Automation

Segment Event Volume Anomaly + Razorpay Revenue Gap: Daily Data Pipeline Health Alert to Slack via n8n

Every morning, automatically check whether Segment is actually receiving events from your key sources — then cross-reference any drop against Razorpay revenue so you know in 60 seconds whether you have a tracking bug or a real usage decline, before your team wastes 3 hours debugging the wrong thing.

The flow
Segment logo
Source
Segment
Razorpay logo
Process
Razorpay
n8n logo
Process
n8n
Slack logo
Destination
Slack

The stack in the order it runs — data flows from the source through to where it lands.

Why this stack

This pain compounds silently. A bad deploy breaks `Order Completed` event firing in Segment, and for 18 hours your team stares at a revenue chart thinking the product is broken — when it's just a tracking hole. If Razorpay is also down in that window, you don't know if it's correlated or coincidental. Seeing both signals together changes triage from a 60-minute fire drill to a 60-second read.

Run this on n8n, not a third-party SaaS. You're piping Razorpay API credentials and Segment source data through this workflow. That belongs on infrastructure you control — n8n self-hosted or n8n Cloud, not a tool where some vendor's servers touch your keys. n8n's HTTP Request node handles both Segment's Config API and Razorpay's Fetch Payments API without friction, and the Function node lets you compute rolling averages with no external dependencies.

Segment's Config API gives you event counts per source per day. The right metric is a 7-day rolling average vs. today's count. A >30% drop is your alert threshold. Don't use absolute thresholds — they break the moment your traffic naturally dips on weekends and you'll be chasing false positives every Monday morning.

Skip this workflow if Segment isn't your CDP — swap it for PostHog or Amplitude's Ingestion API instead. Also skip it if you're below 1,000 events/day. At that scale, a single user session can swing the anomaly detection enough to produce false positives on repeat.

The stack (4)

  1. Segment logo
    SegmentOpen

    Customer data pipeline / event router.

    Collect once, fan out everywhere — the backbone for clean reporting inputs.

  2. Razorpay logo
    RazorpayOpen

    Payments + payouts built for India.

    Webhooks and the reports API make revenue an automatable signal, not a dashboard you check.

  3. n8n logo
    n8nOpen

    Self-hostable workflow automation.

    Own your data and run unlimited steps without per-task pricing.

  4. Slack logo
    SlackOpen

    Team chat where most ops alerts and reports land.

    The default place a small team already lives — pipe reports here instead of email nobody opens.

How it runs

  1. 1

    Create the n8n workflow with a daily cron trigger

    In n8n, create a new workflow. Add a Cron node — set schedule to '0 9 * * *' (9 AM daily in your server's timezone). Name the workflow 'Daily Data Pipeline Health Check'. Under workflow settings, enable 'Save Manual Executions' so you can debug runs without waiting for the scheduled trigger. Set error workflow to a simple Slack notification workflow so you know if n8n itself fails.

  2. 2

    Fetch Segment event counts via the Config API

    Add an HTTP Request node. Method: GET. URL: `https://api.segmentapis.com/v1/workspaces/{workspace_id}/sources`. Authentication: Bearer token using your Segment Config API public token — generate it at app.segment.com → Settings → Access Management → Tokens, scope: workspace read. The response returns all sources. In a subsequent Function node, filter to your key sources (e.g., `web`, `ios`, `android`) by matching `source.metadata.slug`. Store source IDs for the next step.

  3. 3

    Pull daily event counts per source

    Add another HTTP Request node with a loop — use n8n's SplitInBatches node over your source IDs. For each source, call `GET https://api.segmentapis.com/v1/workspaces/{workspace_id}/sources/{sourceId}/event-delivery/metrics?period=1d&granularity=1h`. Sum the `total` field across all hourly buckets to get today's event count. Then fetch the same endpoint with `period=7d` and compute the daily average. Store results as `{ sourceId, todayCount, sevenDayAvg, dropPercent }` per source.

  4. 4

    Flag sources with >30% volume drop

    Add a Function node. For each source metric object, compute: `dropPercent = ((sevenDayAvg - todayCount) / sevenDayAvg) * 100`. If `dropPercent > 30` AND `sevenDayAvg > 100` (ignore low-volume sources), push to an `anomalies` array. Include the source name, today's count, 7-day average, and drop percentage. If `anomalies` is empty, set a flag `pipelineHealthy = true` and short-circuit to the 'all clear' Slack message path.

  5. 5

    Fetch today's Razorpay payment volume

    Add an HTTP Request node. Call `GET https://api.razorpay.com/v1/payments?from={todayMidnightUnix}&to={nowUnix}&count=100`. Use Basic Auth with your Razorpay key_id and key_secret — store these in n8n Credentials, type: HTTP Basic Auth. Paginate if needed. Sum `amount` for all `status: captured` payments and divide by 100 to get INR value. Run the same call with yesterday's timestamps to get yesterday's total. Calculate `revenueDropPercent = ((yesterday - today) / yesterday) * 100`.

  6. 6

    Correlate tracking anomaly with revenue signal

    Add a Function node. Apply this logic: if `pipelineHealthy = true` AND `revenueDropPercent < 20`, label result as 'GREEN — tracking and revenue both healthy'. If `anomalies.length > 0` AND `revenueDropPercent > 20`, label as 'RED — tracking drop AND revenue drop, likely real usage decline'. If `anomalies.length > 0` AND `revenueDropPercent < 5`, label as 'YELLOW — tracking anomaly but revenue stable, likely a tracking bug not a usage drop'. This is what stops your team from misdiagnosing a Segment bug as a product crisis.

  7. 7

    Build the Slack alert with triage guidance

    Add a Slack node — HTTP Request to your Slack Incoming Webhook URL. Build the Block Kit payload: header 'Data Pipeline Health — {{date}} — {{statusLabel}}', a section listing each anomalous source with today's count vs. 7-day average, a section with the Razorpay revenue delta, and a 'Recommended Action' section that maps each status label to a specific action: RED = 'Check Razorpay dashboard directly, open incident', YELLOW = 'Check recent deploy for missing Segment calls, run `analytics.track` in console on prod', GREEN = '✅ No action needed'.

  8. 8

    Add a Segment debugger link per anomalous source

    For each anomalous source in the Slack message, append a direct link to the Segment Source Debugger: `https://app.segment.com/{workspace_slug}/sources/{sourceSlug}/debugger`. Pull `sourceSlug` from the Config API response in step 2. This is the fastest way for your engineer to verify whether events are arriving at Segment at all. Without this link, the on-call engineer spends 5 minutes navigating to the right screen. Add it to the message and save that time every single time.

Want me to build this for you instead?

Product Audit and CTO Mode run out of this same thinking. If you’re reading this thinking “I want this, but in my product” — let’s talk.

See services

More like this