惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Tenable Blog
月光博客
月光博客
雷峰网
雷峰网
WordPress大学
WordPress大学
博客园 - 司徒正美
Last Week in AI
Last Week in AI
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
V
Visual Studio Blog
H
Help Net Security
Engineering at Meta
Engineering at Meta
Google DeepMind News
Google DeepMind News
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
S
Security @ Cisco Blogs
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
爱范儿
爱范儿
W
WeLiveSecurity
J
Java Code Geeks
Forbes - Security
Forbes - Security
H
Hacker News: Front Page
T
Threatpost
The Cloudflare Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
N
Netflix TechBlog - Medium
Latest news
Latest news
V2EX - 技术
V2EX - 技术
小众软件
小众软件
T
The Blog of Author Tim Ferriss
A
Arctic Wolf
B
Blog RSS Feed
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
I
InfoQ
C
Check Point Blog
N
News | PayPal Newsroom
Cyberwarzone
Cyberwarzone
V
V2EX
TaoSecurity Blog
TaoSecurity Blog
P
Privacy & Cybersecurity Law Blog
Microsoft Security Blog
Microsoft Security Blog
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
D
DataBreaches.Net
F
Fortinet All Blogs
阮一峰的网络日志
阮一峰的网络日志
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
IT之家
IT之家
K
Kaspersky official blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Google DeepMind News
Google DeepMind News
C
CXSECURITY Database RSS Feed - CXSecurity.com
www.infosecurity-magazine.com
www.infosecurity-magazine.com

