IncidentFlow

Automate Windows Incident Response with AI.

Convert overwhelming Event Logs into classified, actionable insights instantly—all while maintaining local control and security.

Get Started v1.0 Documentation
IncidentFlow Dashboard Visualization

Engineered for Reliability

🤖 Contextual AI

Powered by DeepSeek LLM to understand the nuance of error messages, reducing false positives and accelerating MTTR.

⚡ Real-Time Pushing

Detects critical Windows errors as they happen and pushes high-fidelity alerts to Slack via a resilient microservices architecture.

🛡️ Enterprise Core

Runs as managed Windows Services with NSSM. Secured by API key authentication and designed for 24/7 background operation.

System Architecture

IncidentFlow operates as a decoupled microservices architecture on your Windows Server. This ensures that log monitoring, AI classification, and external notifications remain resilient and independent.

flowchart TD A["Windows Event Logs"] --> B["Log Agent Service"] B --> C["MCP Server"] C --> D["DeepSeek AI API"] D --> C C --> E["Slack Agent Service"] E --> F["Slack Workspace"] style C fill:#3b82f6,stroke:#fff,stroke-width:2px,color:#fff style D fill:#fbbf24,stroke:#fff,stroke-width:2px,color:#000