail at every step.

The pipeline

Four stages. Zero ambiguity.

sentinel-pipeline  ·  event trace
[INGEST] camera_event received event_type: motion_detected device_id: cam-0042 timestamp: 2026-03-02T14:32:11Z location: site-monterey-03 [EVAL] policy threshold check inactivity_gap: 72 min → BREACH (threshold: 60) cooldown_status: CLEAR rate_limit: CLEAR (12/100 per hour) [DECIDE] deterministic gate proposed_action: ALERT gate_verdict: ALLOW ✓ rule_matched: inactivity_breach_v2 [LOG] immutable audit record receipt_id: #f8a3c2 anchored: ✓ Merkle ledger delivered: ✓ dashboard + webhook
01

Ingest

Camera event metadata is received via read-only API. Only timestamps, event types, device identifiers, and location tags enter the pipeline. No video, audio, or biometric data is transmitted.

02

Evaluate

Each event is evaluated against configurable policy thresholds — inactivity windows, cooldown periods, rate limits, and baseline deviation tolerances. The same inputs always produce the same outputs.

03

Decide

The deterministic gate issues an allow or suppress verdict. No probabilistic scoring. No machine learning inference. Every decision is explainable and traceable to a specific rule.

04

Log & Deliver

Allowed alerts are delivered to the operational dashboard and optional webhooks. Every decision — allowed or suppressed — is written to the immutable audit log with full input state.

Signal types

What Sentinel detects.

Inactivity gaps

No camera events received during expected operating hours — surfaced as an unattended service area signal.

Prolonged inactivity

Event frequency falls below configured baseline for an extended period during active business hours.

Response delays

Time between trigger event and subsequent expected activity exceeds the configured response threshold.

After-hours anomalies

Camera events detected outside defined operating windows — flagged for human review without automated action.

Baseline deviations

Location-level event frequency deviates from established historical patterns beyond the configured tolerance.

Cross-location outliers

A site's operational pattern differs significantly from peer locations across the portfolio at the same time window.

Hard exclusions

What never enters the pipeline.

These constraints are architectural, not policy. There is no configuration path that enables access to any of the following.

  • Live video streams or recorded video content
  • Audio streams or audio recordings
  • Facial recognition or biometric data
  • Identity information about specific individuals
  • Behavioral profiles of people
  • Commands or control signals to camera devices
  • Automated enforcement or physical access actions