Skip to main content
Change Intelligence answers “what changed before this incident?” It collects deployment events from Kubernetes and CI/CD pipelines and surfaces them in the context of alerts and RCAs. Go to Changes in the sidebar.

How it works

Obsy tracks two types of change signals:
SourceWhat it captures
Kubernetes eventsPod restarts, deployment rollouts, config map changes, node events
CI/CD webhooksDeployment completions from GitHub Actions, GitLab CI, ArgoCD, Jenkins, or any CI/CD tool
Changes are correlated with alerts and incidents by:
  1. Timing — changes within 30 minutes before an alert get elevated relevance
  2. Service — changes to the same service as the affected one
  3. Namespace — changes in the same Kubernetes namespace
The RCA engine uses this correlation data as context for its analysis.

Kubernetes events (automatic)

Once a cluster is registered, Obsy’s Kubernetes watcher collects events automatically. No additional setup is needed. Events captured:
  • Deployment rollouts (new image, config change)
  • Pod crash loops and OOM kills
  • ConfigMap and Secret updates
  • Node pressure events (MemoryPressure, DiskPressure)
  • HPA scaling events

CI/CD webhooks

To capture deployment events from your CI/CD pipeline, send a POST to: 
POST /api/v1/changes
Authorization: Bearer {token}
Payload: 
{
  "service": "payment-service",
  "environment": "production",
  "version": "v2.4.1",
  "commit_sha": "abc123def456",
  "author": "jane@example.com",
  "description": "Add circuit breaker to DB calls",
  "ci_url": "https://github.com/myorg/payment-service/actions/runs/12345"
}

GitHub Actions example

Add this step at the end of your deploy job: 
- name: Notify Obsy of deployment
  run: |
    curl -X POST https://api.obsy.ai/api/v1/changes \
      -H "Authorization: Bearer ${{ secrets.OBSY_API_TOKEN }}" \
      -H "Content-Type: application/json" \
      -d '{
        "service": "${{ env.SERVICE_NAME }}",
        "environment": "production",
        "version": "${{ github.sha }}",
        "commit_sha": "${{ github.sha }}",
        "author": "${{ github.actor }}",
        "description": "${{ github.event.head_commit.message }}",
        "ci_url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
      }'
Get your API token from Settings → API tokens.

Viewing changes

The Changes page shows a timeline of all recent changes across all services. Filter by:
  • Service — show only changes to a specific service
  • Environment — production, staging, or development
  • Source — kubernetes or ci/cd
  • Time range — last hour, 24 hours, 7 days
Changes correlated with an open incident or recent alert are highlighted.

Changes in RCA

When an RCA runs, the AI receives a list of changes in the 30 minutes before the triggering alert. If a deployment is the likely root cause, the RCA summary will reference it directly, e.g.:
“The payment-service deployment v2.4.1 (deployed 14:32 UTC by Jane Smith) introduced a misconfigured connection pool limit, causing the subsequent cascade of 503 errors.”