NEW: LLM-Powered RCA BETA Closed beta — 10 design partners, free for 60 days

Your on-call shouldn't be
a human alert filter.

Reduce alert noise by ~80% by grouping related alerts into incidents and auto-generating root-cause summaries — so your L1 stops clicking acknowledge at 3 AM and starts fixing things that matter.

AIOps platform for alert correlation, deduplication, and LLM-drafted RCAs · Self-hosted PagerDuty alternative for DevOps & SRE teams.

Start free — no credit card Apply for the beta

1,000 alerts/month free · No card · Sign in to app.saneops.in · or self-host the Docker image

INCIDENT-4092
CLASSIFIED: HIGH
DB_LATENCY
API_TIMEOUTS
+ 6 MORE
SERVICE payment-api · checkout-worker
SOURCES Grafana · Datadog · Prometheus
CORRELATED 47 alerts → 1 incident
RCA · drafted by Claude · 12s ago
> Analysing telemetry across 3 services…
> Root cause likely: missing index on users.email following migration 2026-05-15-a3f; query p99 ↑ 14× since 02:41 UTC.
Live app.saneops.in
Yesterday in a beta tenant
847 alerts 12 actionable incidents
Real product · live at app.saneops.in (sign in to try)
app.saneops.in
Free tier · 153 alerts remaining this month 847 / 1,000
Tenants
1
Alerts ingested
847
Incidents (total)
12
Open incidents
3
Active incidents
Payment service: 5xx error rate spike P1
Postgres replica lag > 30s P2
Disk usage on node-7 > 80% P3
RCA drafted by Claude · 12 sec ago
~80%
noise reduction
< 1 min
L1 triage time
10 min
to first alert
10,000+ alerts/day in internal testing Built by an SRE, in public Self-hosted by default · DPDP / GDPR aligned Open beta · 60 days free
The problem

800 alerts a day. 90% are noise. The other 10% are five real incidents fired six times each.

If your team runs a 24/7 NOC or on-call rotation, you already know the pattern. Your L1 spends the night clicking acknowledge instead of fixing anything. Your seniors get paged for the same outage from four monitoring tools. By morning, nobody trusts the pager.

$400K
/ year burn rate for a 4-engineer NOC team — most of it spent triaging duplicates.
6–8 min
average time an L1 spends per alert: read, look up runbook, decide, escalate or close.
3:14 AM
when your senior gets paged for an incident your L1 already triaged twenty minutes ago.
Outcomes

What Saneops compresses for you.

Real numbers from beta tenants — the same dashboard above, summarised three ways.

92%
Alert Compression

Related symptoms across services collapse into a single incident.

4x
Faster MTTR

Auto-gathered context means engineers start fixing immediately.

Zero
Wake-Ups For Noise

Only actionable incidents page humans — nothing else.

How it works

AIOps in three steps: ingest, correlate, explain.

1

Ingest

Point any alert source at Saneops via webhook. Grafana, Datadog, PagerDuty, Prometheus, custom JSON. No agents, no SDK, no data leaving your network.

2

Correlate & dedupe

Time-window grouping + content-hash dedup + CEL-based custom rules collapse 800 alerts into a handful of incidents. The first 50 lines of the runbook become unnecessary.

3

Explain & route

A first-draft RCA is generated for every incident — what changed, what's affected, what to check first. Then it's routed to the right channel via a visual workflow builder.

Features

Alert correlation, deduplication, and LLM RCA — built for SREs.

Every feature exists because a real on-call engineer wished it did at 3 AM.

Alert correlation

Time-window + label-similarity grouping with tunable thresholds per tenant.

Content-hash dedup

Same payload arriving from four monitoring tools? One alert, four sources attached.

CEL-based drop rules

Filter known-noise alerts with the same expression language Kubernetes uses.

LLM root-cause analysis

First-draft RCA written for every incident. Bring your own Claude / OpenAI / Ollama key.

Visual workflow builder

8-tab workflow editor — overview, builder, canvas, YAML, inputs, secrets, versions, runs.

Encrypted secrets vault

Webhook tokens, API keys, SMTP passwords — encrypted at rest with your session key.

Works with

Integrations: Grafana, Datadog, PagerDuty, Prometheus, and more.

No agents to install, no SDK to import. Webhook in, webhook out.

Grafana Datadog PagerDuty
Prometheus
Slack
Microsoft Teams
OpsGenie
Zenduty
Anthropic Claude
OpenAI
Ollama
Generic webhook
Two ways to deploy

Cloud or self-hosted. Same product. Your choice.

Most beta customers start with cloud — sign up, ingest your first alert in minutes. Security-sensitive teams prefer to run the Docker image on their own infra. Both get the same Saneops.

Recommended

Saneops Cloud

app.saneops.in

We host it. You sign in, paste your webhook URL into Grafana / Datadog, alerts flow. Zero infra to set up.

