5 mins in Scoutflo

This guide will walk you through your first RCA investigations and help you understand how Scoutflo transforms incident response from reactive troubleshooting to proactive problem-solving.

Before You Begin

Scoutflo works with your real infrastructure and incidents. To get started, you'll need to:

• Complete Integration Setup - Integrations

• Have recent incidents or alerts to investigate

---

Your First 30 Minutes with Scoutflo

Follow these progressive steps to master Scoutflo's investigative capabilities:

1

Ask Your First Question

Start with simple queries to understand your environment and recent incidents.

Try these examples:

• "What services had errors in the last 24 hours?"

• "Show me all alerts from our payment system this week"

• "What deployments happened before our last major incident?"

Scoutflo understands natural language, so you don't need to learn query syntax or remember specific field names. Just ask what you want to know.

2

Start Your First Investigation

Run a simple root cause analysis on a recent incident or ongoing issue.

Pick a recent alert or incident and try:

• "Investigate the API latency spike at 2:30 PM yesterday"

• "Why did our checkout service fail this morning?"

• "Analyze the database connection errors from last night"

Scoutflo automatically correlates:

• Infrastructure events (deployments, scaling, failures)

• Application logs and metrics

• External dependencies and third-party services

• Historical patterns and anomalies

3

Dive Deep with Advanced Analysis

Try these advanced scenarios:

Cross-service analysis:

• "Compare error rates between our API and database during the incident"

• "Show me how the payment service failure affected downstream services"

• "Analyze the cascade effect from the load balancer restart"

Anomaly detection:

• "What's different about today's error patterns compared to last week?"

• "Find unusual patterns in our microservices communication"

• "Detect performance anomalies in our critical path services"

4

Explore Investigation History

Learn from past investigations and build institutional knowledge:

• Browse your Investigation Timeline to see resolved cases

• Review Playbooks created from successful investigations

• Check Recurring Issues that need permanent fixes

Click on any past investigation to see:

• Complete timeline of the incident

• Root cause determination process

• Resolution steps taken

• Lessons learned and prevention measures

---

Pro Tips for Effective RCA

• Be specific: instead of "check errors," try "analyze 500 errors in user authentication service between 9–11 AM"

• Think systematically: ask follow-ups like "what changed before this incident?" or "which dependencies were affected?"

• Iterate conversationally: build on previous queries — "now check if that deployment caused the memory issues"

• Use time context: reference specific time ranges, especially around known incidents or deployments

• Explore relationships: ask about upstream/downstream impacts and cross-service dependencies

---

What's Next?

Ready to investigate your real incidents?

Additional Resources

• Playbook Templates — Pre-built investigation workflows

• Integration Guides — Connect more data sources

• Advanced Queries — Master complex investigation techniques

• Team Collaboration — Share findings and build knowledge

Ready to transform your incident response? Start investigating with Scoutflo and turn every incident into actionable insights.