Incidents

Now that everything is set up, you are ready to report your first incident!

Reporting incidents

Go to Incidents in your main navigation menu or create a new incident directly from your dashboard. Choose the severity of the incident in the dropdown menu, with P1 being the highest and P5 being purely informational. Add a title and a summary, so your team knows what’s up. To contact the right people, select the affected service(s) and decide, which statuspage(s) the incident should be posted on. All of these can be changed on your incident dashboard even when the incident has already been created.

In your incident dashboard you can change the following information at any given time:

Priority
Title and summary
Impact
Impact timings (Started/Detected/Resolved)
Affected services
Statuspages
Status of the incident (New/Acknowledged/Monitoring/Resolved)
Incident roles

The same applies to Maintenance.

Automated incident creation

Incidents can be created automatically from alerts. Just make sure automated incident creation is enabled for your alert processor.

Defining incident roles

To further speed up the resolution process you can define incident roles, which will help to distribute tasks among your team members. This feature is restricted to Starter & Pro plans.

Go to Settings → Incident Roles (under Incidents) and change the preset roles or add new ones. Add a meaningful description to the role so that the assignee knows what to do.

It'll look like this in your incident dashboard:

Incident query language

Incident Query Language (IQL) allows you to define filters when searching for incidents or to control which incidents and maintenance events are sent through broadcast channels.

You can filter incidents and maintenance events based on the following fields:

Schema

Defines the type of event:

Incident
Maintenance

Priority

Specifies the urgency or classification:

Incidents: P1, P2, P3, P4, P5
Maintenance: Emergency, Routine, Security

State

The current status of the event:

Incidents: New, Acknowledged, Monitoring, Resolved
Maintenance: Completed, In Progress, Scheduled

Title

Filters by event title:

Partial match: "*text*" (e.g., "*Monitor*" will match any title containing the word "Monitor")
Exact match: "exact text" (e.g., "System Maintenance" will match titles that exactly match this string)

AND vs OR:

Use AND to require all conditions (e.g., priority = P1 AND title = "*Monitor*")
Use OR to match any condition (e.g., priority = P5 OR type = Maintenance)

Example Queries

High-Priority Incident Matching a Title:

type = Incident AND priority = P1 AND title = "*Monitor*"

Maintenance Notifications or Low-Priority Incidents:
```
type = Maintenance OR priority = P5
```

Reference: Keys, Values, and Operators

Field	Possible Values
Schema	`Incident`, `Maintenance`
Priority	Incidents: `P1`, `P2`, `P3`, `P4`, `P5` Maintenance: `Emergency`, `Routine`, `Security`
State	Incidents: `New`, `Acknowledged`, `Monitoring`, `Resolved` Maintenance: `Completed`, `In Progress`, `Scheduled`
Title	Wildcard: `"text"`,`"ends with"`,`"begins with"` for partial matches Exact match: `"exact text"`

Operators

Equality: =
Negation: !=
Greater/Less Than: >, <
Wildcard: * (for partial text matches)
Logical: AND, OR, parentheses () for grouping conditions

Statistics

Statistics help you to understand how well the response to incidents is working. We currently offer MTTA and MTTR. In your main dashboard you also see resolved incidents and the impact duration of the last 7 days.

MTTA

The Mean Time To Acknowledge (MTTA) reflects how long it takes to acknowledge and react to an incident. Fast and precise communication (e.g. through Broadcast channels) help to reduce the MTTA significantly.

MTTR

The time it takes to resolve an incident is called Mean Time To Resolve (MTTR). A well-structured incident response is often returned in a short MTTR. Incident roles and inbound communication help to drastically reduce the MTTR by improving coordination and aiding the flow of critical information, enabling faster incident resolution.

Monitor statistics

Monitor statistics offer a more detailed insight regarding the response time and availability of your services.

Reporting incidents​

Automated incident creation​

Defining incident roles​

Incident query language​

Schema​

Priority​

State​

Title​

AND vs OR:​

Example Queries​

Reference: Keys, Values, and Operators​

Operators​

Statistics​

MTTA​

MTTR​

Monitor statistics​