You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I reviewed a capped sample of 20 workflow runs from the last 7 days. The dataset contains 19 firewall-enabled runs and 3 MCP-enabled runs, but the downloaded run folders only materialized metadata (aw_info.json, summary.json, run_summary.json) and prompt artifacts. No sampled firewall run had an access.log/ subtree, and no sampled MCP run had mcp-logs/gateway.jsonl or mcp-logs/rpc-messages.jsonl.
That leaves observability effectively absent for the two debugging surfaces this report is meant to audit. The failure runs are therefore hard to triage from the collected artifacts alone, and the missing telemetry should be treated as a collection regression unless the logs are being written elsewhere.
Key Alerts and Anomalies
🔴 Critical Issues:
Firewall telemetry missing for all 19 firewall-enabled runs in the analyzed sample: access.log was absent.
MCP telemetry missing for all 3 MCP-enabled runs in the analyzed sample: neither gateway.jsonl nor rpc-messages.jsonl was present.
⚠️Warnings:
The sampled run folders appear to stop at summary-level metadata, so the report cannot validate request/response content, allowed vs blocked access, or MCP tool-call timing.
None of the analyzed firewall-enabled or MCP-enabled runs had the required telemetry files in the downloaded dataset.
The only analyzed run that was not firewall-enabled was Smoke OpenCode (§29121662603), so it is correctly excluded from firewall coverage.
Recommended Actions
Confirm the log collector is persisting access.log/ for firewall-enabled runs and mcp-logs/gateway.jsonl or mcp-logs/rpc-messages.jsonl for MCP-enabled runs.
Add a post-run assertion that fails or warns when those files are missing so collection regressions are visible immediately.
If the telemetry is being written under a different path, update the daily observability workflow to fetch that path explicitly.
📊 Historical Trends
No trend comparison is available from the collected sample.
Report generated automatically by the Daily Observability Report workflow Analysis window: Last 7 days | Runs analyzed: 20
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Caution
agentic threat detected
Threat detection flagged this output in warn mode. Manual review is REQUIRED before any follow-up automation.
Details
The threat detection engine failed to produce results.
Review the workflow run logs for details.
Executive Summary
I reviewed a capped sample of 20 workflow runs from the last 7 days. The dataset contains 19 firewall-enabled runs and 3 MCP-enabled runs, but the downloaded run folders only materialized metadata (
aw_info.json,summary.json,run_summary.json) and prompt artifacts. No sampled firewall run had anaccess.log/subtree, and no sampled MCP run hadmcp-logs/gateway.jsonlormcp-logs/rpc-messages.jsonl.That leaves observability effectively absent for the two debugging surfaces this report is meant to audit. The failure runs are therefore hard to triage from the collected artifacts alone, and the missing telemetry should be treated as a collection regression unless the logs are being written elsewhere.
Key Alerts and Anomalies
🔴 Critical Issues:
access.logwas absent.gateway.jsonlnorrpc-messages.jsonlwas present.Coverage Summary
access.log)gateway.jsonlorrpc-messages.jsonl)📋 Detailed Run Analysis
Firewall-Enabled Runs
Missing Firewall Logs (
access.log)MCP-Enabled Runs
Missing MCP Telemetry (no
gateway.jsonlorrpc-messages.jsonl)🔍 Telemetry Quality Analysis
Firewall Log Quality
Gateway Log Quality
Healthy Runs Summary
Smoke OpenCode(§29121662603), so it is correctly excluded from firewall coverage.Recommended Actions
access.log/for firewall-enabled runs andmcp-logs/gateway.jsonlormcp-logs/rpc-messages.jsonlfor MCP-enabled runs.📊 Historical Trends
No trend comparison is available from the collected sample.
Report generated automatically by the Daily Observability Report workflow
Analysis window: Last 7 days | Runs analyzed: 20
Beta Was this translation helpful? Give feedback.
All reactions