What it does
Warrnagen reads the alert, then pulls relevant context from:- Your codebase (recent changes around the affected service).
- Logs and metrics from the providers configured on the service.
- Recent deploys.
- Past incidents and historically similar alerts.
- Connected knowledge (runbooks, postmortems).
What you see
The Investigation tab moves through clear states:- Pending - the investigation is queued.
- Running - a progress bar shows the current phase and which sub-agents are active.
- Completed - a summary card with the suspected root cause, severity, and confidence, followed by:
- Findings - individual observations with their own severity and confidence.
- Recommended actions - what to do next, ranked by urgency.
- Affected components - which services, hosts, or modules are implicated.
- Suggested runbooks - matched from your Knowledge and any connected Confluence space.
- Code fix - if a likely fix is in your codebase, a draft PR link.
- Failed - shown with a Retry button.