[observability] Observability Coverage Report - 2026-07-09 #44420
Closed
Replies: 1 comment
-
|
This discussion was automatically closed because it expired on 2026-07-10T00:15:07.252Z.
|
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Caution
agentic threat detected
Threat detection flagged this output in warn mode. Manual review is REQUIRED before any follow-up automation.
Details
The threat detection engine failed to produce results.
Review the workflow run logs for details.
Executive Summary
This week's 20-run sample is broadly healthy. 18 of 20 runs exercised the firewall path and every firewall-enabled run exposed an
access.logtrail. All 20 runs exercised MCP tooling, and every sampled run exposedrpc-messages.jsonlat runtime, which means MCP telemetry was present even when the preferred gateway log was absent.The main gap is quality rather than coverage: two PR Sous Chef failures (
28982973843,28984051748) only produced zero-byterpc-messages.jsonl, so the run is observable but not very useful for debugging tool-level behavior. The firewall log bundle is populated and readable, but this sample did not surface explicit denied-request lines.Key Alerts and Anomalies
Note
No critical issues detected.
Warning
Zero-byte MCP telemetry was observed on §28982973843 and §28984051748; both runs should be treated as low-quality telemetry, not missing telemetry.
Warning
The Squid access log is present and populated, but the sampled slice is dominated by allowed CONNECT traffic and transaction-end errors rather than explicit denied requests.
Coverage Summary
access.log)gateway.jsonlorrpc-messages.jsonl)Detailed Run Analysis
Firewall-Enabled Runs
18 sampled firewall-enabled runs had
access.logreferences in the workflow logs and the shared Squid log bundle contained 139 entries with valid Squid-style CONNECT records.MCP-Enabled Runs
All 20 sampled runs had MCP telemetry present via
rpc-messages.jsonl. 18 runs had non-empty telemetry; 2 runs were zero-byte warnings.rpc-messages.jsonlpresent, zero bytesrpc-messages.jsonlpresent, zero bytesrpc-messages.jsonlpresentrpc-messages.jsonlpresentTelemetry Quality
Firewall log sample: 139 lines, 56 CONNECT 200 entries, 85 transaction-end/error entries, 5 unique domains.
MCP telemetry source: canonical
rpc-messages.jsonlfallback; nogateway.jsonlsurfaced in this sample.Recommended Actions
rpc-messages.jsonlso MCP runs fail loudly when the gateway is active but telemetry is empty.gateway.jsonlformat where available; when only the fallback exists, retain enough of the raw JSONL to support tool-call and latency analysis.References:
Beta Was this translation helpful? Give feedback.
All reactions