Enterprise Replay

    Replay is the bridge between incident evidence and governed remediation. Enterprise operators use it to reconstruct incidents, validate behavior in dry run, and escalate to execute mode only when approvals and environment posture allow it.

    Replay Path

    1. Capture evidence through incident bundles and snapshots.
    2. Resolve the matching pipeline version and runtime posture.
    3. Run dry-run replay for investigation.
    4. Escalate to execute-mode replay only with matching approval coverage.

    Dry-run replay is the normal investigative path because it proves that the captured input can be reconstructed without reintroducing live side effects. Execute-mode replay is a narrower tool. It should only happen after the runtime resolves the original spec identity, the target environment posture allows it, and approval coverage matches the requested operation.

    What Replay Validates

    • The artifact can be tied back to a known pipeline version or spec hash.
    • The runtime posture is compatible with the requested replay mode.
    • Approval coverage exists when execute-mode replay is requested.
    • The resulting replay emits its own audit output instead of disappearing into operator memory.

    Why This Matters

    Without that chain, replay becomes guesswork. With it, incident handling stays reproducible: evidence in, policy check, dry run, controlled escalation, audit out.

    Canonical Surfaces

    Incident bundles and replay
    Shared runtime operator flow for capture, investigation, and remediation.
    Published replay workflows
    Repo-owned enterprise replay guide and operator workflow detail.
    byteor-replay rustdoc
    Crate-level API reference for enterprise replay contracts.
    Provenance
    Need the canonical source?
    Use the public hub to orient yourself, then jump to repo-owned docs or rustdoc when you need contract-level detail.
    Source-of-truth modelRepo docs index