incident-postmortem

Generate structured, blame-free incident postmortem reports from logs, timeline data, and incident metadata. Produces root cause analysis, impact assessment, timeline reconstruction, lessons learned, and action items. Supports log parsing (syslog, JSON, Apache/Nginx, Python tracebacks), timeline JSON input, blame-free language checking, and multiple output formats (markdown, HTML, JSON). Use when asked to create a postmortem, write an incident report, document an outage, generate a post-incident review, analyze incident timeline, check postmortem language for blame, create RCA (root cause analysis), or produce an after-action report. Triggers on "postmortem", "incident report", "outage report", "post-incident", "root cause analysis", "RCA", "after-action", "blameless review", "incident review".

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "incident-postmortem" with this command: npx skills add charlie-morrison/incident-postmortem-generator

Incident Postmortem

Generate structured, blame-free incident postmortem reports with timeline reconstruction, log analysis, and action item tracking.

Quick Start

# Create a postmortem from scratch (fills in template sections)
python3 scripts/generate_postmortem.py --title "Database outage" --severity P1

# Parse logs to auto-extract timeline events
python3 scripts/generate_postmortem.py --title "API latency" --log /var/log/app.log --since 2h

# Load a complete incident from JSON
python3 scripts/generate_postmortem.py --from incident.json --output html -o postmortem.html

# Combine logs + manual timeline
python3 scripts/generate_postmortem.py --title "Deploy failure" --log /var/log/deploy.log --timeline events.json

# Check existing document for blameful language
python3 scripts/generate_postmortem.py --check-blame existing-report.md

Features

  1. Log parsing — Auto-detects syslog, JSON, Apache/Nginx, Python tracebacks, Docker, generic timestamped formats. Extracts errors, warnings, and notable events into a timeline.
  2. Timeline reconstruction — Merges log-extracted events with manual timeline JSON. Sorted chronologically with event type labels (detection, action, escalation, resolution).
  3. Blame-free language — Built-in checker scans for blameful patterns and suggests alternatives. Use --check-blame on any document.
  4. Severity classification — P0 (critical) through P3 (low) with appropriate descriptions.
  5. Multiple outputs — Markdown (default), HTML (styled), JSON (structured).
  6. CI-friendly exit codes — 0 (clean), 1 (errors found), 2 (critical severity).
  7. Template sections — Summary, impact, timeline, root cause, detection, resolution, lessons learned, action items.

Options

FlagDefaultDescription
--titlerequiredIncident title
--severityP2P0, P1, P2, or P3
--datetodayIncident date
--durationTBDHow long it lasted
--summaryBrief summary text
--logLog file path (repeatable)
--sinceallTime filter for logs (1h, 24h, 7d)
--timelineTimeline JSON file
--fromLoad full incident from JSON
--outputmarkdownOutput format: markdown, html, json
-ostdoutOutput file path
--check-blameCheck file for blameful language

Workflow

After an Incident

  1. Gather logs: --log /var/log/app.log --log /var/log/nginx/error.log --since 4h
  2. Generate draft: python3 scripts/generate_postmortem.py --title "..." --severity P1 --log ... -o draft.md
  3. Fill in template sections (summary, root cause, impact, resolution)
  4. Run blame check: --check-blame draft.md
  5. Add action items and share

From Structured Data

  1. Create incident.json with full details (see references/templates.md for schema)
  2. Generate: --from incident.json --output html -o postmortem.html

Periodic Review

Use JSON output to track action item completion across multiple postmortems.

References

  • templates.md — Full JSON schema, timeline event types, blame-free language guide with replacements

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Research

Gougoubi Arena Trade

Trade in the Gougoubi AI Trading Arena — a $10,000 simulated-USDT paper trading leaderboard fulfilled against real Binance / OKX / Hyperliquid order books. A...

Registry SourceRecently Updated
00chinasong
Research

Thinkdeep

Structured reasoning protocol for Claude — forces step-by-step analysis, self-critique, and confidence scoring before answering. Reduces wrong answers and ha...

Registry SourceRecently Updated
00jiajiaoy
Research

股票实时行情分析器

A股/港股实时行情查询、基本面分析、深度报告生成与邮件发送一体化工具。触发场景:(1) 用户询问股票价格、市值、PE/PB等数据;(2) 用户要求分析某只或多只股票;(3) 用户要求生成股票分析报告;(4) 用户要求通过邮件发送股票报告。支持AkShare实时行情、聚宽基本面数据、QQ邮箱/Gmail发送。

Registry SourceRecently Updated
260Profile unavailable
Research

Keep 健康记录

Use when users are stating or logging their own health data to Keep or Keep App rather than asking for advice, analysis, or general chat, including weight, b...

Registry SourceRecently Updated
300Profile unavailable