InariWatch Docs

Web dashboard

The web dashboard is the fastest way to get started — no install, no card required. Sign up, connect your first integration, and InariWatch starts monitoring in minutes.

1. 1

   Create an account

   Go to inariwatch.com/register and sign up with GitHub or email.
2. 2

   Create a project

   A project groups your integrations and alerts. Give it the name of your app or service.
3. 3

   Connect an integration

   Go to Integrations and connect GitHub, Vercel, or Sentry. See the integration guides below for exactly which token to use.
4. 4

   (Optional) Add your AI key

   Go to Settings → AI analysis and paste your API key. See AI setup for all supported providers.

Local CLI

The CLI runs entirely on your machine — no account needed, data stays local. It's the best option if you prefer a terminal workflow or want zero cloud dependency.

curl -fsSL https://get.inariwatch.com | sh

1. 1

   Create a project

   inariwatch init — walks you through creating a local project interactively.
2. 2

   Add an integration

   inariwatch add github — prompts for your token and owner. Repeat for vercel, sentry, etc.
3. 3

   (Optional) Set an AI key

   inariwatch config --ai-key sk-ant-... — enables AI correlation and auto-remediation in the watch loop.
4. 4

   Start watching

   inariwatch watch — polls every 60s, correlates events, and sends Telegram alerts if configured.

CLI — Installation

The CLI is a single Rust binary with no runtime dependencies.

curl -fsSL https://get.inariwatch.com | sh

irm https://get.inariwatch.com/install.ps1 | iex

git clone https://github.com/orbita-pos/inariwatch
cd inariwatch/cli
cargo build --release
# binary at: ./target/release/inariwatch

After installing, run inariwatch --help to confirm it works. On Linux/macOS the binary is placed in ~/.local/bin/inariwatch. On Windows it installs to %USERPROFILE%\.inariwatch\bin and is added to your user PATH automatically.

CLI — Commands

CLI — Configuration

The CLI stores all config in two files:

[global]
ai_key    = "sk-ant-..."
ai_model  = "claude-haiku-4-5-20251001"
auto_fix  = false   # enable autonomous fix pipeline on critical alerts
auto_merge = false  # auto-merge PRs when all safety gates pass

[[projects]]
name = "my-app"
slug = "my-app"
path = "/home/you/projects/my-app"

[projects.integrations.github]
token         = "ghp_..."
repo          = "my-org/my-app"
stale_pr_days = 2

[projects.integrations.vercel]
token      = "..."
project_id = "prj_..."
team_id    = "team_..."   # optional

[projects.integrations.sentry]
token   = "..."
org     = "my-org"
project = "my-project"

[projects.notifications.telegram]
bot_token = "123456:ABC-..."
chat_id   = "987654321"

CLI — Daemon

Run InariWatch as a background service so it monitors your project 24/7 — even when your terminal is closed. It registers as a systemd user service on Linux, a launchd agent on macOS, and a Task Scheduler task on Windows.

inariwatch daemon install   # register and enable the service
inariwatch daemon start     # start immediately
inariwatch daemon stop      # stop the service
inariwatch daemon status    # check if running + tail recent logs
inariwatch daemon uninstall # remove the service

Logs are written to ~/.inariwatch/daemon.log on all platforms. The daemon runs inariwatch watch in the background — any config you set with inariwatch config applies to it automatically.

CLI — Auto-fix & Auto-merge

When auto_fix is enabled, every critical alert automatically triggers the full AI remediation pipeline: diagnose → read code → generate fix → self-review → push branch → wait CI → open PR. No human needed until the PR appears.

inariwatch config --auto-fix true    # enable autonomous fix pipeline
inariwatch config --auto-merge true  # also merge PRs when all safety gates pass

auto_merge requires auto_fix to be enabled. Even then, a PR is only merged when all 5 safety gates pass: CI green, confidence ≥ 90%, self-review score ≥ 70, lines changed ≤ 50, and trust level ≥ Apprentice.

CLI — MCP Server

InariWatch exposes an MCP (Model Context Protocol) server that gives your AI editor direct access to your alerts, integrations, and infrastructure actions — without leaving your code. Works with Claude Code, Cursor, Windsurf, VS Code, and any MCP-compatible client.

The MCP server has two tiers of tools: read tools to query alerts and run checks, and action tools that let the AI autonomously fix issues, roll back deploys, and silence alerts.