Datadog | The Monitor blog

Introducing our open source AI-native SAST Instrument and monitor Boomi integration flows with OpenTelemetry and Datadog Not all index scans are equal: How we cut query latency by over 99% Platform engineering metrics: What to measure and what to ignore Integrate Recorded Future threat intelligence with Datadog Cloud SIEM CI/CD security: threat modeling using a MITRE-style threat matrix CI/CD security: How to secure your GitHub ecosystem Ingress NGINX is EOL: A practical guide for migrating to Kubernetes Gateway API Operating agentic AI with Amazon Bedrock AgentCore and Datadog LLM Observability: Lessons from NTT DATA Introducing the Datadog Code Security MCP Capture and analyze custom heatmaps in Session Replay Understand session replays faster with AI summaries and smart chapters Monitor ClickHouse query performance with Datadog Database Monitoring How we designed empathetic alert sounds for on-call engineers Search and act across Datadog to resolve issues faster with Bits Assistant Measure the business impact of every product change with Datadog Experiments Analyzing round trip query latency Configuring JavaScript caches for better performance Introducing Bits AI Dev Agent for Code Security Datadog achieves ISO 42001 certification for responsible AI Monitor Nutanix clusters, hosts, and VMs with Datadog Monitor Juniper Mist in Datadog A new Host Map for modern infrastructure Annotate traces to improve LLM quality with Datadog LLM Observability What’s new in Cloud SIEM: AI-powered investigations, enhanced threat intelligence, and scalable security operations Explore Kubernetes with native OpenTelemetry data Monitor Oracle Fusion Cloud Applications with Datadog Announcing the Datadog Terraform provider v4.0.0 Scaling Kubernetes workloads on custom metrics How to design cloud environments for AI-powered threat analysis Monitor Aruba Central in Datadog How we centralize and remediate risks with Datadog Case Management Accelerate incident response with Datadog and ServiceNow Monitor your application and network load balancer logs Understanding Karpenter architecture for Kubernetes autoscaling Tools for collecting metrics and logs from Karpenter Monitor Karpenter with Datadog What your product data is actually saying Key metrics for monitoring Karpenter Securing Datadog’s platform in the AI age: The role of observability data Four ways engineering teams use the Datadog MCP Server to power AI agents Approaching your observability migration with the right mindset Meet the new Bits AI SRE: Deeper reasoning, twice as fast Key learnings from the 2026 State of DevSecOps study Use plain English to query your multi-cloud infrastructure in Resource Catalog Simplifying troubleshooting across the user journey with Datadog Synthetic Monitoring Protect your OCI resources with Datadog Cloud Security This Month in Datadog - February 2026 Amazon EC2 security: How misconfigured and public AMIs expand your cloud attack surface Enable end-to-end visibility into your Java apps with a single command Measure and improve mobile app startup performance with Datadog RUM Evaluating our AI Guard application to improve quality and control cost Identify untested code across every level of your codebase Make use of guardrail metrics and stop babysitting your releases Monitor Versa Networks SD-WAN performance in Datadog Improve performance and reliability with APM Recommendations Remediate transitive vulnerabilities faster with Datadog Software Composition Analysis Generate audit-ready vulnerability and compliance reports with Datadog Sheets Monitor Fortinet FortiManager performance in Datadog Improve test coverage across codebases with Datadog Code Coverage Move fast, don’t break things: Consistent testing standards at scale Enrich logs with ServiceNow CMDB context before routing to any SIEM or logging tool Monitor Lustre with Datadog Make faster, better product decisions with Datadog Product Analytics Surface and remediate runtime posture issues with Workload Protection Findings Protect agentic AI applications with Datadog AI Guard How to optimize JavaScript code with CSS Trace Google Pub/Sub workloads in Cloud Run with Datadog Detect human names in logs with ML in Sensitive Data Scanner How we cut our NLQ agent debugging time from hours to minutes with LLM Observability Debug PostgreSQL query latency faster with EXPLAIN ANALYZE in Datadog Database Monitoring Datadog acquires Propolis Unify and correlate frontend and backend data with retention filters Scale compliance across global frameworks with Datadog Cloud Security Monitor Arista VeloCloud SD-WAN performance with Datadog Building reliable dashboard agents with Datadog LLM Observability Simplify log collection and aggregation for MSSPs with Datadog Observability Pipelines Mitigation for Node.js denial-of-service vulnerability affecting Datadog APM Automate flaky test fixes with the Bits AI Dev Agent and Test Optimization How we built an AI SRE agent that investigates like a team of engineers Datadog integrations 2025 recap: Observability for AI, security, and hybrid cloud Design effective executive dashboards with Datadog Implement dbt data quality checks with dbt-expectations Bring faster visibility into AWS Lambda functions with remote instrumentation Troubleshoot faster with the GitLab Source Code integration in Datadog How Cambia Health Solutions saved $30,000 monthly with Cloud Cost Management and the Datadog Resource Catalog Normalize any logs for Cloud SIEM with Datadog's OCSF processor Optimizing Datadog at scale: Cost-efficient observability at Zendesk Detect, diagnose, and resolve network issues easily with CNM Network Health Connect engineering errors to user impact in early-stage products Cilium configuration for Kubernetes operations at scale Designing feedback loops for progressive delivery Ship features faster and safer with Datadog Feature Flags Choosing the right OpenTelemetry Collector distribution Route your monitor alerts with Datadog monitor notification rules Automate Cloud SIEM investigations with Bits AI Security Analyst Cloud threat detection: How to identify risky activity across control and data planes Collecting Kafka performance metrics Monitoring Kafka with Datadog Monitoring Kafka performance metrics
Reduce time to resolution with Datadog Incident Management
2020-10-11 · via Datadog | The Monitor blog
Candace Shamieh

Candace Shamieh

Tanja Garcia

Tanja Garcia

Mary Jac Heuman

Mary Jac Heuman

When your team experiences an incident, the tools you use to respond can make all the difference in how quickly you resolve the problem. An effective incident management plan depends on accessible, integrated tools as well as direct channels of communication. Even after the incident has been resolved, documentation and analysis are vital steps that prevent similar issues from occurring in the future.

With Datadog Incident Management, your teams can easily manage an entire incident end to end directly in the Datadog platform, even if you are using other tools or monitoring platforms. Incident Management offers a diverse set of integrations, like Slack, Zoom, Opsgenie, PagerDuty, and Microsoft Teams, so you can effectively collaborate and communicate with the right stakeholders as you troubleshoot to reduce mean time to resolution (MTTR). In addition, the Datadog platform enriches Incident Management by allowing you to use built-in or customized automated workflows, to build a response team with designated roles and defined responsibilities, or to leverage dashboards to discover and analyze the root causes of issues more efficiently. The ability to declare an incident from different places across the Datadog platform also lets you quickly triage issues, and enhanced features like the Datadog mobile app, collaborative Notebooks, and our cross-platform Clipboard allow you to resolve and document problems seamlessly. While these advantages provided by the larger Datadog platform are significant, using it is not a requirement; you can use Datadog Incident Management as a standalone product, even if Datadog is not your primary monitoring platform.

