stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
7211d9bf4899e050b4072c39ad4b01162c9eb4ed
git.stella-ops.org/docs/features/checked/cli/incident-response-cli.md
master e9aeadc040 save checkpoint
2026-02-14 09:11:48 +02:00

2.2 KiB
Raw Blame History

Incident Response CLI

Module

Cli

Status

VERIFIED

Description

CLI commands for incident response lifecycle management. Users can start incident mode with severity/scope/description (auto-creates evidence holds and sends notifications), view incident status with timeline, end incidents with resolution notes and optional evidence hold release/report generation, and list all incidents filtered by status.

Implementation Details

  • Command Group: src/Cli/StellaOps.Cli/Commands/IncidentCommandGroup.cs -- IncidentCommandGroup for stella incident commands
  • IR Commands: src/Cli/StellaOps.Cli/Commands/Ir/IrCommandGroup.cs -- incident response operations
  • Commands:
    • stella incident start --severity <level> --scope <scope> --description <text> -- start incident mode (auto-creates evidence holds, sends notifications)
    • stella incident status <incident-id> -- view incident status with timeline
    • stella incident end <incident-id> --resolution <text> -- end incident. Options: --release-holds, --generate-report
    • stella incident list -- list incidents. Options: --status open|closed|all

E2E Test Plan

  • Run stella incident start --severity critical --scope "production" --description "CVE-2024-1234 exploited" and verify incident created
  • Verify evidence holds auto-created on incident start
  • Verify notifications sent on incident start
  • Run stella incident status <id> and verify timeline displayed
  • Run stella incident end <id> --resolution "Patched" --release-holds --generate-report and verify incident closed
  • Run stella incident list --status open and verify open incidents listed
  • Verify --format json output

Verification

  • Verified: 2026-02-13T15:30:00Z
  • Tier 0 (Source): pass -- all referenced source files exist on disk
  • Tier 1 (Build): pass -- module builds cleanly, 412 tests pass in StellaOps.Cli.Commands.Tests
  • Tier 2d (Integration): pass -- targeted integration tests confirm behavioral correctness
  • Test Project: src/Cli/__Tests/StellaOps.Cli.Commands.Tests/StellaOps.Cli.Commands.Tests.csproj
  • Evidence: docs/qa/feature-checks/runs/cli/incident-response-cli/run-001/tier2-integration-check.json