> ## Documentation Index
> Fetch the complete documentation index at: https://docs.incident.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Connect your data

> The sources investigations draw on, and how to set each one up.

Investigations are only as good as the context they can reach. Each source you connect gives investigations another angle on what's happening, and findings grounded in several sources at once are far more reliable than guesses from one. The more independent evidence an investigation can find, the more [conviction](/investigations/how-investigations-work#building-conviction) it can have in a finding rather than guess. Connect whatever you have; you don't need everything to get value.

All sources are configured from the [Investigations settings](https://app.incident.io/~/investigations) in your dashboard.

## Sources

<CardGroup cols={2}>
  <Card title="Past incidents" icon="https://mintcdn.com/incidentio-18bb4170/sRvzAk-yzIz8QOX3/icons/investigations.svg?fit=max&auto=format&n=sRvzAk-yzIz8QOX3&q=85&s=cf0971ce90cba6e9bee684c6deca9a51" href="/investigations/connect/past-incidents" width="40" height="40" data-path="icons/investigations.svg">
    Find similar incidents and the fixes that worked before.
  </Card>

  <Card title="Slack channels" icon="slack" href="/investigations/connect/slack">
    Real-time context: deploys, config changes, and team discussion.
  </Card>

  <Card title="Change events" icon="clock-rotate-left" href="/investigations/connect/change-events">
    Deploys, feature flags, and config changes, extracted from your channels and correlated with incidents.
  </Card>

  <Card title="Documentation" icon="book-open" href="/investigations/connect/documentation">
    Search your runbooks and reference docs from Confluence, Notion, GitHub, and GitLab.
  </Card>

  <Card title="Code repositories" icon="code" href="/investigations/connect/code/overview">
    Link relevant pull requests and read your code, safely sandboxed.
  </Card>

  <Card title="Telemetry" icon="database" href="/investigations/connect/telemetry/overview">
    Logs, metrics, traces, and dashboards from your observability tools.
  </Card>
</CardGroup>

## How investigations use each source

| Source            | What it adds to an investigation                                                                     |
| ----------------- | ---------------------------------------------------------------------------------------------------- |
| Past incidents    | Pattern matching against your history: what this looked like before and how it was fixed.            |
| Slack channels    | Human context telemetry can't give: a mentioned migration, a deploy notification, a config change.   |
| Change events     | A timeline of deploys, flag flips, and config changes to line up against when the incident started.  |
| Documentation     | Your team's own knowledge: runbooks for this exact failure, and how your services are meant to work. |
| Code repositories | The pull request that likely caused the issue, and the ability to trace errors through code.         |
| Telemetry         | Hard signal: error spikes, latency changes, log lines, and the dashboards your team trusts.          |

<Note>
  Connecting Slack channels as a source (and the change events built from them) is available for Slack only. Every other
  source works the same whether your incidents run in Slack or Microsoft Teams.
</Note>

<Tip>
  Start with the sources your responders already lean on during incidents. If your team lives in a particular Grafana
  dashboard and a Slack deploys channel, connect those first.
</Tip>

## Always on: third-party dependencies

One source needs no setup. Every investigation automatically checks whether third-party providers you depend on, like AWS, GitHub, Stripe, or Datadog, were having an outage around the time of your incident. See [Third-party dependencies](/investigations/third-party-dependencies).
