incident-postmortem

Generate structured, blame-free incident postmortem reports from logs, timeline data, and incident metadata. Produces root cause analysis, impact assessment, timeline reconstruction, lessons learned, and action items. Supports log parsing (syslog, JSON, Apache/Nginx, Python tracebacks), timeline JSON input, blame-free language checking, and multiple output formats (markdown, HTML, JSON). Use when asked to create a postmortem, write an incident report, document an outage, generate a post-incident review, analyze incident timeline, check postmortem language for blame, create RCA (root cause analysis), or produce an after-action report. Triggers on "postmortem", "incident report", "outage report", "post-incident", "root cause analysis", "RCA", "after-action", "blameless review", "incident review".

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "incident-postmortem" with this command: npx skills add charlie-morrison/cm-incident-postmortem

Incident Postmortem

Generate structured, blame-free incident postmortem reports with timeline reconstruction, log analysis, and action item tracking.

Quick Start

# Create a postmortem from scratch (fills in template sections)
python3 scripts/generate_postmortem.py --title "Database outage" --severity P1

# Parse logs to auto-extract timeline events
python3 scripts/generate_postmortem.py --title "API latency" --log /var/log/app.log --since 2h

# Load a complete incident from JSON
python3 scripts/generate_postmortem.py --from incident.json --output html -o postmortem.html

# Combine logs + manual timeline
python3 scripts/generate_postmortem.py --title "Deploy failure" --log /var/log/deploy.log --timeline events.json

# Check existing document for blameful language
python3 scripts/generate_postmortem.py --check-blame existing-report.md

Features

  1. Log parsing — Auto-detects syslog, JSON, Apache/Nginx, Python tracebacks, Docker, generic timestamped formats. Extracts errors, warnings, and notable events into a timeline.
  2. Timeline reconstruction — Merges log-extracted events with manual timeline JSON. Sorted chronologically with event type labels (detection, action, escalation, resolution).
  3. Blame-free language — Built-in checker scans for blameful patterns and suggests alternatives. Use --check-blame on any document.
  4. Severity classification — P0 (critical) through P3 (low) with appropriate descriptions.
  5. Multiple outputs — Markdown (default), HTML (styled), JSON (structured).
  6. CI-friendly exit codes — 0 (clean), 1 (errors found), 2 (critical severity).
  7. Template sections — Summary, impact, timeline, root cause, detection, resolution, lessons learned, action items.

Options

FlagDefaultDescription
--titlerequiredIncident title
--severityP2P0, P1, P2, or P3
--datetodayIncident date
--durationTBDHow long it lasted
--summaryBrief summary text
--logLog file path (repeatable)
--sinceallTime filter for logs (1h, 24h, 7d)
--timelineTimeline JSON file
--fromLoad full incident from JSON
--outputmarkdownOutput format: markdown, html, json
-ostdoutOutput file path
--check-blameCheck file for blameful language

Workflow

After an Incident

  1. Gather logs: --log /var/log/app.log --log /var/log/nginx/error.log --since 4h
  2. Generate draft: python3 scripts/generate_postmortem.py --title "..." --severity P1 --log ... -o draft.md
  3. Fill in template sections (summary, root cause, impact, resolution)
  4. Run blame check: --check-blame draft.md
  5. Add action items and share

From Structured Data

  1. Create incident.json with full details (see references/templates.md for schema)
  2. Generate: --from incident.json --output html -o postmortem.html

Periodic Review

Use JSON output to track action item completion across multiple postmortems.

References

  • templates.md — Full JSON schema, timeline event types, blame-free language guide with replacements

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Research

Postmortem Generator

Generate blameless incident postmortems from timeline data, alerts, and chat logs. Produce structured reports with root cause analysis, contributing factors,...

Registry SourceRecently Updated
00charlie-morrison
Research

Agentype

Run the Agentype workflow for local AI-agent usage analysis: collect and cache deterministic JSON, infer a persona/archetype from aggregate usage signals, th...

Registry SourceRecently Updated
500cyzlmh
Research

Amazon Ops Agents

AI-driven multi-agent system for Amazon sellers offering product research, listing optimization, ad management, inventory, pricing, review, brand protection,...

Registry SourceRecently Updated
1320wangm-a3
Research

Anygen Workflow Generate

AI-powered content creation suite. Create slides/PPT, documents, diagrams, websites, data visualizations, research reports, storybooks, financial analysis, a...

Registry SourceRecently Updated
00supertilico2001