DEV.co
Open-Source DevOps · VersusControl

versus-incident

Versus Incident is a self-hosted AI-powered SRE agent that automatically detects anomalies in system logs by learning normal patterns, then routes alerts to chat and on-call platforms. It can also accept webhooks from existing monitoring tools like Alertmanager and Grafana, providing a unified incident management layer.

Source: GitHub — github.com/VersusControl/versus-incident
636
GitHub stars
107
Forks
Go
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
RepositoryVersusControl/versus-incident
OwnerVersusControl
Primary languageGo
LicenseMIT — OSI-approved
Stars636
Forks107
Open issues12
Latest releasev1.4.9 (2026-07-07)
Last updated2026-07-08
Sourcehttps://github.com/VersusControl/versus-incident

What versus-incident is

Written in Go, Versus uses pattern mining and anomaly detection to analyze logs in training/shadow/detect modes. It integrates with Slack, Teams, Telegram, Lark, PagerDuty, and other platforms via REST API; Redis persists agent state; YAML configuration and Go templates allow customization.

Quickstart

Get the versus-incident source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/VersusControl/versus-incident.gitcd versus-incident# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Reducing alert fatigue with ML-based anomaly detection

Deploy the AI SRE agent on existing log streams; it learns baseline patterns and surfaces only genuinely new errors, eliminating noisy threshold-based alerts.

Centralizing alerts from multiple monitoring sources

Accept webhooks from Alertmanager, Grafana, Sentry, and other tools; standardize routing, templating, and escalation to Slack, PagerDuty, and on-call platforms in one place.

Building incident workflows without third-party SaaS lock-in

Self-hosted MIT-licensed platform gives full control over incident data, templates, and integrations; no recurring per-seat fees or cloud dependency.

Implementation considerations

  • Redis is required for agent operation and cursor persistence; ensure Redis is deployed and backed up alongside Versus.
  • Start the agent in 'training' mode for 1–2 weeks before enabling 'detect' to build a reliable catalog of normal patterns.
  • Provide the agent with log sources via agent_sources.yaml; supported sources should be clarified in full documentation.
  • Custom Go templates can be used to reshape alert content; test templates with sample incidents before production rollout.
  • Admin endpoints are protected by a shared gateway_secret; ensure this secret is rotated and stored securely (e.g., HashiCorp Vault).

When to avoid it — and what to weigh

  • Require out-of-the-box managed service with SLA uptime guarantees — Versus is self-hosted; you own operation, updates, and uptime.
  • Need native integration with proprietary monitoring backends without custom webhooks — Integration relies on webhook POST or log file/API access; some niche monitoring tools may require custom glue code.
  • Want fully trained, production-ready AI models without tuning — The AI agent requires log data and a training period to establish baselines; effectiveness depends on log quality and configuration.
  • Have minimal observability data or sparse log streams — Pattern learning and anomaly detection need sufficient historical data to establish reliable normal behavior.

License & commercial use

MIT License. Permissive OSI-approved license permits commercial use, modification, and redistribution with minimal restrictions. No warranty provided; users assume liability.

MIT license explicitly permits commercial use, including in proprietary applications and as a managed service. No license fee or per-user cost applies. Versus offers optional enterprise pricing (details not provided in data), likely for professional support or hosted options. Commercial users should verify enterprise support terms directly.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityModerate
DEV.co fitStrong
Assessment confidenceHigh
Security considerations

Gateway secret protects admin endpoints (/api/admin/*, /api/agent/*); must be strong and rotated. Redaction options can scrub passwords and bearer tokens from logs before processing. Redis should be protected from unauthorized access (credentials supported via env). Custom regex rules and log patterns may expose sensitive data if misconfigured. No third-party security audit, penetration test report, or vulnerability disclosure policy mentioned in data. Self-hosted model reduces cloud-provider data handling risk but increases operator responsibility.

Alternatives to consider

PagerDuty or Opsgenie (managed SaaS)

Fully managed incident and on-call platforms with global uptime SLA and native integrations. Trade off self-hosted control and cost for operational simplicity.

Prometheus + AlertManager + Grafana

Open-source observability stack with rule-based alerting. Lacks AI anomaly detection and unified multi-channel routing; requires more configuration.

Elastic Stack (ELK) with custom anomaly detection

Self-hosted log aggregation and analysis. Supports machine learning but requires significant engineering to replicate Versus's out-of-box incident workflow.

Software development agency

Build on versus-incident with DEV.co software developers

Deploy Versus Incident as a self-hosted agent on your logs, or integrate webhooks from your existing monitoring tools. Learn more on GitHub or start with the Getting Started guide.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

versus-incident FAQ

What log sources does the AI agent support?
Not clearly specified in data. README mentions agent_sources.yaml configuration file; full list of supported sources (files, APIs, streaming services, etc.) requires documentation review.
Can I run Versus without Redis?
No. Redis is explicitly required for the agent to persist source cursors and patterns across restarts. Webhook-only mode (agent disabled) may have lower Redis dependency, but this is not confirmed.
Does Versus store incident history long-term?
Yes. Storage configuration includes a rolling incident cap (default 1000); only file-based storage is implemented. Redis and database backends are stubs (not yet coded).
What is the license cost for production use?
MIT license is free. Optional enterprise pricing exists but terms are not detailed in data; contact VersusControl directly for commercial support options.

Software developers & web developers for hire

From first prototype to production, DEV.co delivers software development services around tools like versus-incident. Our software development agency staffs experienced software developers and web developers for custom software development, web development, integrations, and ongoing support across open-source devops and beyond.

Reduce alert fatigue with AI-powered incident detection.

Deploy Versus Incident as a self-hosted agent on your logs, or integrate webhooks from your existing monitoring tools. Learn more on GitHub or start with the Getting Started guide.