Connecting to your editor

Add InariWatch to your .mcp.json (project-level) or your editor's global MCP config:

{
  "mcpServers": {
    "inariwatch": {
      "command": "inariwatch",
      "args": ["serve-mcp"]
    }
  }
}

For Cursor: Settings → MCP → Add server → paste the config above.
For Claude Code: save as .mcp.json in your project root or ~/.claude/settings.json globally.
Then reload your editor — InariWatch starts automatically when the AI needs it.

Available tools

CLI — Rollback

When a bad deploy reaches production, inariwatch rollback vercel gives you an interactive list of your last 10 successful deployments so you can pick one and restore it in seconds.

inariwatch rollback vercel

Fetching recent successful deployments for my-app…
? Roll back to which deployment?
> dpl_abc123 a1b2c3d (main) — fix: remove debug log — 2h ago
  dpl_def456 e4f5g6h (main) — feat: add dark mode  — 5h ago
  dpl_ghi789 i7j8k9l (main) — chore: bump deps     — 1d ago

  Deploy:  dpl_abc12345
  Branch:  main
  Commit:  a1b2c3d
  URL:     https://my-app.vercel.app

? Confirm rollback to production? (y/N) y
Rolling back…
✓ Rollback triggered!
  Live at: https://my-app.vercel.app

Integration — GitHub

InariWatch uses a GitHub Personal Access Token (classic or fine-grained) to monitor CI runs, PRs, and commits.

Getting a token

1. 1

   Go to GitHub → Settings → Developer settings → Personal access tokens

   github.com/settings/tokens
2. 2

   Create a new token (classic)

   Click Generate new token → Classic.
3. 3

   Select scopes

   Scope	Why
   repo	Read CI runs, PRs, and commits on private repos
   read:org	Read org membership (if monitoring an org)
   read:user	Identify the token owner for auto-detection

4. 4

   Copy the token

   The token starts with ghp_. Paste it into InariWatch.

What InariWatch monitors

Integration — Vercel

InariWatch monitors your Vercel deployments and can trigger instant rollbacks on production failures.

Getting a token

1. 1

   Open Vercel → Account Settings → Tokens

   vercel.com/account/tokens
2. 2

   Create a token

   Give it a name like inariwatch. No expiry is easiest for long-term monitoring.
3. 3

   (Optional) Find your Team ID

   Go to your Vercel team → Settings. The team ID is shown as team_.... Leave blank if you're on a personal account.

What InariWatch monitors

Integration — Sentry

InariWatch polls Sentry every 5 minutes for new issues and regressions in your projects.

Getting a token

1. 1

   Open Sentry → Settings → Auth Tokens

   sentry.io/settings/account/api/auth-tokens
2. 2

   Create an internal integration token

   Permission	Access
   Issues & Events	Read
   Project	Read
   Organization	Read

3. 3

   Find your org slug

   It's in the URL of your Sentry dashboard: sentry.io/organizations/my-org/

What InariWatch monitors

Integration — Uptime

Uptime monitoring checks your HTTP endpoints at every poll interval and alerts if they return a non-2xx status or respond slower than your threshold.

In the web dashboard, go to Integrations → Uptime → Configure and add your endpoints. Each endpoint has a URL and an optional response time threshold in milliseconds.

Integration — PostgreSQL

InariWatch connects to your PostgreSQL database and monitors for health issues without storing your data.

You only need a read-only connection string. InariWatch runs read-only diagnostic queries — it never writes to your database.

postgresql://user:password@host:5432/dbname?sslmode=require

CREATE USER inariwatch WITH PASSWORD 'your-password';
GRANT CONNECT ON DATABASE your_db TO inariwatch;
GRANT USAGE ON SCHEMA public TO inariwatch;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO inariwatch;

Integration — npm / Cargo

InariWatch audits your package.json or Cargo.toml for known vulnerabilities using the npm and RustSec advisory databases.

Provide a public URL to your manifest file. For private repos, use a raw GitHub URL with a Personal Access Token in the request (paste the full URL including auth).

# npm
https://raw.githubusercontent.com/my-org/my-app/main/package.json

# Cargo
https://raw.githubusercontent.com/my-org/my-app/main/Cargo.toml

Integration — Datadog

InariWatch receives alerts from Datadog monitors via webhooks. When your Datadog monitor triggers (log anomaly, infrastructure spike, APM error), InariWatch creates an alert and optionally runs AI remediation — bridging the gap between detection and resolution.

