When an incident fires, you don't need more dashboards.
You need answers, fast.
This post is a build-a-tool weekend project: a Python CLI that collects logs from systemd and Docker, highlights repeating patterns, maps them to the Golden Signals, and generates a ready-to-use incident report.
Project files
incopilot/
cli.py collectors.py
analyzer.py reporter.py config.py
scripts/
demo_generate_sample_logs.py
requirements.txt pyproject.toml README.md
Setup
python -m venv .venv && source .venv/bin/activate
pip install -r requirements.txt
Quick demo (no real services)
python scripts/demo_generate_sample_logs.py
python -m incopilot file --path sample.log
Systemd triage
python -m incopilot journal --unit nginx --since "30 min ago"
Docker triage
python -m incopilot docker --container my-api --since 1h
Both (bundle)
python -m incopilot bundle --unit nginx --container my-api --since-journal "30 min ago" --since-docker 1h
Outputs
-
out/report.md— human-friendly -
out/report.json— machine-friendly
Originally published on [LINK]
💬 What's your go-to first command when an incident fires?
Drop it in the comments — I'll add the best ones to the safe-commands list.
Top comments (0)