Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.scrubbe.com/llms.txt

Use this file to discover all available pages before exploring further.

Incidents in Scrubbe represent a discrete failure or degradation event in your systems. Each incident ticket tracks the full lifecycle — from the moment an alert fires to the final post-mortem — giving your team a single source of truth throughout the response. This guide walks you through the core operations: creating a ticket, moving it through its status states, adding comments, and marking it resolved.

Prerequisites

  • A valid API key with incident read/write permissions
  • The base URL for your Scrubbe workspace (e.g., https://api.scrubbe.io)
All requests require the Authorization: Bearer <token> header.

Create an incident

When an alert fires or an engineer spots an issue, open a ticket immediately. Providing complete context up front — including techDescription, impactSummary, and blastRadius — helps responders act faster and feeds Ezra’s AI analysis. 
curl -X POST https://api.scrubbe.io/api/v1/incident-ticket \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "summary": "Payment service down",
    "priority": "CRITICAL",
    "status": "OPEN",
    "source": "MONITORING",
    "serviceArea": "payments",
    "environment": "production",
    "region": "us-east-1",
    "assignedToEmail": "oncall@example.com",
    "description": "The payment gateway is returning 500 errors.",
    "techDescription": "Redis connection pool exhausted.",
    "impactSummary": "All checkout flows are failing.",
    "blastRadius": "100% of users attempting checkout"
  }'

Priority and status values

FieldAllowed values
priorityLOW, MEDIUM, HIGH, CRITICAL
statusOPEN, ACKNOWLEDGED, INVESTIGATION, MITIGATED, RESOLVED, CLOSED
Set status to OPEN on creation. Move it through the lifecycle as your team responds — this keeps the timeline accurate for post-mortems.

List and retrieve incidents

Fetch all incidents in your workspace, or retrieve a single ticket by its ID. 
curl https://api.scrubbe.io/api/v1/incident-ticket \
  -H "Authorization: Bearer <token>"

Update an incident

Use PUT /api/v1/incident-ticket/:id to change any field on an existing ticket — reassign it, escalate the priority, or advance the status as your response progresses. 
curl -X PUT https://api.scrubbe.io/api/v1/incident-ticket/<id> \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "status": "INVESTIGATION",
    "priority": "CRITICAL",
    "assignedToEmail": "senior-oncall@example.com"
  }'

Add and read comments

Comments keep the incident timeline intact and let responders share findings without leaving the ticket context. 
curl -X POST https://api.scrubbe.io/api/v1/incident-ticket/comment \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "ticketId": "<id>",
    "body": "Redis maxmemory policy changed — monitoring pool recovery."
  }'

Resolve an incident

Once the issue is contained, mark the incident resolved. You can resolve it directly or use the customer knowledge base endpoint to attach a resolution note that gets shared with affected customers. 
curl -X POST https://api.scrubbe.io/api/v1/incident-ticket/resolve/<id> \
  -H "Authorization: Bearer <token>"
After resolving an incident, use the Post-mortems guide to generate an AI-assisted five-whys analysis and stakeholder report.

View incident analytics

Pull aggregate metrics across all incidents in your workspace — useful for trend analysis, SLA tracking, and reporting. 
curl https://api.scrubbe.io/api/v1/incident-ticket/analytics \
  -H "Authorization: Bearer <token>"

Delete an incident

Deleting an incident is permanent and removes all associated comments and history. Only delete test or duplicate tickets.
curl -X DELETE https://api.scrubbe.io/api/v1/incident-ticket/<id> \
  -H "Authorization: Bearer <token>"