Getting your keys

1. 1

   Open Datadog → Organization Settings → API Keys

   app.datadoghq.com/organization-settings/api-keys
2. 2

   Copy your API Key

   This is your organization's API key. It starts with a hex string.
3. 3

   Create an Application Key

   Go to Application Keys tab and create a new key. Give it a name like inariwatch. Copy the key — it's only shown once.
4. 4

   Connect in InariWatch

   Go to Integrations → Datadog → Connect. Paste both keys. InariWatch validates your API key automatically.

Setting up the webhook

After connecting, InariWatch generates a unique Webhook URL for your project. You need to configure this URL in Datadog so monitors can send alerts to InariWatch.

1. 1

   Copy the Webhook URL from InariWatch

   It's shown under the Datadog integration card after connecting. Looks like: https://app.inariwatch.com/api/webhooks/datadog/your-integration-id
2. 2

   Open Datadog → Integrations → Webhooks

   app.datadoghq.com/integrations/webhooks
3. 3

   Create a new webhook

   Name it inariwatch, paste the Webhook URL, and leave the payload as the default JSON. Click Save.
4. 4

   Add the webhook to your monitors

   Edit any Datadog monitor → Notify your team section → type @webhook-inariwatch. Now that monitor will alert InariWatch when it fires.

What InariWatch receives

AI setup — Overview (BYOK)

InariWatch uses a Bring Your Own Key model. Your API key goes directly from your browser to your AI provider — InariWatch never stores or proxies it (except for saving the key reference in your account so you don't have to re-enter it).

Adding an AI key unlocks:

• AI root cause analysis on any alert
• AI code remediation — writes the fix, pushes a branch, waits for CI, opens a PR
• Pre-deploy PR risk scoring (GitHub integration required)
• Auto post-mortems when an incident is resolved
• Alert correlation — groups related alerts into one incident
• Ask Inari — chat with your live monitoring data

AI — Claude (Anthropic)

Claude is the recommended provider — InariWatch's AI features are tuned for Claude's output style.

1. 1

   Create an API key

   console.anthropic.com/settings/keys
2. 2

   Copy the key

   Starts with sk-ant-api03-...
3. 3

   Paste into InariWatch

   Settings → AI analysis → Add key → Select Claude.

inariwatch config --ai-key sk-ant-api03-... --model claude-sonnet-4-5-20251022

AI — OpenAI

1. 1

   Create an API key

   platform.openai.com/api-keys
2. 2

   Copy the key

   Starts with sk-proj-... (new format) or sk-... (legacy).
3. 3

   Paste into InariWatch

   Settings → AI analysis → Add key → Select OpenAI.

inariwatch config --ai-key sk-proj-... --model gpt-4o

AI — Grok (xAI)

1. 1

   Create an API key

   console.x.ai
2. 2

   Copy the key

   Starts with xai-...
3. 3

   Paste into InariWatch

   Settings → AI analysis → Add key → Select Grok.

inariwatch config --ai-key xai-... --model grok-beta

AI — DeepSeek

1. 1

   Create an API key

   platform.deepseek.com/api_keys
2. 2

   Copy the key

   Starts with sk-...
3. 3

   Paste into InariWatch

   Settings → AI analysis → Add key → Select DeepSeek.

inariwatch config --ai-key sk-... --model deepseek-chat

AI — Gemini (Google)

1. 1

   Create an API key

   aistudio.google.com/app/apikey
2. 2

   Copy the key

   Starts with AIza...
3. 3

   Paste into InariWatch

   Settings → AI analysis → Add key → Select Gemini.

inariwatch config --ai-key AIza... --model gemini-2.0-flash

Notifications — Telegram

Telegram is supported in both the CLI and the web dashboard. It's the fastest setup — no server, no webhook config.

1. 1

   Create a Telegram bot

   Open Telegram → search @BotFather → send /newbot. Copy the token it gives you.
2. 2

   Find your chat ID

   Send a message to your bot, then open: https://api.telegram.org/bot<TOKEN>/getUpdates. The chat.id field is your ID.
3. 3

   Connect in InariWatch

   Web: Settings → Notification channels → Telegram. CLI: inariwatch connect telegram.

inariwatch connect telegram
# Prompts for bot token and chat ID

Notifications — Email

Email delivery is handled by InariWatch — you just provide your address. Critical alerts are sent immediately; warning and info alerts are batched into a daily digest.

1. 1

   Go to Settings → Notification channels → Email

   Enter your email address and click Send verification.
2. 2

   Verify your address

   Click the link in the verification email. Alerts won't send until verified.
3. 3

   Set minimum severity (optional)

   You can filter to Critical only to reduce noise.

