Incident management

Explore the topics in this section to learn how to respond to incidents detected in your Observability data.


Alerting	Trigger alerts when incidents occur, and use built-in connectors to send the alerts to email, slack, or other third-party systems, such as your external incident management application.
Cases	Collect and share information about Observability issues by opening cases and optionally sending them to your external incident management application.
Service-level objectives (SLOs)	Set clear, measurable targets for your service performance, based on factors like availability, response times, error rates, and other key metrics.

Automate incident response with workflows

Use Elastic Workflows to encode your incident-response runbooks as declarative YAML automations triggered by alerts. The Automate root cause analysis for an Observability alert workflow shows how to invoke an Agent Builder agent on each alert, attach the analysis to a case, and notify the on-call channel.