Sounding the alarms

Optimal incident management requires you to work in parallel with other systems, including your on-call management system, response teams, notification tools, services, and more. Whether you receive an alert, a customer brings an issue to your attention, or a member of your team notices a problem, you need to be able to call for an incident and notify the right stakeholders at the right time.

You can declare an incident from multiple places within the Datadog platform, such as a graph widget on a dashboard, our Incidents UI, or any alert reporting into Datadog. You can also initiate an incident response directly from Slack when you enable the Datadog Slack App. You can choose to mark incidents as private during the declaration process, ensuring sensitive information remains confidential and accessible to authorized responders only. Adding custom fields that describe the attributes of the incident provides helpful information while the investigation is open and allows for easy filtering after you resolve.

Popup window showing a user declaring an incident in the Datadog app

Datadog Incident Management provides you with multiple avenues for looping people in quickly. You can send ad-hoc notifications to stakeholders via email, Slack, PagerDuty, or Opsgenie anytime during the incident, from declaration to resolution. If your organization has pre-defined who will respond to specific incidents, you have the flexibility to automate the notification process with customizable rules. Rules allow you to notify stakeholders automatically based on the matching criteria of the incident. Matching criteria include incident severity, affected services, status, root cause category, a specific resource name, and more. For example, you can set up a rule that ensures your leadership team is automatically notified via email every time there is a SEV-1 incident, so the individual declaring the incident does not have to worry about knowing whom to involve in every scenario.

Using customized message templates for ad-hoc or automated notifications eliminates the need to spend time crafting messages during an incident. These templates can automatically populate the notification with relevant context from the particular incident.

When you enable the Datadog Slack App, a dedicated Slack channel will be automatically created for you when you declare an incident. If you add a Datadog Team to the incident, the Datadog Slack App will add all members of that team to the Slack channel. The Slack channel ensures that all responders receive timely updates if there are any changes to the status or properties of the incident. When you set up our Renotify feature in your notification rules, your recipients will receive a new notification whenever your selected incident properties are updated.

Accelerate mean time to resolution

Once you’ve looped in the right people and started working on the incident, the Incident Overview page and Timeline tab ensure you don’t lose any important context during the investigation. You can pin important messages to the timeline or enable Slack mirroring to import and retain the details of your Slack conversations inside your incident timeline. The details and activity that populate in the overview and timeline serve as a convenient system of record that you and your team can reference at all times to quickly resolve incidents.

View of an incident's timeline in the Datadog Incidents UI

The Timeline tab shows all actions that were done in relation to the incident, including status or description updates, comments, related tickets (including Jira tickets), and Slack messages. You can also add interactive graphs from dashboards, metrics, or other relevant telemetry.

Filling out the Overview tab for the incident with relevant details—including incident description, customer impact, affected services, incident responders, root cause, and severity—gives your teams the information they need to get up to speed. The Incidents page also allows you to filter and search for specific incidents later on, providing a solid foundation for your future postmortem documentation.

Accelerate incident response with Incident AI

When alerts escalate into incidents, timely coordination is critical. Along with alert investigation, Bits helps teams stay on top of these high-stakes incidents.

Deliver clarity in chaos with real-time incident summaries and stakeholder updates

Responders who join mid-incident often have to parse through Slack channels with hundreds of messages to piece together what’s happened, what’s been attempted, and where things stand. This information overload creates delays, miscommunication, and longer time to resolution. Bits automatically generates real-time incident summaries with key details like nature, impact, contributing factors, and actions taken. You can also request an on-demand update at any time by messaging “@Datadog, summarize this incident.”

Within Datadog, teams can define custom message templates with dynamic AI-generated fields and then pair them with notification rules to automatically send updates via Slack, Microsoft Teams, email, Datadog On-Call, and other platforms. This ensures that key stakeholders like executives receive timely and relevant updates throughout the incident life cycle without adding manual work to already busy teams. Additionally, you can also ask Bits to draft a Datadog Status Page update to keep customers informed on the progress of the incident.

