全部技能 分类浏览
← 返回
未分类 中文

Incident Postmortem

Generate structured, blame-free incident postmortem reports from logs, timeline data, and incident metadata. Produces root cause analysis, impact assessment,...
从日志、时间线和事件元数据生成结构化、无责怪的故障事后报告,提供根因分析和影响评估……
charlie-morrison
未分类 clawhub v1.0.0 1 版本 99632.4 Key: 无需
★ 0
Stars
📥 271
下载
💾 0
安装
1
版本
#latest

概述

Incident Postmortem

Generate structured, blame-free incident postmortem reports with timeline reconstruction, log analysis, and action item tracking.

Quick Start

# Create a postmortem from scratch (fills in template sections)
python3 scripts/generate_postmortem.py --title "Database outage" --severity P1

# Parse logs to auto-extract timeline events
python3 scripts/generate_postmortem.py --title "API latency" --log /var/log/app.log --since 2h

# Load a complete incident from JSON
python3 scripts/generate_postmortem.py --from incident.json --output html -o postmortem.html

# Combine logs + manual timeline
python3 scripts/generate_postmortem.py --title "Deploy failure" --log /var/log/deploy.log --timeline events.json

# Check existing document for blameful language
python3 scripts/generate_postmortem.py --check-blame existing-report.md

Features

  1. Log parsing — Auto-detects syslog, JSON, Apache/Nginx, Python tracebacks, Docker, generic timestamped formats. Extracts errors, warnings, and notable events into a timeline.
  2. Timeline reconstruction — Merges log-extracted events with manual timeline JSON. Sorted chronologically with event type labels (detection, action, escalation, resolution).
  3. Blame-free language — Built-in checker scans for blameful patterns and suggests alternatives. Use --check-blame on any document.
  4. Severity classification — P0 (critical) through P3 (low) with appropriate descriptions.
  5. Multiple outputs — Markdown (default), HTML (styled), JSON (structured).
  6. CI-friendly exit codes — 0 (clean), 1 (errors found), 2 (critical severity).
  7. Template sections — Summary, impact, timeline, root cause, detection, resolution, lessons learned, action items.

Options

FlagDefaultDescription
----------------------------
--titlerequiredIncident title
--severityP2P0, P1, P2, or P3
--datetodayIncident date
--durationTBDHow long it lasted
--summaryBrief summary text
--logLog file path (repeatable)
--sinceallTime filter for logs (1h, 24h, 7d)
--timelineTimeline JSON file
--fromLoad full incident from JSON
--outputmarkdownOutput format: markdown, html, json
-ostdoutOutput file path
--check-blameCheck file for blameful language

Workflow

After an Incident

  1. Gather logs: --log /var/log/app.log --log /var/log/nginx/error.log --since 4h
  2. Generate draft: python3 scripts/generate_postmortem.py --title "..." --severity P1 --log ... -o draft.md
  3. Fill in template sections (summary, root cause, impact, resolution)
  4. Run blame check: --check-blame draft.md
  5. Add action items and share

From Structured Data

  1. Create incident.json with full details (see references/templates.md for schema)
  2. Generate: --from incident.json --output html -o postmortem.html

Periodic Review

Use JSON output to track action item completion across multiple postmortems.

References

  • templates.md — Full JSON schema, timeline event types, blame-free language guide with replacements

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-05-08 03:58 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

Slack Messaging

charlie-morrison
Slack 消息—通过 CLI 和 API 发送消息、管理频道、上传文件、添加反应并自动化团队通知。
★ 0 📥 462

Pyproject Toml Validator

charlie-morrison
依据 PEP 517/621 规则校验 pyproject.toml 文件,验证项目元数据、构建系统和工具配置,并提供详细报告。
★ 0 📥 473

Devcontainer Validator

charlie-morrison
在 VS Code 开发容器中验证 devcontainer.json 的语法、结构、功能、端口、生命周期脚本、定制项及安全最佳实践。
★ 0 📥 470

Skill工具集 © 2026