Detect incidents and coordinate response actions across on-call tools.
Incident response workflows detect failure signals and coordinate the actions needed to contain, investigate, and resolve operational incidents. Templates range from simple PagerDuty-to-Slack bridges that notify on-call engineers to multi-step runbooks that isolate affected services, create a war room channel, pull relevant logs, and post a timeline update — all without human intervention in the first minutes. Complexity tiers reflect automation depth: simple workflows forward an alert to a communication channel; intermediate builds add severity-based routing and acknowledgment tracking; advanced workflows orchestrate multi-system remediation sequences with rollback logic and post-incident report generation. Because incident response is time-critical, Demand Score here is a strong indicator of operational pain — builders who view these templates are actively trying to reduce mean time to resolution. Free members see structural and timing data. Paid members see ranked demand scores showing which incident patterns and toolchain combinations are most actively sought.
Showing 1–50 of 52 templates, ordered by views
Automate customer support issue resolution using AI text classifier
This n8n template is designed to assist and improve customer support team member capacity by automating the resolution of long-lived and for…
View on n8n.io →Weekly Shodan query - report accidents
This n8n workflow, which runs every Monday at 5:00 AM, initiates a comprehensive process to monitor and analyze network security by scrutini…
View on n8n.io →Automate support ticket triage and resolution with JIRA and AI
This n8n template automates triaging of newly opened support tickets and issue resolution via JIRA. If your organisation deals with a large…
View on n8n.io →Suspicious login detection
This n8n workflow is designed for security monitoring and incident response when suspicious login events are detected. It can be initiated e…
View on n8n.io →Monitor security advisories
This n8n workflow automates the monitoring and notification of Palo Alto Networks security advisories. It is triggered manually from within…
View on n8n.io →Automated URL phishing & threat analysis with NixGuard AI
Stop manually checking suspicious links. This free n8n workflow provides the foundation for a powerful, automated URL analysis pipeline. Usi…
View on n8n.io →Analyze CrowdStrike detections - Search for IOCs in VirusTotal - Create a ticket in Jira, and post a message in Slack
This n8n workflow automates the handling of security detections from CrowdStrike, streamlining incident response and notification processes.…
View on n8n.io →Analyze suspicious email contents with ChatGPT Vision
Phishing Email Detection and Reporting with n8n Who is this for? This workflow is designed for IT teams, security professionals, and manage…
View on n8n.io →ServiceNow incident notifications to Slack workflow
Who is this for? This workflow is ideal for IT operations teams or system administrators who use ServiceNow to track incidents and Slack fo…
View on n8n.io →Manage custom incident response in PagerDuty and Jira
This workflow automatically follows the steps in a custom incident response playbook and manages incidents in PagerDuty, Jira tickets, and n…
View on n8n.io →Incident response workflow - Part 3
This workflow is the third of three. You can find the other workflkows here: 1. [Incident Response Workflow - Part 1](https://n8n.io/workfl…
View on n8n.io →Notify user in Slack of quarantined email and create Jira ticket if opened
This n8n workflow serves as an incident response and notification system for handling potentially malicious emails flagged by Sublime Securi…
View on n8n.io →Auto-assign support tickets with JIRA, Supabase and AI
This n8n template builds a simple automation to ensure no JIRA issues go unassigned for more than a week to prevent them falling through the…
View on n8n.io →Incident response workflow - part 2
This workflow is the second of three. You can find the other workflkows here: 1. [Incident Response Workflow - Part 1](https://n8n.io/workf…
View on n8n.io →Automate free IP analysis: NixGuard AI summaries & Wazuh integration
Supercharge Your Security Operations for Free Stop wasting time manually investigating suspicious IP addresses. This workflow template is y…
View on n8n.io →Automate Wazuh alert triage and reporting with GPT-4o-mini and Telegram
🚨Are alert storms overwhelming your Security Operations workflows? This n8n workflow supercharges your SOC by fully automating triage, ana…
View on n8n.io →Automate security alert triage with NixGuard AI and route to Slack or Jira
Are you drowning in a sea of security notifications? Do your analysts spend more time sifting through low-level logs than investigating real…
View on n8n.io →Monitor authentication IPs from SaaS alerts & email reports via SMTP2Go
Collect and Email Authentication IP Addresses from SaaS Alerts (Last 24 Hours) Description This n8n workflow automates the process of col…
View on n8n.io →Manage incident reporting in PagerDuty and CrateDB
This workflow automatically monitors the functionality of a factory. The workflow logs machine data coming from factory sensors in a CrateDB…
View on n8n.io →Automate IT support: Convert emails to Jira tickets with AI resolution
SmartSupport Flow: Auto-Handle IT Requests from Email to JIRA with Slack notification Watch the demo video below: [](https://youtu.be/nC2mSr…
View on n8n.io →Automated AWS IAM key compromise response with Slack & Claude AI
🛡️ Automated AWS Key Compromise Remediation Description This n8n workflow provides a secure, enterprise-grade response system for AWS IAM…
View on n8n.io →Create, update, and get an incident on PagerDuty
View on n8n.io →AI-powered support automation with Outlook, OpenAI & JIRA ticketing
This workflow automatically processes customer support requests from emails and web forms, uses AI to classify and either auto-resolve simpl…
