What is an incident?

Incidents are the main way to communicate with your users when you are experiencing user impacting issues with the services you provide to them. Incidents in ilert are specifically designed for the purpose of communicating with your users, as opposed to e.g. alerting on-call teams.

An incident has one or more affected services and will be

• posted an all status pages that contain at least one of the affected services

• and will be communicated to all subscribers of either the status page or the service

• and additionally inform subscribers that were manually added to the incident

Incidents vs alerts

• An alert in ilert is primarily targeted towards on-call responders and notifies them about potential incidents reported by monitoring, ticketing tools, or any other observability tool.

• Alerts are technical in nature and often contain technical details that are not relevant to non-technical users

• An incident in ilert is the primary way to communicate with non-technical users and they are designed exactly for that purpose.

Linking alerts with incidents

The purpose of linking alerts with incidents is to reflect that the linked alerts contributed to the incident. Alerts that are linked with an incident will include a 🔥 icon in the alert list:

An alert is automatically linked with an incident when

• the incident was created from an alert (on the alert detail view)

• the incident was created through an alert action

Moreover, you can manually link alerts with incidents from the respective detail view:

Create and communicate incidents

There are 3 ways to create an incident

1. Automatically when an alert is created through automation rules of a service

2. Manually from the New incident page

3. Manually from a pending alert

To manually create an incident

1. Go to Incidents and click on the Create incident button

2. Enter the incident summary and select the incident status

3. Optionally a message to include in the incident update

4. Select the services that are affected by this incident along with their impact level. At least one service must be selected in order to create an incident.

5. Select whether to send notifications about this incident. Enabling Notify subscribers about this incident, will notify all users

   • that are subscribed to any of the affected services and

   • that are subscribed to status pages where any of the affected service is included

6. Click Create incident. You will see a preview of how many subscribers will be notified and on how many status pages the incident will be posted. ****

Incident templates

Create incident templates to

• use as a starting point when manually creating incidents

• to automatically create incidents using alert source automation rules

During incident creation, you will be able to select from your templates as seen below:

Once you select a template, all fields will be pre-filled using the values from the template.

Create an incident template

1. Go to Incident Comms or Status Pages (depending on your pricing plan) and click on the Incident templates tab

2. Click on Create new template

3. Give the template a name and fill out the fields that you would like to have pre-filled when creating an incident

4. Click Create template

Using alert placeholders in incident templates

When an incident is created from an alert (using alert source automation rules), the placeholder variables will be substituted with their corresponding values. To use a variable in your template, include the variable in double-braces, like this: New incident for service {{serviceName}} .

The following variables are available for substitution: