Incident Reports in Minutes, Not Hours

AI compiles incident timelines, impact assessments, and root cause analysis from multiple sources. Your team verifies before distribution.

The problem

Why this matters

Incident reports are often delayed because compiling information from monitoring tools, chat logs, and system data during a stressful outage is time-consuming. Stakeholders wait hours or days for updates while the engineering team is focused on resolution. When reports finally arrive, they're often incomplete or inconsistent because they were written under pressure.

The solution

How MultiMail solves this

MultiMail's AI agent compiles incident information from your monitoring systems, generates structured incident reports with timelines, impact assessments, and remediation steps, then distributes them to stakeholders. Gated_send oversight ensures reports are reviewed for accuracy before distribution, which is critical given the sensitive nature of incident communications.

1

Detect Incident

Your monitoring system triggers the AI agent when an incident is detected — outage, performance degradation, security event, or safety incident.

2

Gather Information

The agent pulls data from monitoring dashboards, alert logs, and system metrics to build a comprehensive incident timeline and impact assessment.

3

Generate Structured Report

The AI composes a professional incident report with sections for summary, timeline, impact, root cause, remediation steps, and follow-up actions.

4

Review and Distribute

Under gated_send, the report enters the approval queue. The incident commander or engineering lead reviews for accuracy before the report is sent to all stakeholders via send_email.

Code examples

Implementation

Generate Incident Report
python
import requests
from datetime import datetime

API = "https://api.multimail.dev/v1"
HEADERS = {"Authorization": "Bearer mm_live_xxx"}

def generate_incident_report(incident: dict):
    report = (
        f"Incident Report: {incident[&"cm">#039;title']}\n"
        f"{&"cm">#039;=' * 50}\n\n"
        f"Severity: {incident[&"cm">#039;severity']}\n"
        f"Duration: {incident[&"cm">#039;start']} — {incident['end']}\n"
        f"Impact: {incident[&"cm">#039;impact_summary']}\n\n"
        f"Timeline:\n"
        + "\n".join(
            f"  {e[&"cm">#039;time']} — {e['description']}"
            for e in incident["timeline"]
        )
        + f"\n\nRoot Cause:\n{incident[&"cm">#039;root_cause']}\n\n"
        f"Remediation:\n{incident[&"cm">#039;remediation']}\n\n"
        f"Follow-up Actions:\n"
        + "\n".join(f"  - {a}" for a in incident["action_items"])
    )

    # Send to stakeholders (queued for IC review)
    response = requests.post(
        f"{API}/send",
        headers=HEADERS,
        json={
            "from": "[email protected]",
            "to": "[email protected]",
            "subject": f"Incident Report: {incident[&"cm">#039;title']} - {incident['start']}",
            "text_body": report,
            "html_body": build_report_html(incident)
        }
    )
    print(f"Report queued for review: {response.json()[&"cm">#039;id']}")

Compile incident data and generate a structured report for stakeholder distribution.

Send Status Updates During Incident
python
import requests

API = "https://api.multimail.dev/v1"
HEADERS = {"Authorization": "Bearer mm_live_xxx"}

def send_status_update(incident_id: str, update: dict):
    body = (
        f"Incident Update: {update[&"cm">#039;title']}\n\n"
        f"Status: {update[&"cm">#039;status']}\n"
        f"Current impact: {update[&"cm">#039;current_impact']}\n\n"
        f"Latest development:\n{update[&"cm">#039;description']}\n\n"
        f"Next update expected: {update[&"cm">#039;next_update_eta']}"
    )

    requests.post(
        f"{API}/send",
        headers=HEADERS,
        json={
            "from": "[email protected]",
            "to": "[email protected]",
            "subject": f"[UPDATE] {update[&"cm">#039;title']} - {update['status']}",
            "text_body": body,
            "html_body": f"<h2>Incident Update</h2><p>{body}</p>",
            "thread_id": incident_id
        }
    )

Distribute real-time status updates to stakeholders while an incident is ongoing.

MCP Tool Integration
typescript
"cm">// Using MultiMail MCP tools for incident reports

async function distributeIncidentReport(incident: Incident) {
  const report = compileReport(incident);

  "cm">// Send report (queued for IC review under gated_send)
  await mcp.send_email({
    to: "[email protected]",
    subject: `Incident Report: ${incident.title} - ${incident.startTime}`,
    text_body: formatReportText(report)
  });

  "cm">// Also notify on-call team
  await mcp.send_email({
    to: "[email protected]",
    subject: `[ACTION REQUIRED] ${incident.title} - follow-up items`,
    text_body: formatActionItems(report.actionItems)
  });

  "cm">// Tag for incident tracking
  await mcp.tag_email({
    email_id: report.emailId,
    tags: ["incident-report", incident.severity, incident.category]
  });
}

Generate and distribute incident reports using MultiMail MCP tools.

Benefits

What you get

Reports in Minutes, Not Hours

AI compiles information from multiple sources and generates a structured report in minutes. Stakeholders get informed while the incident is still fresh.

Consistent Report Format

Every incident report follows the same structured format with timeline, impact, root cause, and action items. No more inconsistent, ad-hoc emails.

Accuracy Review Before Distribution

Gated send ensures the incident commander or engineering lead reviews the report for accuracy before it reaches stakeholders. This prevents premature root cause attributions or incorrect impact assessments.

SOC2 Audit Evidence

Every incident report and its distribution is logged in MultiMail's audit trail, providing evidence of timely incident notification for SOC2 and other compliance requirements.

Oversight

Recommended oversight mode

Recommended
gated_send
Incident reports contain sensitive operational details and root cause analyses that must be accurate before distribution. Incorrect information in an incident report can cause unnecessary alarm or misguide remediation efforts. Gated send ensures the incident commander verifies all details before stakeholders see the report.
FAQ

Common questions

Can the AI generate the root cause analysis?
The AI can draft a preliminary root cause analysis based on monitoring data, error logs, and timeline correlation. However, root cause analysis should always be verified by the engineering team during the gated_send review. The AI provides the first draft to save time; the team provides the expertise.
How do I distribute to different stakeholder groups?
You can configure distribution lists based on incident severity and category. Critical production outages go to executives, engineering leadership, and the support team. Lower-severity incidents might only notify the engineering team. Your AI agent manages the routing logic.
Can I send updates during an ongoing incident?
Yes. The agent can send periodic status updates to stakeholders while an incident is being resolved. These updates use MultiMail's thread tracking to keep all incident communications in a single thread, making it easy to follow the incident timeline via email.
Does this integrate with PagerDuty or Opsgenie?
MultiMail handles the email distribution. Your AI agent integrates with your incident management platform (PagerDuty, Opsgenie, etc.) via their APIs to receive incident data. The agent compiles the data and sends reports through MultiMail.
Related

Explore more use cases

System Alerts & Monitoring

notifications

View guide →

Deployment Alerts

developer

View guide →
Get started

The only agent email with a verifiable sender

Email infrastructure built for AI agents. Verifiable identity, graduated oversight, and a 38-tool MCP server. Formally verified in Lean 4.

Read the Docs See Pricing