Notifications — Slack

1. 1

   Create an Incoming Webhook in Slack

   api.slack.com/apps → Create App → From scratch → Incoming Webhooks → Add new webhook to workspace.
2. 2

   Select a channel

   Choose the channel where alerts should appear (e.g. #incidents). Copy the webhook URL.
3. 3

   Paste into InariWatch

   Settings → Notification channels → Slack → paste the webhook URL.

Notifications — Push (browser)

Browser push sends OS-level notifications to your desktop or mobile browser — no app needed.

1. 1

   Go to Settings → Notification channels → Push

   Click Enable push notifications.
2. 2

   Allow browser permissions

   Your browser will prompt to allow notifications. Click Allow.
3. 3

   Done

   InariWatch will send a test notification immediately to confirm it works.

Notifications — On-Call Schedules

InariWatch allows you to configure timezone-aware daily on-call rotations for your team. Instead of paging the entire team with critical alerts, Escalation Rules can dynamically route the notification to the specific developer currently on-call.

1. 1

   Go to your Project → On-Call Schedule

   Click Add schedule and set your project's timezone.
2. 2

   Add members to slots

   Select a user and choose their day and hour ranges (e.g. Mon-Fri, 09:00-17:00).
3. 3

   Enable in Escalation Rules

   Escalation rules will automatically use the on-call schedule before falling back to fixed channels.

Notifications — Schedule Overrides

Schedule Overrides let you temporarily replace the on-call person without modifying the base rotation. Perfect for sick days, vacations, or emergencies.

1. 1

   Go to your Project → On-Call Schedule

   Find the schedule you want to override.
2. 2

   Click 'Add Override'

   Select the substitute user and choose a start and end date/time.
3. 3

   Done

   During the override window, the substitute receives all escalation notifications instead of the original on-call person.

Notifications — Incident Storm Control

When a major infrastructure failure occurs (e.g. database crash), dozens of monitors can trigger simultaneously. Without grouping, the on-call engineer gets 50 notifications in seconds — causing alert fatigue and panic.

Incident Storm Control detects when more than 5 alerts arrive for the same project within a 5-minute window. Instead of sending individual notifications, InariWatch groups them into a single "Incident Storm" message:

🚨 [INCIDENT STORM] 14 alerts detected in 5 min
Project: my-production-app

Likely a cascading failure.
Resolve the root cause — all grouped alerts will clear together.

Notifications — Interactive ACK

When InariWatch sends a critical alert to Telegram, the message includes interactive inline buttons that let you take action directly from your phone:

• 👁️ Acknowledge — Stops the escalation timer. Your team knows you're looking at it.
• ✅ Resolve — Marks the alert as resolved. No more follow-up notifications.
• 🔇 Snooze 30m — Silences the alert for 30 minutes, then re-alerts if still unresolved.

Desktop app — Setup & token

The InariWatch desktop app is a lightweight tray app that polls your account in the background and shows OS notifications — even when you're not in the browser.

1. 1

   Download the desktop app

   Download the installer for your OS from the releases page. Supports macOS, Windows, and Linux.
2. 2

   Generate a desktop token

   Go to Settings → Desktop app → Generate token. This creates a token starting with rdr_....
3. 3

   Add the token to the config file

   Create or edit ~/.config/inari/desktop.toml with the values below.
4. 4

   Start the app

   The tray icon appears (◉). Alerts will show as OS notifications. Click the icon to open the dashboard.

Desktop app — desktop.toml

api_url   = "https://inariwatch.com"
api_token = "rdr_your_token_here"

The app polls /api/desktop/alerts every 60 seconds using this token. Alerts are shown as OS notifications and marked as read in the dashboard.

Reference — Alert types & severity

Deduplication

Before creating a new alert, InariWatch checks whether an open, unresolved alert with the same title already exists for the same project within the last 24 hours. If one does, the new alert is silently dropped — you won't get spammed by the same event.

To force a new alert (e.g. after resolving), mark the existing alert as Resolved first.

Reference — REST API

InariWatch exposes one public REST endpoint — used by the desktop app and any custom tooling.

GET /api/desktop/alerts

Returns the most recent unread alerts for the authenticated user.

GET /api/desktop/alerts
Authorization: Bearer rdr_your_token_here

{
  "alerts": [
    {
      "id":          "uuid",
      "title":       "CI failing on main",
      "severity":    "critical",
      "isResolved":  false,
      "createdAt":   "2025-03-17T03:12:00Z",
      "sourceIntegrations": ["github"]
    }
  ]
}