Azure-first incident investigation
Find the change
that broke production. Fast.
ChangeOps turns Azure's scattered change history into a ranked, evidence-backed shortlist — so on-call goes from 40 minutes of portal-hopping to under five.
What ChangeOps is for
Triage in minutes
Find the change behind a live incident — under five minutes, no portal-hopping.
Evidence packs
Timestamped, attributed, confidence-labelled — and exportable anywhere.
Postmortems & audits
Blameless postmortems, compliance audits, and vendor escalations — in one export.
How it works
From a noisy cloud to a ranked answer
Connect · collect · evaluate · rank — then delivered where you work.
Connect your Azure
Securely link subscriptions. Read-only.
Collect change evidence
Every change in the incident window.
Engines evaluate
Correlate, score & label confidence honestly.
Ranked evidence pack
Most likely change first — attributed.
Under the hood
Built like an evidence engine — not a dashboard
The substance that makes the ranking trustworthy.
Joined on correlationId
Control-plane changes correlate deterministically, with a bounded time-window fallback. HIGH only when sources agree.
Calibrated confidence
AKS audit evidence is heuristic and labelled MED — never dressed up as certainty. The engineer makes the call.
Source-attributed
Every ranked item keeps its raw Azure provenance, so you can drill straight back into the original evidence.
Tenant-safe & read-only
Workload-identity access, no stored credentials, per-tenant row-level isolation. We never store your raw logs.
Where we're going
Azure-first by design — not Azure-only forever
Azure, done deeply
Activity Log, Resource Graph & AKS audit. Ranked evidence, honest confidence, export to Slack / Teams / Jira.
AWS & GCP
The evidence model is cloud-agnostic by design. Same ranked story, across your whole estate.
AI on the deterministic core
AI reads the trusted evidence pack to summarize and suggest next checks — never replacing the engine.