Automating camera alerts for property managers is an 80/20 triage problem, not a notification problem.

Every guide on this subject sells a camera. The property manager's real complaint is that the cameras already work, the alerts already fire, and the inbox is so full of raccoons and Amazon drivers that the one alert that actually mattered last week slid past at 11:47pm and nobody opened it. The fix is a thin triage layer that sits on top of whatever camera stack is already in the buildings, archives the routine 80%, and hard-routes the 20% that genuinely needs a human, with an audit row for every decision.

M
Matthew Diakonov
10 min read

The thesis: alert fatigue is the failure mode

A property manager with a 40-unit walk-up and one camera covering each common area receives somewhere between 600 and 1,200 push notifications a week. Every one of them looks the same in the phone's notification tray. Most of them are couriers, residents leaving for work, the wind on the lobby plant, a fox in the parking lot, a kid with a scooter. After two weeks the manager stops opening any of them. After two months the manager turns the sound off. After six months the camera vendor sells the manager an upgraded plan with “smart filters” that turn off some of the noise and miss some of the signal.

None of those steps fix the underlying problem. The underlying problem is that an inbox cannot mix routine traffic with safety events and stay readable. The fix has to separate the streams, on purpose, and admit that the 20% has to ring a phone the manager cannot ignore.

80 / 20

I scope the eighty percent (pricing, order tracking, returns, how-tos) into a working support agent; the remaining twenty percent (emotional tickets, damage claims) hard-routes to you with an auditable escalation log.

c0nsl, SVC-001 (AI Customer Support), services page. The same split applies, almost word for word, to camera alerts.

What the inbox looks like before and after the triage layer

Same property, same cameras, same week. The only thing that changes is whether a triage layer ran between the cameras and the manager's phone.

A week of alerts at a 40-unit property

Every motion event becomes a push notification. The manager scrolls through hundreds of identical-looking entries on Monday morning and stops scrolling halfway down. The one that mattered (a person climbing the fire escape at 11:47pm Saturday) is somewhere on screen four.

  • 812 motion alerts logged
  • 1 actual safety-relevant event in the feed
  • 0 events the manager opened on Saturday night
  • 0 audit rows the insurer can use later

What “the 20%” means concretely

The hard-route categories are not a wish list. They are the five event types that, if missed, end up in either an insurance claim, a tenant lawsuit, or the local newspaper. They get bypass-routed even when the model is unsure, because a false positive on these costs the manager a 90-second phone glance and a false negative costs them an event they will be deposed about.

  1. Human intrusion outside posted hours. Person on the property after a hard cutoff (lobby, fire escape, roof access, mail room). Vehicle that pulls into a residents-only lot at 3am and the driver does not exit toward a unit door.
  2. Fire or visible smoke. Any frame with steady visible flame, smoke fill, or a smoke detector strobe firing. The model is allowed to be wrong here. The rule is, if in doubt, route.
  3. Fall or person not getting up. A person enters frame, transitions to horizontal or seated on the floor, and does not stand within a configurable window (typically 60 to 120 seconds). Most relevant to senior housing, hallways, and lobbies.
  4. Water leak or sustained dripping in frame. Standing water in a hallway, a bowed ceiling tile, persistent dripping the camera can see for more than 30 seconds. The audit-trail value of catching this hours before a tenant reports it is, on its own, the business case for the whole system.
  5. Vehicle damage in a lot or driveway. Collision in a parking lot, hit-and-run, vandalism. The clip is the asset that lets the manager hand the police or the insurer a real witness instead of a guess.

Everything outside this list is part of the 80%. Couriers, residents, pets, foliage, lighting changes, parked-car shadows. Those get archived with a label, a snapshot URL, and a confidence score. They do not become a phone notification. They are recoverable on a screen the manager opens deliberately, not on a buzzing phone.

How a single event flows through the triage layer

The diagram below traces one alert from the moment a camera fires it to the moment the on-call human acknowledges it (or fails to, and the system escalates to the owner). The shape is small on purpose. Most of the engineering value is in the rules at the triage box, not in the number of moving parts.

One alert, end to end

CameraTriageAudit logOn-callOwnermotion event + snapshotwrite row: ingestedclassify against 80% noise listwrite row: archived (raccoon, 0.94)second event, intrusion classwrite row: hard-route (intrusion)ring + 60s ack timerno ack within 60sescalate to ownerack received

Every arrow into “Audit log” is a row a property manager can hand to an insurer, a tenant, or a court. That column in the diagram is what most vendor-built AI alert features do not give you, because their audit log is structured for their own support team, not for you.

