Incident Monitor Setup Checklist
Use this checklist when setting up current Incident Monitor or preparing for destination-router Incident Monitor work.
Current GitHub setup
- Enable Incident Monitor in
Settings -> Incident Monitor. - Set the GitHub repo in
owner/repoformat. - Select an MCP server with GitHub list, get, create, and comment capabilities.
- Keep
require_approval_for_new_issuesaligned with team policy. - Run status/readiness and confirm GitHub read/write capabilities are available.
- Submit a manual report or external log fixture.
- Create or refresh the triage run.
- Preview or publish only after the draft has enough evidence.
- Confirm the post receipt includes the destination ID, external URL, and evidence digest.
External source setup
- Add
monitored_projectswith stableproject_id,repo, andworkspace_root. - Add
log_sourceswith stablesource_idvalues. - Set
source_kind, route tags, tenant/workspace IDs, and schema version where known. - Set
allowed_destination_idsanddefault_destination_idsfor any source that must be constrained. - Create scoped intake keys only for report-only external systems.
- Confirm scoped keys cannot publish, mutate routes/destinations, call tools, or inspect files.
Destination-router setup
- Define destinations explicitly when moving beyond the legacy fallback.
- Add routes only when default destinations are insufficient.
- Use route preview to confirm matches, readiness, approval, and blocked reasons.
- Keep non-GitHub destinations disabled until their adapters are implemented.
- Preserve
legacy-githubbehavior for old configs.
Security posture preparation
- Inventory agents, workflows, tools, sources, destinations, approvals, and tenant/workspace context.
- Add deterministic checks before adding controlled probes.
- Make probes authorized, bounded, and dry-run or sandboxed where possible.
- Export evidence to a customer-owned audit destination when assessing Tandem itself.