ProdRescue AI
Back to home

How it works

How ProdRescue works

Deploy → incident → structured RCA: four-layer report pipeline, Honest Score, and a live timeline demo: technical detail, not marketing fluff.

Incident logs produce evidence-backed RCA. Deploy analysis runs in parallel (Team: manual + automatic) and never replaces log citations.

Automatic deploy analysis (Team): add a GitHub webhook from Account: each qualifying event runs "what changed" + risk (separate from log-backed RCA). Manual context: on New incident, open Incident Parameters to paste git log / PRs, or use Import last 20 commits / AI deploy risk scan. Evidence refs [1][6] map to incident logs only.

Jump to: Slack incident flow · 4-layer engine · Honest Score · timeline demo.

Slack · same RCA engine

How the Slack incident flow works

Nothing magic happens inside Slack that bypasses evidence: we pull the messages Slack lets us read, run the same multi-stage pipeline as the web app, and return citations tied to those lines. Below is the full path, from OAuth to in-channel reply, so you know exactly what runs and when.

  1. 1

    Authorize your workspace

    From Account Add to Slack, you install our app via OAuth. We store a bot token for your workspace only. Scopes cover slash commands, posting in channels where the bot is present, and reading channel / thread history where Slack allows (e.g. publicchannels:history, private groups:historywhen the bot is a member).

  2. 2

    Invite the app into the incident channel

    Run /invite @ProdRescue AI in #incidents (or the channel where the outage is discussed). The bot must be in that channel to read messages and post results, seeing the channel in the sidebar is not the same as having the bot invited.

  3. 3

    Trigger: slash command or mention

    /incident from the channel with no extra text runs channel mode. We analyze recent activity in that channel (best when traffic is focused on the outage). Paste a Slack thread permalink after the command for thread mode, which uses narrower context and is usually faster and sharper. Mentions on a thread follow the same idea: we anchor on that thread's messages.

  4. 4

    Fetch only what Slack exposes

    We call Slack's APIs with your workspace token and pull the messages we're allowed to see for that channel or thread. If history is empty, scopes are missing, or there's no readable technical text, we stop with a clear error. We don't invent logs. That's why reinstall / scope updates or using a focused thread URL is sometimes required.

  5. 5

    Same 4-layer engine as paste-in RCA

    Retrieved Slack text is treated as the incident evidence bundle, equivalent to pasting logs on New incident. Denoise → RCA → evidence mapping → assembly runs on the server. Numbered citations [1], [6] refer to those Slack lines, not generic model prose.

  6. 6

    Reply in Slack + full report in-app

    You get an in-channel summary and a link to the full interactive report (PDF optional). Honest Score still measures how well claims mapped to the retrieved messages, same transparency as the web path. Optional Team GitHub deploy context remains parallel: it never substitutes for Slack-derived evidence refs [1][6].

Privacy: analysis uses content Slack returns for channels the bot can access, we don't scrape workspaces you haven't connected, and tokens can be revoked anytime from Account → Slack.

Integrations & setup detail

The 4-Layer Incident Analysis Engine

For incident logs, the path is Denoise → RCA → Evidence mapping → Assembly. If your team connects GitHub, deploy analysis and webhook automation run in parallel. None of that replaces log evidence in the RCA. Model versions may change over time.

1
GPT-4o

Denoising

Cleanup

Clean noisy logs.

2
Claude Sonnet

RCA

Analysis

Find the root cause. Timeline. Impact. Logs only.

3
Gemini 2.5 Pro

Evidence Mapping

Evidence

Every claim linked to real logs. [1], [6], [8] → source.

4
GPT-4o

Assembly

Assembly

Executive-ready report. Timeline. RCA. Action items.

What you get (incident path)

  • Executive report (optional PDF, one click)
  • Timeline with evidence links [1], [6], [8]
  • Root Cause + Contributing Factors
  • Action Items (owner / priority / deadline)
  • Team: parallel deploy analysis on webhook (what changed + risk). See Account.

Transparency & evidence

Honest Score reflects evidence coverage. It measures how many claims are matched to real log lines, not AI self-rating.

Bottom line

Honest Score reflects how well we could map claims to your logs, not model bravado. Thin logs mean a lower score and an explicit nudge to add more signal; we never fake certainty.

Generic AI

95%

Self-reported confidence

Model says confident. No way to verify. No log backing.

ProdRescue: Honest Score

60–100%

High coverage trends toward 95% · low coverage is capped

Most claims matched → higher score. Coverage drops → score is capped and "Manual review recommended" is shown.

Evidence 30% → Score capped. Some claims not matched to logs.

Every claim → real log line. No hallucinations. Can't match enough? We tell you.

Real incident timeline

Click a citation in the timeline to open the matching source log, just like in Datadog or Sentry.