What a triage decision actually looks like in the log

Below is the kind of row the audit table writes for one motion event. It is short on purpose. The job of the row is to be readable to a human who is reconstructing what happened on a specific night, not to capture every machine-learning detail.

audit_log.tsv (one row, expanded)

Two things are worth stressing on this row. First, the rule decision references a rule ID, not a model output. The model classifies; the rule routes. That separation is what lets a property manager change the escalation contract (who, how fast, who is the backup) without changing the model. Second, the row captures the timeout-and-escalate event explicitly. If the on-call had acked at 23:48:00, that line would be a success, not an error. The audit log has to be honest about the 25-second gap; it is the gap, not the eventual ack, that the insurer cares about.

The honest counterargument: why not just buy Verkada or Avigilon

The vendor-native AI features marketed by Verkada, Avigilon, Alarm.com, Videoloft, and similar platforms are real. If a property is greenfield, single-vendor, and budgeted for a full-stack rip-and-replace, the simplest path is usually to buy the vendor that ships the analytics already wired in. That is the honest counter to building on top.

The lane where this breaks down is the lane most operating property managers actually live in. A 12-property portfolio that inherited Ring at three buildings, Nest at four, SimpliSafe at two, and a legacy DVR at three was assembled over a decade of acquisitions. Replacing all of them at once is a six-figure capex ask the owner is not going to approve. A triage layer that reads the alert payloads each vendor already produces is not a replacement story, it is a unification story. You keep the cameras, you change the inbox.

The second place this matters is contract risk. A vendor-native AI feature is governed by the vendor's own confidence threshold, category set, and end-user license. If a missed event ends up in litigation, the manager's position is partly defined by an EULA they did not write. A triage layer the manager owns lets them keep the rule for hard-routing in their own written policy. That is a small distinction on a Tuesday and a very large one in a deposition.

Why a single named engineer is the right shape for this work

Cross-vendor sensor fusion is the kind of work that fights an agency org chart. There is no “cameras team” and “rules team” and “audit team” to hand off between, because the whole job is one person knowing how the Ring webhook differs from the SimpliSafe email forward and writing the three lines of code that make them the same shape downstream. The engineering is one person's afternoon, twice. The escalation policy is the operator's call. The retainer is for the quarter when one of the four vendors changes its API or one of the on-call humans leaves.

That shape is what the c0nsl tier sheet was built for. A 30-minute scoping consult is $75. A single-property, single-vendor wiring job lives in the Small Integration band, $500 to $2,000. The full multi-property triage layer with mixed vendors, an audit table, and a written escalation contract lives in the Custom System band, $2,000 to $10,000+. Maintenance lives in the $1,000 to $5,000 monthly retainer, only after the build is shipped. Those numbers are on the homepage, not behind a discovery call. The engineer is named, and the prior cross-platform IoT work the lane builds on (most relevantly the IoT and RFID system shipped at The Bureau Orlando, recognized by USA Today) is in the portfolio.

What the build actually contains

For the property manager weighing whether to scope this, it is useful to see the finished deliverables in plain terms. There is no proprietary platform. There is a set of small pieces that fit together, and a written escalation contract that names the humans.

  • An ingestion adapter per camera vendor in scope (Ring, Nest, SimpliSafe, generic RTSP, etc.) that normalizes the alert payload into one shape: timestamp, camera ID, unit ID, snapshot URL, optional clip URL.
  • A classification step that labels the event against the 80% noise list and the 20% safety list, with a stored confidence.
  • A rule engine, owned by the property manager in plain text, that maps category plus context (time of day, camera location, policy flag) onto one of three actions: archive, notify, hard-route.
  • An audit table. One row per event. Schema is fixed and documented. Retention period is a property of the contract, not a vendor setting.
  • An on-call notifier with a configurable acknowledgement timer and a written escalation chain (who is paged, then who is paged when the first does not ack).
  • A weekly digest the property manager opens once a week to scan the archived 80% (mostly to confirm the model is still calibrated for that property's reality, not because they expect to find anything).

The anchor: posted tiers, named engineer, IoT track record

The single thing that makes this page uncopyable by the security integrators that currently top this topic is on the c0nsl homepage, in plain text: a posted price band per tier, attached to a single named senior engineer, attached to a 15-year track record of shipped cross-platform work that includes an award-recognized IoT and RFID system at The Bureau Orlando, the iOS app Rizzma, the Slothtopia Kickstarter (334.8% funded, Lead SW Engineer), and a Hong Kong booking system that lifted conversion 50% as Full Stack Engineer. Cross-vendor sensor fusion is what 15 years of that kind of work pattern-matches into. The property manager is not paying for a workshop. They are paying for a quote that arrives 48 hours after the consult, on a tier that was already on the homepage when they Googled the topic.

Walk your camera stack with the named engineer

Bring the property list, the vendors, and the on-call setup. I come back with a tier number and an honest note if AI is not the right fit for that portfolio.

