⚡️ On-call Overview
Welcome to incident.io's On-call! On-call is powered by our Catalog and consists of three main components:
Alerts: Configure alerts from your observability tools.
Escalations: Route alerts to the appropriate escalation paths, schedules, and team members.
Schedules: Define who is on-call to receive escalations.
Once these are set up, we’ll page the right people so they can acknowledge the alert and jump into resolving the issue. We'll also go through how to manually create incidents in this article.
Full flow on how alerts and incidents are created and the right people paged
👇 How to set up your On-call
Follow these five simple steps to set up your On-call configuration:
1️⃣ Setting up your teams
To route your alerts to the right people, you need to configure your teams. Teams live in our Catalog. This is where your organisation structure lives, and where you'll define how different teams are paged. You can configure teams right here in incident.io, or bring them in from a 3rd party source, such as Slack or Backstage.
Head to Catalog
Use the Wizard at the top to connect your teams from a third-party tool like Backstage, or create your own.
💡 You can also structure your Catalog using Services or any custom type instead of teams.
Learn more about Catalog powered On-call here
2️⃣ Building a Schedule
Next, create a schedule for your team. Schedules define when individuals are on-call and can be used in escalation paths.
Head to Schedules
Create a new schedule or import it from your previous tool
Configure your schedule suited for your team:
Handover times (e.g., every Monday at 9 AM
Active hours (e.g., all day or just during business hours)
On-call individuals (set multiple on-call if needed)
Additional rotas, like
Follow-the-sun for 24-hour global coverage.
Shadowing for onboarding new on-call members.
💡 Overrides can be created in the schedule's detail view, from the Schedules tab, or by using /inc cover in Slack.
Learn more about Schedules here
3️⃣ Configuring an Escalation path
Escalation paths define who to notify and in what order when alerts occur.
Head to Escalation paths
Create a new Escalation path and name it
Connect your path to the team or services that should route to it
Set up the path with
Who to notify at each level (which can be schedules, individuals or Slack channels).
Notification timing (how long to wait before escalating to the next level)
Repeat options (how many times to retry if the alert goes unacknowledged)
💡 Customize escalation paths further with working hours, priorities, or round-robin notifications.
Learn more about Escalation paths here
4️⃣ Creating incidents from alerts
Finally, bring in alerts from your observability tools and route them to page your teams and create incidents automatically.
Connecting your alert source
Head to Alert Configuration
Choose your alert source
If there's no direct integration available for your source, connect via HTTP.
Follow the instructions to connect your source, and send your first test alert.
Configure your alert attributes and priority using our AI suggestions
Choose to use attributes or priority from the alert payload or set them as a static field
Make sure to have an attribute which will tell your alert who it should page. Whether you page on Team or Service, or something else, your alert should be able to resolve to an escalation path via Catalog.
💡 Attributes provide extra context to your alerts, like services, affected features, or environments.
Learn more about Attributes here and Priorities here
Routing your alerts to start escalating and creating incidents
Now set up your alert routes to escalate and create incidents automatically.
Create a new Alert route in Alert configuration
Select the sources you want to include
Filter the alerts you want or don't want to trigger incidents
Enable Escalations, choosing either
Dynamic escalation paths based on your team or service attribute (recommended), or
Static paths to use the same escalation path for all alerts
Enable incident creation
Automatically create incidents or filter which alerts should trigger them.
Configure grouping so similar alerts are handled together [Learn more]
You can also choose Mode=Test to create test incidents
💡 No need to create a route for each team! See best practices for alert routing here.
Learn more about Alert configuration here
5️⃣ Creating incidents manually
Alerts might create most of your incidents, but for example, customer-facing teams might need to raise incidents manually. To ensure your customer-facing teams don't need to know the specific teams who own a feature, we'll use the Catalog to escalate to the right team based on the feature. Here's how to help them create incidents and automatically page the right people!
Head to the Catalog and create a new type like Features.
Go to Settings and Custom fields to create a Custom field ie 'Affected Features'
Then go to Forms , 'Declare' and add 'Feature' to the form
Then head to Workflows and create a new workflow
Choose the template 'Escalate via incident.io'
Edit the step 'Escalate via incident.io and create an expression that navigates from the Feature to the Escalation path
Save draft and set live!
Now when someone manually creates an incident, we'll ask what features are affected and then escalate the incident to the right people.
💡 You can also edit the Escalation form that comes when you use the command /inc escalate
Find more specific instructions for configuring manual paging here
Start testing
Everything’s ready! Send some test alerts to see how your on-call setup works. You can disable escalations or incidents in the alert route during testing if needed.
Read more about
💡 When responders are added to a schedule or escalation path, they’ll automatically receive notifications to set up their on-call configuration with sensible default settings.
If you have any questions or concerns about configuring your on-call program, please message us via your Slack Connect channel, on Intercom, or at [email protected].