Incident Lifecycle
An incident lifecycle begins when an alert or event triggers an incident and ends when that incident is resolved.
In KloudMate, incidents move through a coordinated flow that combines alerts, integrations, services, and escalation policies.
Alerts
Section titled “Alerts”Alerts are generated when monitored conditions or thresholds are met. They act as the starting signal for incident creation.
Integrations
Section titled “Integrations”Integrations receive alerts from external systems and route them into KloudMate Incident Management.
Important rules:
- Each integration belongs to a service
- Each integration can have one escalation policy
- If an integration does not define its own escalation policy, it inherits the default policy from its service
Incidents
Section titled “Incidents”An incident is created when an integrated alert is triggered and requires operational attention.
Services
Section titled “Services”Services group related incidents together by microservice, application area, or ownership boundary.
Each service:
- Has a default escalation policy
- Can contain multiple integrations
- Can allow an integration to override the default escalation policy
Escalation Policies
Section titled “Escalation Policies”An escalation policy defines who should be notified and how the incident response should progress if the incident is not acknowledged in time.
Escalation Steps
Section titled “Escalation Steps”Escalation steps form the escalation chain inside a policy.
When an incident reaches a responder set:
- If the incident is acknowledged or resolved before the escalation timeout, the workflow stops at that step
- If the incident is not acknowledged in time, the next escalation step is triggered