Frequently asked questions

Why is alert volume the actual problem for property managers, instead of alert capability?

Modern PIR-triggered cameras notify on every detected motion event. A 40-unit walk-up with one camera per common area easily produces 600 to 1,200 push notifications a week once you count couriers, residents coming and going, foliage, animals, and vehicle traffic. The on-site manager learns to swipe them all away. By the time a real intrusion or a tenant fall lands in that stream, it has the same visual weight as the raccoon that triggered the alert at 3am the night before. The fix is not more alerts, it is a triage layer that downgrades the routine 80% and pushes the remaining 20% with enough urgency that the manager opens it.

Do I have to replace my existing cameras (Ring, Nest, SimpliSafe, legacy NVR) to get AI triage?

No, and a property manager running mixed brands across a portfolio almost never should. The triage layer reads the alert, the snapshot, and (where the vendor permits) a short clip. It does not need to be the camera itself. Ring sends snapshot URLs in webhook payloads, Nest can be polled through Google Smart Device Management, SimpliSafe forwards events to email, and legacy NVRs can be bridged with an RTSP-to-webhook proxy on a small box at the property. The triage runs against whatever feed format the existing system produces. Replacing every camera in a 200-unit portfolio is a six-figure capex item, wiring AI on top of them is a small integration project under $2,000 in the c0nsl tier sheet.

What does the 20% that has to route to a human actually look like in practice?

Five categories cover almost all of it: human intrusion outside posted hours, fire or visible smoke, a fall or someone not getting up, a water leak or sustained dripping in a frame, and vehicle damage in a lot or driveway. Everything else (deliveries, residents, pets, branches, lights cycling on a sensor) is the 80% the system archives. The 20% is the part that, if missed, ends up in an insurance claim, a tenant complaint, or a wrongful-death newspaper headline. That is exactly why it has to bypass the AI's own confidence score and ring a real phone with a named on-call human at the other end.

What is the audit-trail requirement that nobody talks about?

If a unit floods at 2am and the camera in the hallway saw the leak forty minutes earlier, the property manager will be asked one question by the insurer and the tenant: was the alert seen, and what was done. An AI triage layer that auto-archives noise without a record is a liability. The shipped pattern writes a row per event: timestamp, camera ID, unit ID, classified category, model confidence, the action it took (archive, notify, escalate), and the human acknowledgement (or its absence). That row is what you hand the insurer. It is also what protects the property manager when a tenant claims they reported something and nobody acted.

How is this different from the AI features Verkada, Avigilon, or Alarm.com sell built into their platforms?

Two ways. First, those features are scoped to that vendor's cameras, which means a property manager with a mixed portfolio still sees three or four separate inboxes. Second, the vendor AI runs on the vendor's confidence threshold and the vendor's category set, with no contractual exit if it misclassifies. The pattern described here sits one layer above any vendor: it ingests their alerts, applies a triage your team owns, and writes the audit log into a system you control. If the underlying camera vendor changes (and over a 5-year property hold, it will), the triage stays.

Who is on the other end of the 20% hard-route, and what does that contract look like?

On a one-property setup, it is usually the on-site manager's phone with a separate ringtone and a 60-second acknowledgement timer; if they do not ack, it walks up to the owner. On a multi-property portfolio, it is a small on-call rotation across the leasing team, or in some cases a paid monitoring service. The point is that the contract is named: a specific phone, a specific human, a specific timer, with a written escalation if they miss it. The triage system does not get to swallow a fire alert quietly because the model was 73% sure it was steam from a kitchen vent.

What does a fixed-scope build for this look like, end to end, and what does it actually cost?

On the c0nsl tier sheet this lands between Small Integration ($500 to $2,000) for a single property on a single camera vendor and Custom System ($2,000 to $10,000+) for a multi-property portfolio with mixed vendors, audit-log storage, on-call rotation, and a tenant-facing portal. A retainer at $1,000 to $5,000 per month keeps the model rules and the escalation contract maintained as buildings, vendors, and on-call humans turn over. None of those numbers are agency-secret, they are posted on the c0nsl homepage, and the 30-minute consult to scope which tier fits your portfolio is $75.

Can a single solo engineer actually deliver this for a multi-property operator, or is this an agency-only project?

Cross-vendor sensor fusion is exactly the lane a senior solo engineer with shipped IoT and RFID work has done before. The Bureau Orlando escape rooms (recognized by USA Today) are a real-world IoT/RFID system that ran the same logical pattern: many sensors, one decision layer, hard-routed exceptions, and an audit log the owner-operator could read. The skill set transferred to camera alerts is the same skill set: choose the model where it is cheap and right, hard-code the rules where it is not, and keep the human contract honest.