Recognizing related incidents is often the key to faster resolution. Bits automatically detects when new incidents are declared within 20 minutes of one another and proactively flags potential connections. This helps teams identify whether they’re dealing with a local issue or symptoms of a broader outage and avoid duplicate investigations.

Related incident summary

Capture follow-up tasks and generate a postmortem

Once an incident is resolved, Bits will automatically post a final summary visible to everyone in the channel, ensuring a shared understanding of how the issue was addressed. It also identifies any follow-up tasks mentioned during the incident and prompts users to review and formalize them. These tasks are saved directly in the incident’s Remediation tab in Datadog.

Bits AI SRE followup

When it’s time to document the incident, Bits can help kick things off with a first draft of the incident postmortem that responders can refine and share for review. For organizations with custom reporting requirements, postmortem templates can be configured to include AI variables, such as customer impact, system context, and lessons learned. This reduces time spent compiling information so teams can focus on the deeper analysis that drives improvement. Lastly, as you’re reviewing your operational burden as part of your weekly incident review, you can use Bits to analyze trends by asking questions such as “@Datadog, how many incidents involved checkout failures in the last month?”

With coordination simplified and key information captured automatically, teams can now shift focus to extracting insights that improve resilience.

Derive lessons learned from postmortem reviews

As important as it is to resolve an incident, it’s just as important to analyze the root cause and take steps to help ensure the problem doesn’t happen again. Datadog Incident Management has built-in tools for collaborative documentation so you can learn from resolved incidents.

On the Remediation tab, you can create and track incident follow-up tasks, as well as add links to Datadog Notebooks, Google Docs, Confluence pages, and other relevant documents. Datadog Notebooks will generate an automated postmortem document for you, once you resolve an incident, that includes the entire incident timeline and all related messages, tickets, comments, and graphs. You can also create custom postmortem templates with dynamic variables that will automatically populate to reflect the incident’s context.

Datadog Notebooks supports real-time collaborative editing, so your team can work together to document the incident response process or write and share postmortems. You can add interactive graphs from any Datadog data source and easily scope them to the exact time frame of the incident. Full support for Markdown also enables you to add rich context, like code snippets detailing how to resolve an issue. If the issue occurs again, you’ll have a full record of the steps you previously took to resolve it.

From the Incidents landing page, you can select the Analytics option to view the Incident Management Overview dashboard.

View of Incident Management Overview dashboard

This dashboard can provide you with the context you need to justify resource allocation, prioritize post-incident follow-up tasks, plan a larger project, or other steps required to help you prevent a similar incident in the future.

Optimize your incident management with customized settings and automation

While Datadog Incident Management provides a highly structured incident response plan that is readily available, incident response isn’t one-size-fits-all. If you have processes in place already, Datadog also offers flexible customization options so that you can make it work for your organization. You may decide that customized settings are a better fit for your use cases based on the lessons you’ve identified in a postmortem review. Integrations with Slack, Microsoft Teams, Zoom, CoScreen, and Jira enable you to leverage tools that your teams already use to make your incident response more efficient and effective.

You can define incidents differently to reflect specific scenarios, like optimizing severity settings for security versus non-security incidents. Assigning individual team members to customized roles, such as Incident Commander and Communications Lead, enables you to send notifications directly to the response team as soon as you declare an incident.

Take advantage of custom property fields to describe attributes that are specific to your organization, and then run analytics that will give you insight on incidents that have involved or impacted them. For example, if you’re in the automotive industry and add the models of each of the vehicles you manufacture, then you can run analytics and view historical trends with our Incident Management Overview dashboard to reveal any correlations between particular incidents and the various models.

Get started today

Datadog Incident Management provides a set of features for responding to incidents that’s fully integrated into the monitoring platform you already use, letting you seamlessly pivot from your alerts and data to your incident response workflow and back again.

If you’re a Datadog customer, you can try out the Incidents UI today, as well as the Datadog Slack App. If you’re new to Datadog, sign up for a 14-day free trial.