Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Inaccurate incident timeline and analysis for manually created incidents?


My team is just getting started with incidents and are currently creating/managing incidents manually. We are mostly wanting them for post-incident analysis and reporting for now. The problem is that the first 10+ minutes are spent investigating/managing the issue and we may not create the incident until after it is resolved as part of the postmortem process. When we do this, we encounter the following issues:

1) The post-incident analysis report duration/time to respond/time to resolve is based on when the incident was created/acked/closed. While the impact start/end/detect seem to be modifiable on the incident page, it doesn't seem to use these as I would expect in the analysis. We would like to use these reports to track detection delay, time to mitigation, time to resolution, etc.

2) When I associate alerts to the incident, only the time they were associated is shown in the incident timeline, not the time the alert occurred, which is what I want.

3) The timeline does not show the modified incident impact begin/end, detection time, etc.

4) When I create the incident manually, I immediately get paged for it and have to ack it. I know I created an incident, I don't need the oncall to be paged about it when it's manually created.

Any ideas for overcoming these issues? Or helpful pointers for setting up our incident management in general? I'm not new to oncall/incident management, just Opsgenie.

1 answer

1 accepted

0 votes
Answer accepted
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Jun 08, 2020

Hi @Danielle Hanks - thanks for your questions and feedback!


For your first point - you're correct, the incident duration is based on the time the incident was created and closed. We do have a feature request to either make those editable, or to make the incident duration based on the editable fields (impact detected/opened, and impact end times). But right now, it's not possible to edit the duration.


The timeline just shows actions that were taken on the incident (i.e. when it was created, resolved, etc.) as well as when any updates were sent out to stakeholders, and when alerts are associated. I can enter a feature request for it to show the time an associated alert was created, as opposed to the time that the alert was associated to the incident, but currently it is showing the latter.


For your last question - generally when you create an incident, you will add responder teams. That means a responder alert will be created for each team that is a responder on the incident, and the responder alerts are how users are notified of incidents, the incident itself doesn't send notifications.

So when you create the incident, the creator of the incident is considered a "responder", so a responder alert is created for them. We do have a feature request for this to not happen, as I see the point that the person creating it manually probably doesn't need to be notified of it.


In summary, we have feature requests for pretty much everything you're looking for, just not all available at the moment. Incident Management is a big focus for Opsgenie currently, so there will continue to be enhancements and new features added to improve the incident management experience in Opsgenie to best fit all our different customer's use-cases.


Hope that helps!




Thanks for your response Samir! I'm glad Incident Management is a big focus, as there is currently a large gap between what is offered and what my team would need.

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events