[observability] Observability Coverage Report - 2026-05-31

[github-actions[bot]]

Executive Summary

I sampled 6 completed runs from the last 7 days and excluded 6 runs that were still in progress when the bundle was fetched. The completed firewall-enabled runs all had access.log artifacts, and the completed MCP-enabled runs all had RPC telemetry present.

One run, Smoke Pi (26698359911), produced a zero-byte rpc-messages.jsonl, so the telemetry file exists but is not usable for debugging. The rest of the completed sample had readable firewall and RPC logs.

Key Alerts and Anomalies

🔴 Critical Issues:

• No critical issues detected in the completed run sample.

⚠️ Warnings:

• 26698359911 (Smoke Pi) has an empty mcp-logs/rpc-messages.jsonl.
• Two completed MCP runs recorded tool-response errors in the RPC stream, but the telemetry itself remained present and parseable.

Coverage Summary

Component	Runs Analyzed	Logs Present	Coverage	Status
AWF Firewall (access.log)	3	3	100%	✅
MCP Gateway (gateway.jsonl or rpc-messages.jsonl)	6	6	100%	⚠️

📋 Detailed Run Analysis

Firewall-Enabled Runs

Workflow	Run ID	access.log	Entries	Allowed	Blocked/Errors	Status
Changeset Generator	26698359917	✅	117	54	0	✅
Agent Container Smoke Test	26698359939	✅	26	9	3	✅
Issue Monster	26698294921	✅	55	23	6	✅

Missing Firewall Logs (access.log)

None in the completed sample.

MCP-Enabled Runs

Workflow	Run ID	Telemetry Source	Entries	Tool Requests	Errors	Status
Smoke Antigravity	26698359936	rpc-messages.jsonl	1	13	0	✅
Changeset Generator	26698359917	rpc-messages.jsonl	1	80	12	✅
Agent Container Smoke Test	26698359939	rpc-messages.jsonl	1	45	0	✅
Smoke Pi	26698359911	rpc-messages.jsonl (empty)	0	0	0	⚠️
Smoke Gemini	26698359916	rpc-messages.jsonl	1	82	24	✅
Issue Monster	26698294921	rpc-messages.jsonl	1	127	0	✅

Missing MCP Telemetry (no gateway.jsonl or rpc-messages.jsonl)

None in the completed sample.

🔍 Telemetry Quality Analysis

Firewall Log Quality

• Total access.log entries analyzed: 354
• Status distribution: 146 200, 20 403, 16 400, 172 0
• Most accessed domains: api.githubcopilot.com:443, o205451.ingest.us.sentry.io:443, generativelanguage.googleapis.com:443, api.openai.com:443, github.com:443

Gateway Log Quality

• Telemetry source: rpc-messages.jsonl (canonical fallback)
• Non-empty RPC files: 5
• Zero-byte RPC files: 1
• Total tool requests across non-empty RPC logs: 347
• Tool-response errors across non-empty RPC logs: 36

Healthy Runs Summary

• 26698359917 Changeset Generator
• 26698359939 Agent Container Smoke Test
• 26698294921 Issue Monster
• 26698359936 Smoke Antigravity
• 26698359916 Smoke Gemini

Recommended Actions

1. Add a post-step assertion that fails when rpc-messages.jsonl is present but empty.
2. Keep retaining access.log and RPC artifacts for completed runs; the current sample is sufficient for debugging.
3. If the empty RPC file is intentional for some smoke flows, mark those workflows explicitly so the report can distinguish intentional suppression from telemetry loss.

References

• §26698359917
• §26698359939
• §26698359911

---

Report generated automatically by the Daily Observability Report workflow
Analysis window: Last 7 days | Runs analyzed: 6 completed, 6 in progress excluded

Warning

Firewall blocked 2 domains

The following domains were blocked by the firewall during workflow execution:

• api.github.com
• github.com

💡 Tip: api.github.com is blocked because GitHub API access uses the built-in GitHub tools by default. Instead of adding api.github.com to network.allowed, use tools.github.mode: gh-proxy for direct pre-authenticated GitHub CLI access without requiring network access to api.github.com:

tools:
  github:
    mode: gh-proxy

See GitHub Tools for more information on gh-proxy mode.

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "api.github.com"
    - "github.com"

See Network Configuration for more information.

Generated by 📊 Daily Observability Report for AWF Firewall and MCP Gateway · gpt54 7.5M · ◷

• expires on Jun 1, 2026, 12:12 AM UTC

[github-actions[bot]]

This discussion has been marked as outdated by Daily Observability Report for AWF Firewall and MCP Gateway.

A newer discussion is available at Discussion #36157.