Guide
Getting the most
out of Synth.
Synth's value isn't in executing commands — any tool can do that. The value is in the reasoning gap: the space between "I know what I want" and "I know how to do it safely on this specific machine."
Deploy
Deployments that learn.
Register an artifact, point at an environment, and let Synth plan the deployment. That's the starting point. Where it gets interesting is the learning loop.
Annotate early
When Synth's artifact analysis is wrong, submit corrections. Two corrections with high confidence auto-apply on future plans — Synth skips LLM analysis entirely for known patterns. Repeated deployments become near-instant.
Refine, don't reject
When a plan is close but not right, use the Refine action with specific feedback: "This version also needs CACHE_TTL updated". Synth regenerates incorporating your context. Rejection throws away reasoning. Refinement builds on it.
Version your artifacts
Each version carries metadata and source information. Synth uses version history to contextualize risk — "third patch this week" vs. "first deploy in two months."
Maintain
The underrated workhorse.
Most users discover deploy first, but maintain is where daily operational work lives. No artifact needed — just an intent.
Things that just work
- → "Rotate TLS certificates on the web tier"
- → "Clean up Docker images older than 30 days"
- → "Update the nginx config to add rate limiting on /api/v2"
- → "Resize the postgres WAL to 2GB"
Why this is different
Maintain uses the most sophisticated planning path — iterative dry-run refinement. Synth generates a plan, dry-runs it against actual system state, discovers issues ("file doesn't exist yet," "service isn't installed"), and regenerates. The plan you approve has already been validated against reality.
Query
Your fleet's memory.
Read-only information gathering. The envoy runs a probe loop — executing commands, interpreting results, deciding what to probe next — until it has an answer. Findings go into the Debrief as structured, searchable records.
Pre-deployment recon
"What versions of openssl are running across prod?" — before deploying something that depends on a specific version.
Compliance snapshots
"List all listening ports and their associated processes" — across an environment, with structured findings.
Drift detection
"Compare the nginx config on web-1 vs web-2" — the reasoning explains differences, not just diffs.
Institutional knowledge
Query findings are stored in the Debrief. Six months from now, search "what was running on prod in March" and find structured, reasoned answers — not raw command output.
Investigate
The 2am companion.
Something is wrong. You don't know what. Describe the symptom. Synth iteratively probes — each finding informs the next — until it has a root cause hypothesis and a proposed resolution.
"API response times doubled in the last hour on the prod API tier, investigate"
Don't pre-diagnose
"Investigate high latency on API tier" gives Synth freedom to explore. "Check if the database is slow" constrains it to your hypothesis. Let it reason.
Self-writing postmortems
Every probe command and its result is in the Debrief. The investigation is reproducible and auditable. The postmortem writes itself.
Trigger
Monitoring that acts.
Prometheus tells you something is wrong. Synth tells you something is wrong and executes a reasoned response. The response is a full operation — planned, approved, executed, debriefed.
High-value trigger patterns
- ◆ "When disk usage exceeds 85%, run log cleanup" — spawns a maintain operation
- ◆ "When the health endpoint returns 500 for 3 consecutive checks, investigate" — spawns an investigation
- ◆ "When a new Docker image appears in the registry, deploy it to staging" — continuous delivery
- ◆ "When CPU exceeds 90% for 5 minutes, query what's consuming resources" — situational awareness
Traceable chains
Triggers produce operations with lineage tracking. You can trace "this investigation was spawned because trigger X fired because disk hit 92%." The Debrief makes the full causal chain visible.
Composite
Runbooks that reason.
Real operational work is rarely one action. Composite chains multiple operation types into a single plan, single approval, sequential execution. If step 2 fails, step 3 never runs. The whole workflow is atomic in intent.
A production deployment as a composite:
One approval. One Debrief. Four operations.
Runbooks without the drift
Any multi-step procedure documented in a wiki can become a composite operation. Synth plans each step against live system state — not against instructions someone wrote six months ago.
Fleet
Controlled rollouts.
When targeting an environment with multiple envoys, Synth supports progressive rollout strategies. Representative envoys plan first — the plan is validated against real system state before rolling to the fleet.
All-at-once
Every envoy simultaneously. For low-risk, well-understood changes.
Batched
Groups of N by count or percentage. Pause between batches. Halt if failures exceed a threshold.
Canary
Single envoy first, observe, then expand. Health check wait between stages.
Debrief
Operational memory.
The Debrief is not a log. It's a structured record of decisions, reasoning, and context. Every operation produces entries tagged with decision types, searchable and auditable.
Postmortems
Search by time range and operation type to reconstruct an incident. The reasoning field explains why decisions were made, not just what.
Knowledge transfer
New team members read debriefs to understand operational history. "Why do we deploy this service before that one?" is answered in the reasoning.
Pattern recognition
Search debriefs for recurring failure types. If deployment failures cluster around a specific service, that's signal — visible to anyone who searches.
MCP resource access
External tools can query the Debrief via MCP resources. Hook your incident management tool into Synth's debrief endpoint for automated context during pages.
Partitions
Logical isolation without overhead.
Partitions scope variables and constraints without requiring separate infrastructure. Variables set at the partition level override environment-level values.
Multi-tenant deployments
Partition per customer with customer-specific configuration. Same infrastructure, isolated state.
Compliance boundaries
Partition for PCI-scoped services with stricter constraints. Data doesn't bleed across partitions.
Team boundaries
Each team's services in their own partition with their own variable namespace and operational history.
Feature flags
Partition for canary users with different variable values. Same deployment target, different runtime configuration.
The patterns that compound.
The real power emerges from combining capabilities. Each operation type feeds naturally into the next.
Continuous improvement loop
Deploy → Debrief reveals issue → Investigate → Root cause found → Maintain to fix → Trigger to prevent recurrence.
Self-documenting operations
Every action produces a Debrief. Over time, the Debrief becomes the authoritative operational history — not wikis, not Slack threads.
Artifact learning
Each deployment teaches Synth about your artifacts. Annotations accelerate this. After a few cycles, planning for known artifacts is nearly instantaneous.
Trigger chains
A trigger fires → spawns an investigation → investigation finds a fix → creates a maintenance operation → the whole chain is traceable via lineage.
Ready to try it?
Synth is source-available and self-hosted. Install it, connect an LLM, and run your first operation in under five minutes.