  • Live in 5 minutes — no Docker, no Postgres setup
  • Always on the latest version
  • Auto backups, HTTPS, SSO-ready
  • Free during the 60-day beta
Open Saneops Cloud

Self-hosted

docker compose up -d

Single Docker image (~108 MB). Runs on your infrastructure. Alert payloads, incident history, secrets — none of it leaves your network.

  • Air-gap capable — works with no outbound internet
  • Encrypted secrets via your own SESSION_SECRET
  • DPDP Act 2023 + GDPR aligned
  • ~10 min to first alert via Docker Compose
Request the Docker bundle

Both options share the exact same codebase, same features, same beta agreement. Switch between them anytime.

vs. the alternatives

Where Saneops fits in your stack.

Saneops sits between your monitoring tools and your humans. It doesn't replace Grafana, Datadog, or PagerDuty — it absorbs the alerts they generate so fewer reach a human.

Saneops PagerDuty Datadog
Alert correlation ●●● ●○○ ●●○
LLM-authored RCA ●●● ●○○
Self-hosted option
Pricing model flat / tenant $/user/mo $/host/mo
Time to first alert 5–10 min ~30 min hours
Aimed at 50–500 eng enterprise enterprise

●●● strong · ●●○ partial · ●○○ basic · — not offered. Comparison reflects publicly documented features as of April 2026.

Beta program

Free for 60 days. Ten companies. No catch.

I'm taking on ten design partners through the closed beta. You get the full product, free, self-hosted. In exchange: honest feedback, a 30-minute weekly sync, and a chance to shape what Saneops becomes.

You get
  • • Full product, no feature gates
  • • Direct line to the founder
  • • 50% off year 1 if you convert
We ask
  • • Real production deployment
  • • Bug reports + feedback
  • • 30-min weekly check-in
Terms
  • • 60-day free beta
  • • Self-hosted, your data
  • • Walk away anytime
Apply for the beta

Or email support@saneops.in directly.

About

Built by one engineer, in public.

Saneops is built by Omprakash Kumar. No VC, no marketing team — just one engineer who got tired of watching on-call rotations burn out good people.

The bet: most alert-fatigue isn't a tooling-volume problem. It's a correlation problem. Once a system can group, dedupe, and explain alerts the way a senior SRE does in their head, the L1 layer mostly disappears.

If that bet's wrong, the beta will tell us in 60 days. If it's right, Saneops becomes the layer between your monitoring and your humans.

FAQ

Questions we keep getting.

Is this open source?
No. Saneops is proprietary, source-available to paid customers under NDA. The beta ships as a compiled Docker image — you run the binary, not the source. This lets us stay a small focused team without the dynamics of a large open-source project.
Cloud or self-hosted — which should I pick?
Default to cloud. If you can sign in to a SaaS dashboard without your security team filing a ticket, use app.saneops.in — you're live in 5 minutes. Pick self-hosted only if (a) your data is regulated (BFSI, healthcare, government), (b) you run in an air-gapped network, or (c) "vendor SaaS" requires a 6-month security review at your company. Both options use the same code, same beta agreement, same product.
Does any of my alert data leave my network?
Self-hosted: no. Outbound traffic is just an anonymous telemetry beacon (disable with one env var) and your configured LLM provider (Claude / OpenAI / Ollama). Use Ollama + disable telemetry for zero outbound — works in a fully air-gapped network.

Cloud: data is hosted by Saneops in Singapore on managed Postgres. Full DPA available, signed before any deploy. If your team can't put alert payloads on a vendor's infra (regardless of vendor), use self-hosted instead.
What does it cost after the beta?
Pricing finalises before the beta cohort converts. Beta participants get 50% off year 1 and locked-in pricing for two years. Walk-away with zero obligation if it doesn't work for you.
How is this different from Keep / FireHydrant / PagerDuty?
PagerDuty is on-call routing — it tells the right human. Saneops decides whether a human needs to be told at all. Keep is similar in scope but cloud-only and aimed at larger orgs. Saneops is built for the 50–500 engineer band where you can't justify a dedicated AIOps team yet.
What if I find a critical bug at 2 AM?
Hit the floating "💬 Feedback" button in the app — it pings me directly. Critical issues during business hours get a response in under an hour. Off-hours, same-day.
Where can we deploy and what's the data-residency story?
Anywhere Docker runs — US, EU, APAC, your own VPC, your own data centre. Self-hosted deployments keep all alert data inside your network. The cloud tier runs in Singapore today; US and EU regions land before GA. The beta agreement supports neutral arbitration for non-US customers. Compliance questions: support@saneops.in.

Stop reading alerts.
Start fixing things.

Ten beta slots. First-come, first-served.

Apply for the beta