- Status: Resolved
- Incident Commander: travis-g
- Communications: Links
Summary about what happened goes here. This should only be a few sentences, but should cover everything. The title of the report should include the date of when the actual incident ocurred.
- All impact items.
- How long did the incident have an effect?
The base cause of the issue should go here. This may only be certain after the fact.
This is the area for context, and may have subsections.
- Good things first.
- These should be full sentences, with periods.
- Bullets.
- Bullets.
- Bad bullets.
- Full sentences!
- Maybe worse bullets.
- There could be many...
- Anything fortunate should go here.
- Full sentences, with periods.
- Action items are things that should be done
- Still bullets
- Things completed should be marked as such.
- There doesn't need to be an order per se
- This item is completed.
This should be compiled from Symphony logs, emails, etc., with times in UTC. The real message here should be something along the lines of "These times are in UTC and are compiled from Symphony, emails, and activity logs."
Things leading up to the event.
- 19:04 I read this writeup from Gentoo's wiki about their breach.
- 19:05 Started writing this example writeup.
- Started on gist.github.com.
- 19:08 Looked for more references
- 19:08 Decided some guidelines.
- Seconds should be omitted if unknown, but order should be retained.
- Repo names like travis-g/dotfiles should be italicized.
- URLs should be italicized as well.
- Commit hashes should be italicized.
Extra stuff that should be known, like known bad commits.