Skip to main content
POST
/
api
/
v1
/
incidents
/
{name}
/
resolve
Resolve Incident
curl --request POST \
  --url https://api.example.com/api/v1/incidents/{name}/resolve \
  --header 'Content-Type: application/json' \
  --data '
{
  "resolution": "<string>"
}
'
{
  "apiVersion": "v1",
  "kind": "Incident",
  "metadata": {
    "name": "INC-20260319-001",
    "namespace": "production",
    "annotations": {
      "aiops.chatcli.io/resolved-by": "operator",
      "aiops.chatcli.io/resolved-at": "2026-03-19T16:45:00Z",
      "aiops.chatcli.io/manual-resolution": "true"
    }
  },
  "spec": {
    "resourceRef": {
      "kind": "Deployment",
      "name": "payment-service",
      "namespace": "production"
    },
    "severity": "critical",
    "signalType": "oom_kill"
  },
  "status": {
    "state": "Resolved",
    "resolution": "Memory leak fixed in payment-service v2.4.1 hotfix deployed manually. Verified stable for 15 minutes.",
    "resolvedAt": "2026-03-19T16:45:00Z",
    "detectedAt": "2026-03-19T14:30:00Z",
    "remediationAttempts": 3,
    "escalatedAt": "2026-03-19T15:15:00Z"
  }
}
name
string
required
Unique incident name (e.g., INC-20260319-001)
namespace
string
default:"default"
Kubernetes namespace of the incident
resolution
string
Description of how the incident was resolved. If omitted, defaults to "Manually resolved via dashboard".Best practice: always provide a meaningful resolution message for postmortem and audit trail.

When to Use This Endpoint

This endpoint is critical in the following scenarios:

1. Escalated Incidents (Human Action Required)

When the AIOps platform exhausts all automatic remediation attempts (default: 3 retries), the incident transitions to the Escalated state. At this point:
  • The notification system alerts the on-call team via configured channels (Slack, PagerDuty, etc.)
  • The escalation policy progresses through levels (L1 → L2 → L3) based on timeouts
  • No further automatic remediation will be attempted
  • The incident remains in Escalated state until a human resolves it via this endpoint, the web dashboard, or the CLI

2. Manual Verification After Auto-Remediation

Even when automatic remediation succeeds, operators may want to manually verify and close the incident with additional context.

3. False Positives

When an incident is detected but the operator determines it’s a false positive, use this endpoint with a resolution like "False positive — metric spike caused by scheduled batch job".

Resolution Flow for Escalated Incidents

Incident Detected

  AI Analysis → Runbook/Agentic Remediation
      ↓                    ↓
  Success → Resolved    Failure (retry up to 3x)

                    All retries exhausted

                      ESCALATED ← You are here

         ┌─────────────────┼──────────────────┐
         ↓                 ↓                  ↓
    API Resolve      Dashboard Button     CLI Command
  POST /resolve      "Resolve" btn      (future release)
         ↓                 ↓                  ↓
         └─────────────────┼──────────────────┘

                    State: Resolved
                    PostMortem generated
                    Dedup cache cleared
                    Audit event recorded

What Happens After Resolution

  1. State Change: The incident transitions from Escalated (or any active state) to Resolved
  2. Annotations Added:
    • aiops.chatcli.io/resolved-by — the authenticated role/user
    • aiops.chatcli.io/resolved-at — resolution timestamp
    • aiops.chatcli.io/manual-resolution — set to "true"
  3. Dedup Cache Cleared: The resource’s deduplication entry is invalidated, allowing new anomalies to be detected for the same resource
  4. PostMortem Generated: An automatic postmortem is created with the resolution details
  5. Audit Event: An immutable audit event is recorded for compliance
{
  "apiVersion": "v1",
  "kind": "Incident",
  "metadata": {
    "name": "INC-20260319-001",
    "namespace": "production",
    "annotations": {
      "aiops.chatcli.io/resolved-by": "operator",
      "aiops.chatcli.io/resolved-at": "2026-03-19T16:45:00Z",
      "aiops.chatcli.io/manual-resolution": "true"
    }
  },
  "spec": {
    "resourceRef": {
      "kind": "Deployment",
      "name": "payment-service",
      "namespace": "production"
    },
    "severity": "critical",
    "signalType": "oom_kill"
  },
  "status": {
    "state": "Resolved",
    "resolution": "Memory leak fixed in payment-service v2.4.1 hotfix deployed manually. Verified stable for 15 minutes.",
    "resolvedAt": "2026-03-19T16:45:00Z",
    "detectedAt": "2026-03-19T14:30:00Z",
    "remediationAttempts": 3,
    "escalatedAt": "2026-03-19T15:15:00Z"
  }
}

{
  "apiVersion": "v1",
  "kind": "Error",
  "error": {
    "code": 404,
    "message": "Incident not found",
    "details": "No incident named 'INC-20260319-999' found in namespace 'production'"
  }
}

{
  "apiVersion": "v1",
  "kind": "Error",
  "error": {
    "code": 409,
    "message": "Incident already resolved",
    "details": "The incident 'INC-20260319-001' was already resolved at 2026-03-19T16:45:00Z"
  }
}