View on n8n.io →Automate incident reporting & alerts with forms, Google Sheets and Gmail
Incident Reporting & Management Workflow (Form + Google Sheets + Email) This workflow automates incident reporting and management for opera…
View on n8n.io →Send n8n error reports to LINE
This workflow template, "n8n Error Report to LINE," is designed to streamline error handling by sending real-time notifications to your LINE…
View on n8n.io →Automate incident response with Jira, Slack, Google Sheets & Drive
📘 Description: This workflow automates the incident response lifecycle — from creation to communication and archival. It instantly creates…
View on n8n.io →Build a multi-agent system with n8n, Qdrant, Gmail & OpenAI
This template presents a multi-agent system in which a coordinating agent manages specialized sub-agents: an AI agent for RAG and document s…
View on n8n.io →Automated weekly security audit reports with Gmail delivery
🔒 N8N Security Audit Report - Automated Weekly Email 🎯 What does this workflow do? This workflow automatically generates and emails a co…
View on n8n.io →🛠️ PagerDuty tool MCP server 💪 all 9 operations
Complete MCP server exposing all PagerDuty Tool operations to AI agents. Zero configuration needed - all 9 operations pre-built. ⚡ Quick Se…
View on n8n.io →Real-time error monitoring with WhatsApp alerts & multi-language setup
> ⚠️ Multi-language WhatsApp Error Notifier Get instant WhatsApp alerts when any workflow fails — perfect for mobile-first monitoring…
View on n8n.io →Auto-resolve Jira tickets with GitHub Copilot using Port Context
Auto-resolve Jira tickets with coding agents Coding agents can significantly speed up development, but crucial engineering context often ge…
View on n8n.io →Enforce pre-release compliance with Jira, Monday.com, and Slack alerts
Description: Guarantee that only fully compliant stories and tasks make it into your release with this n8n automation template. The workfl…
View on n8n.io →Task escalation system with Google Sheets, Gmail, Telegram & Jira automation
Description This workflow sends an instant email alert when a task in a Google Sheet is marked as Urgent, and then sends a Telegram reminde…
View on n8n.io →Cyberpulse AI GRC: Automate security questionnaire responses
Description Automates vendor/customer security questionnaire responses. It ingests a questionnaire (Sheet/CSV/XLSX), matches each question…
View on n8n.io →Real-time IoT anomaly detection with MQTT, GPT-4o-mini AI, and multi-channel alerts
How It Works MQTT ingests real-time sensor data from connected devices. The workflow normalizes the values and trains or retrains machine l…
View on n8n.io →Kubernetes RCA and alerting using Gemini, Loki, Prometheus, Slack
Summary This n8n workflow automates Kubernetes root cause analysis (RCA) and incident alerting by integrating with Loki, Prometheus, and Sla…
View on n8n.io →Automate security incident response with Google Sheets, email alerts and EDR isolation
👤 Who it’s for SOC teams, incident responders, or solo defenders who need to automatically act on critical threats without manual triage.…
View on n8n.io →Automate cross-project dependency tracking between Jira and Monday
Description Keep your product and project teams perfectly aligned by automatically syncing task dependencies between Jira and Monday.com. Th…
View on n8n.io →Generate AI incident reports with GPT-4, Slack alerts, Gmail and PDF export
AI-Powered Incident Report Generator with Severity Alerts & PDF Delivery --- Description Automate incident reporting from detection to de…
View on n8n.io →AI-powered bug triage system with OpenAI, Jira and Slack alerts
Webhook → OpenAI → Jira “Bug Suspicion” → Slack QA Escalation This workflow ingests bug reports via a webhook, uses OpenAI to triage and ta…
View on n8n.io →Automate Incident Management with PagerDuty, Port AI, Jira & Slack
Complete incident workflow from detection through resolution to post-mortem, with full organizational context from Port's catalog. This temp…
View on n8n.io →Control AI agent tool access with Port RBAC and Slack mentions
RBAC for AI agents with n8n and Port This workflow implements role-based access control for AI agent tools using Port as the single source…
View on n8n.io →Monitor Cloudflare incidents and alert via Slack, Telegram, and Jira
Cloudflare Incident Monitoring & Escalation Workflow 🚀 Try Decodo — Web Scraping & Data API (Coupon: TRUNG) Decodo is a powerful public da…
View on n8n.io →Real-time uptime alerts to Jira with smart Slack on-call routing
Real-Time Uptime Alerts to Jira with Smart Slack On-Call Routing This workflow automatically converts uptime monitoring alerts received via…
View on n8n.io →Automate cybersecurity threat analysis with GPT-4o, CVSS scoring and risk routing
How It Works This workflow automates end-to-end cybersecurity threat analysis using a multi-agent AI architecture, targeting Security Operat…
View on n8n.io →Track Azure API and Service Bus failures with Application Insights correlation
Track Azure API failures with Application Insights correlation Template Name Track Azure API failures with App Insights, APIM, and Service…
View on n8n.io →Aggregate error alerts and send consolidated reports via Email and Jira
Error Alert Aggregator – Email and Jira This workflow aggregates error logs arriving from multiple sources, deduplicates identical events w…
View on n8n.io →Detect and route gameplay security anomalies with GPT-4o, Slack and Sheets
How It Works This workflow automates cybersecurity incident detection and response for security operations centers (SOCs) managing constant…
View on n8n.io →Check phishing URL reputation with VirusTotal and log to Google Sheets
🐟 Phishing URL Reputation Checker with VirusTotal This n8n template helps you automatically analyze URLs for phishing and malicious activi…
View on n8n.io →Automate cybersecurity incident response with Claude AI, VirusTotal and Slack
This workflow automates end-to-end cybersecurity incident response by ingesting alerts from multiple sources, enriching threat intelligence,…
View on n8n.io →