versus-incident
Versus Incident is a self-hosted AI-powered SRE agent that automatically detects anomalies in system logs by learning normal patterns, then routes alerts to chat and on-call platforms. It can also accept webhooks from existing monitoring tools like Alertmanager and Grafana, providing a unified incident management layer.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | VersusControl/versus-incident |
| Owner | VersusControl |
| Primary language | Go |
| License | MIT — OSI-approved |
| Stars | 636 |
| Forks | 107 |
| Open issues | 12 |
| Latest release | v1.4.9 (2026-07-07) |
| Last updated | 2026-07-08 |
| Source | https://github.com/VersusControl/versus-incident |
What versus-incident is
Written in Go, Versus uses pattern mining and anomaly detection to analyze logs in training/shadow/detect modes. It integrates with Slack, Teams, Telegram, Lark, PagerDuty, and other platforms via REST API; Redis persists agent state; YAML configuration and Go templates allow customization.
Get the versus-incident source
Clone the repository and explore it locally.
git clone https://github.com/VersusControl/versus-incident.gitcd versus-incident# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Redis is required for agent operation and cursor persistence; ensure Redis is deployed and backed up alongside Versus.
- Start the agent in 'training' mode for 1–2 weeks before enabling 'detect' to build a reliable catalog of normal patterns.
- Provide the agent with log sources via agent_sources.yaml; supported sources should be clarified in full documentation.
- Custom Go templates can be used to reshape alert content; test templates with sample incidents before production rollout.
- Admin endpoints are protected by a shared gateway_secret; ensure this secret is rotated and stored securely (e.g., HashiCorp Vault).
When to avoid it — and what to weigh
- Require out-of-the-box managed service with SLA uptime guarantees — Versus is self-hosted; you own operation, updates, and uptime.
- Need native integration with proprietary monitoring backends without custom webhooks — Integration relies on webhook POST or log file/API access; some niche monitoring tools may require custom glue code.
- Want fully trained, production-ready AI models without tuning — The AI agent requires log data and a training period to establish baselines; effectiveness depends on log quality and configuration.
- Have minimal observability data or sparse log streams — Pattern learning and anomaly detection need sufficient historical data to establish reliable normal behavior.
License & commercial use
MIT License. Permissive OSI-approved license permits commercial use, modification, and redistribution with minimal restrictions. No warranty provided; users assume liability.
MIT license explicitly permits commercial use, including in proprietary applications and as a managed service. No license fee or per-user cost applies. Versus offers optional enterprise pricing (details not provided in data), likely for professional support or hosted options. Commercial users should verify enterprise support terms directly.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Clear |
| Deployment complexity | Moderate |
| DEV.co fit | Strong |
| Assessment confidence | High |
Gateway secret protects admin endpoints (/api/admin/*, /api/agent/*); must be strong and rotated. Redaction options can scrub passwords and bearer tokens from logs before processing. Redis should be protected from unauthorized access (credentials supported via env). Custom regex rules and log patterns may expose sensitive data if misconfigured. No third-party security audit, penetration test report, or vulnerability disclosure policy mentioned in data. Self-hosted model reduces cloud-provider data handling risk but increases operator responsibility.
Alternatives to consider
PagerDuty or Opsgenie (managed SaaS)
Fully managed incident and on-call platforms with global uptime SLA and native integrations. Trade off self-hosted control and cost for operational simplicity.
Prometheus + AlertManager + Grafana
Open-source observability stack with rule-based alerting. Lacks AI anomaly detection and unified multi-channel routing; requires more configuration.
Elastic Stack (ELK) with custom anomaly detection
Self-hosted log aggregation and analysis. Supports machine learning but requires significant engineering to replicate Versus's out-of-box incident workflow.
Build on versus-incident with DEV.co software developers
Deploy Versus Incident as a self-hosted agent on your logs, or integrate webhooks from your existing monitoring tools. Learn more on GitHub or start with the Getting Started guide.
Talk to DEV.coRelated on DEV.co
Explore the category and the services that help you build with it.
versus-incident FAQ
What log sources does the AI agent support?
Can I run Versus without Redis?
Does Versus store incident history long-term?
What is the license cost for production use?
Software developers & web developers for hire
From first prototype to production, DEV.co delivers software development services around tools like versus-incident. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across open-source devops and beyond.
Reduce alert fatigue with AI-powered incident detection.
Deploy Versus Incident as a self-hosted agent on your logs, or integrate webhooks from your existing monitoring tools. Learn more on GitHub or start with the Getting Started guide.