DEV.co
Open-Source DevOps · StackStorm

st2

StackStorm is an event-driven automation platform that connects tools and services to automatically respond to operational events. It provides a rules engine, workflow orchestration, 160+ integration packs, and ChatOps capabilities for DevOps and SRE teams to automate remediation, incident response, and deployments.

Source: GitHub — github.com/StackStorm/st2
6.5k
GitHub stars
785
Forks
Python
Primary language
Apache-2.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
RepositoryStackStorm/st2
OwnerStackStorm
Primary languagePython
LicenseApache-2.0 — OSI-approved
Stars6.5k
Forks785
Open issues601
Latest releasev3.9.0 (2026-01-12)
Last updated2026-02-19
Sourcehttps://github.com/StackStorm/st2

What st2 is

StackStorm is a microservice-based Python platform that uses sensors to ingest events from external systems, applies rules to trigger actions or workflows, and maintains an audit trail. It exposes a REST API, CLI, and web UI, scaling horizontally via a message bus architecture with pluggable content organized into packs.

Quickstart

Get the st2 source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/StackStorm/st2.gitcd st2# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Automated incident response and remediation

Trigger diagnostic workflows and corrective actions in response to monitoring alerts from Nagios, Sensu, or New Relic without manual intervention; escalate to on-call teams if workflows fail.

Multi-step operational automation as code

Define complex, multi-action operational patterns (e.g., continuous deployment, infrastructure provisioning, service orchestration) as versioned workflows and rules stored in source control.

ChatOps and event-driven integration hub

Unify command execution and automation across fragmented toolchains (monitoring, ticketing, cloud, compute) via Slack/chat interfaces and a central event bus that reduces manual context-switching.

Implementation considerations

  • Requires a clean 64-bit Linux host; review system requirements at https://docs.stackstorm.com/install/system_requirements.html before deployment.
  • Design and version control rules, workflows, and custom packs as code in Git to leverage the collaboration model; pack structure is critical for scaling.
  • Audit trail and action execution logging must be integrated with your logging/SIEM pipeline (LogStash, Splunk, syslog) for compliance and troubleshooting.
  • Plan for horizontal scaling: StackStorm is microservice-based and communicates via a message bus; ensure your infrastructure supports this architecture.
  • Evaluate the 160+ pre-built packs on StackStorm Exchange, but budget time to develop and test custom sensors and actions for proprietary systems.

When to avoid it — and what to weigh

  • Simple point-to-point integrations — If you need only one-off webhook or API connections between two systems, StackStorm's full microservice deployment overhead is likely excessive; consider simpler webhooks or iPaaS.
  • No existing Python or Linux infrastructure expertise — StackStorm requires Linux deployment, Python plugin development capability, and operational comfort with microservices (message bus, sensors, actions); teams without these skills may face onboarding friction.
  • Strict Windows-only environments — Installer and core platform require 64-bit Linux; no native Windows support stated. Windows-based teams would need Linux VMs or containers.
  • Light-touch, fully managed SaaS requirements — StackStorm is self-hosted and requires operational ownership; no serverless or fully managed cloud offering is mentioned. Teams seeking minimal DevOps overhead should consider SaaS alternatives.

License & commercial use

Licensed under Apache License 2.0 (Apache-2.0), a permissive OSI-approved license allowing commercial use, modification, and distribution with limited liability.

Apache-2.0 permits commercial use and redistribution; however, no explicit commercial support, SLAs, or vendor indemnification are stated in the provided data. For production deployments with SLA requirements, verify commercial support offerings and indemnification terms directly with the vendor or community.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationStrong
License clarityClear
Deployment complexityModerate
DEV.co fitStrong
Assessment confidenceHigh
Security considerations

Project maintains a private security reporting process ([email protected], 48-hour response target). CII Best Practices badge and codecov integration suggest ongoing code quality and testing practices. As a self-hosted automation platform with broad system access (SSH actions, API calls, webhook ingestion), operator responsibility for credential management, network isolation, RBAC, and audit logging is critical. No mention of encryption in transit/at-rest, secrets management integration, or compliance frameworks in provided data; review https://docs.stackstorm.com/latest/security.html for details.

Alternatives to consider

Airflow (Apache)

Workflow orchestration and DAG-based scheduling, but optimized for batch/data pipelines rather than event-driven operational automation; less emphasis on ChatOps and real-time incident response.

Kubernetes operators + Helm charts

Declarative, code-driven automation for cloud-native infrastructure, but narrower scope (Kubernetes-centric); requires Kubernetes expertise and is less suited for legacy system orchestration.

Zapier / Make / IFTTT (SaaS iPaaS)

Simpler, no-code integration and automation across SaaS tools; lower operational overhead but limited on-premise tool support, lower throughput, and vendor lock-in.

Software development agency

Build on st2 with DEV.co software developers

Explore StackStorm's documentation, join the community Slack, or review the 160+ integration packs on StackStorm Exchange to assess fit for your DevOps and SRE use cases.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

st2 FAQ

Can I use StackStorm for incident response automation?
Yes; StackStorm is designed for auto-remediation and incident response. Rules trigger workflows on monitoring alerts, diagnostic actions run in parallel, and workflow failures can escalate to PagerDuty or on-call teams.
What are packs and how do I create custom ones?
Packs are units of content (integrations, rules, workflows) shared and deployed together. Users can create custom packs with Python sensors/actions and YAML rules/workflows, version them in Git, and share on GitHub or the StackStorm Exchange. See https://docs.stackstorm.com for pack authoring.
Does StackStorm support Windows or cloud-only deployment?
No Windows native support; core platform requires 64-bit Linux. Cloud deployment is self-hosted (e.g., on AWS EC2, OpenStack instances); no fully managed SaaS offering is documented.
What Python versions are supported?
Badge indicates Python 3.6 and 3.8 support; exact current support matrix requires review of latest documentation or CHANGELOG.

Software developers & web developers for hire

Adopting st2 is usually one piece of a larger software development effort. As a software development agency, DEV.co provides software development services and web development expertise — pairing senior software developers and web developers with your team to design, build, and operate open-source devops software in production.

Ready to automate your operational workflows?

Explore StackStorm's documentation, join the community Slack, or review the 160+ integration packs on StackStorm Exchange to assess fit for your DevOps and SRE use cases.