How Duplicate Incidents Work
During fast-moving operational issues, teams may accidentally create multiple incidents describing the same underlying problem. Rootly allows you to mark one incident as the duplicate of another, ensuring responders align around a single source of truth. When an incident is marked as a duplicate:- The duplicate incident is linked to a canonical (primary) incident
- The duplicate’s timeline records the change
- Workflows, alerts, and Slack channels can consolidate under the primary incident
- Optionally, the duplicate incident can be automatically cancelled
Duplicate incidents use a dedicated field (
duplicate_incident_id) and are not the same as sub-incidents, which use parent_incident_id.Why Mark Incidents as Duplicate
Teams benefit from merging duplicates because it:- Ensures responders focus on the correct incident
- Reduces conflicting updates or duplicated communication
- Clarifies ownership and priority
- Simplifies retrospectives and reporting
- Maintains a clean incident list without losing context
- Multiple teams declare the same outage simultaneously
- Monitoring tools trigger multiple detection paths
- Slack responders create overlapping incidents during triage
What Happens When You Mark an Incident as Duplicate
When you mark Incident A as a duplicate of Incident B:- Incident A becomes linked to Incident B
- A timeline entry is added to Incident A
- Slack responders receive a confirmation message
- (Optional) Incident A is automatically cancelled and any attached alerts are resolved
- The “Duplicate of …” banner appears in the duplicate incident UI
Auto-cancellation is enabled by default when marking a duplicate but can be turned off during the action.
Where You Can Manage Duplicates
In the Web Interface
From an incident, open the action menu and select Mark as Duplicate.You can then:
- Search for the canonical incident
- Choose whether to auto-cancel the duplicate
- Add a cancellation reason for context
In Slack
Use one of the supported commands:/rootly dup/rootly duplicate
- Select the canonical incident
- Provide a cancellation reason
- Enable/disable auto-cancel
Duplicate marking is not available for scheduled maintenance incidents.
API Support
You can also mark incidents as duplicates programmatically using:duplicate_incident_idauto_cancel_incidentreason_for_cancellation
API duplicate linking does not automatically resolve attached alerts—this behavior is only available via Slack or Web.
Best Practices
-
Always consolidate early
Merge duplicate incidents as soon as duplication is detected to reduce confusion. -
Use auto-cancel thoughtfully
Cancelling duplicates keeps your incident list clean, but you may leave them open temporarily during complex triage. -
Write clear cancellation reasons
Adds helpful context for retrospectives and audit history. -
Educate responders on Slack commands
Many duplicates are resolved faster when responders use/rootly dup. -
Review duplicate patterns
Repeated duplicates may highlight monitoring or workflow tuning opportunities.
FAQ
What is the difference between a duplicate and a sub-incident?
What is the difference between a duplicate and a sub-incident?
Duplicate incidents refer to the same problem, while sub-incidents represent related but distinct workstreams.
Can a duplicate be re-opened as a normal incident?
Can a duplicate be re-opened as a normal incident?
Yes. Edit the incident to remove the duplicate relationship and update the status.
Can I mark an incident as duplicate of a private incident?
Can I mark an incident as duplicate of a private incident?
Yes, but only if you have permission to view the target incident.
Who can mark incidents as duplicates?
Who can mark incidents as duplicates?
Any responder with update permission on the incident (including private-incident permissions when relevant).
Does marking as duplicate merge timelines?
Does marking as duplicate merge timelines?
No. Timelines remain separate, but all future response activity should occur in the canonical incident.