Skip to main content

The Problem

Post-incident investigations are slow, manual, and depend on institutional knowledge that walks out the door. Root cause analysis is inconsistent. Recurring incidents share the same root cause with different symptoms.

What It Does

Feed it a production incident. Returns:
  • 5-Why trace
  • Impacted symbol and dependency graph
  • Historical pattern matches against prior incidents
  • Structured remediation brief

Try It

activate nablr
Set agent to forensic_engineer. [describe the incident]
Always provide context upfront — the more specific, the faster the RCA:
Set agent to forensic_engineer. The payment API returns 500 errors when the cart contains more than 10 items. Started after yesterday's deploy.
Then proceed to fix:
Set agent to strategist
Set agent to developer. Implement the approved fix

Expected Output

  • nablr-reports/forensic_engineer/rca_*.md — 5-Why trace + root cause
  • Impacted symbol graph
  • Remediation brief with recommended fix
  • Regression test to prevent recurrence

Who This Is For

  • SRE and platform teams
  • On-call engineers
  • Engineering managers running post-mortems
  • Any organization where incident resolution time directly affects revenue or SLA
Paste the error message, stack trace, or log snippet directly into the prompt. ForensicsIQ uses concrete evidence, not guesses.