CONTROL PLANE / INCIDENTS
TraceFlux incidents are stateful operational objects formed by deterministic correlation. Each incident includes structured evidence, scoped blast radius, confidence scoring, and governed actions.
• Unified cross-signal timeline
• Deterministic grouping
• Governed & replayable actions
• Signal detected (Flow anomaly)
• Correlated with BGP route flap
• Suppressed duplicate DNS alerts
• Replay validated mitigation path
Linked telemetry artifacts across Flow, BGP, DNS, and metrics — structured, not raw noise.
Open → Investigating → Mitigating → Monitoring → Resolved. Every transition recorded.
Blast radius, affected services, trust score, and risk context included by default.
Incident formed by correlation engine.
Timeline + evidence + scope.
Replay + policy validation.
Approval gate + audit log.
Watch ingestion → correlation → incident formation → governance workflow in real time.