[observability] Observability Coverage Report - 2026-07-12 #45020
Closed
Replies: 1 comment
-
|
This discussion has been marked as outdated by Daily Observability Report for AWF Firewall and MCP Gateway. A newer discussion is available at Discussion #45142. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Caution
agentic threat detected
Threat detection flagged this output in warn mode. Manual review is REQUIRED before any follow-up automation.
Details
The threat detection engine failed to produce results.
Review the workflow run logs for details.
Executive Summary
I analyzed a capped, representative slice of 4 recent runs across 2 workflows:
Copilot PR Prompt Pattern AnalysisandDaily MCP Tool Concurrency Analysis. Runtime stdout shows both AWF firewall and MCP activity were enabled, but the downloaded run bundles did not include the expected telemetry artifacts needed for debugging.That means the observability problem is not lack of runtime activity; it is missing export coverage. In this sample, firewall debugging is blocked by absent
access.logexports, and MCP debugging is blocked by the absence of bothgateway.jsonlandrpc-messages.jsonl.Key Alerts and Anomalies
🔴 Critical Issues:
Copilot PR Prompt Pattern Analysisrun §29167857322 is firewall-enabled, but noaccess.logexport was present.Copilot PR Prompt Pattern Analysisrun §29050184752 is firewall-enabled, but noaccess.logexport was present.Daily MCP Tool Concurrency Analysisrun §29085644969 is firewall-enabled, but noaccess.logexport was present.Daily MCP Tool Concurrency Analysisrun §29010934239 is firewall-enabled, but noaccess.logexport was present.Copilot PR Prompt Pattern Analysisrun §29167857322 used MCP tools, but neithergateway.jsonlnorrpc-messages.jsonlwas present.Copilot PR Prompt Pattern Analysisrun §29050184752 used MCP tools, but neithergateway.jsonlnorrpc-messages.jsonlwas present.Daily MCP Tool Concurrency Analysisrun §29085644969 used MCP tools, but neithergateway.jsonlnorrpc-messages.jsonlwas present.Daily MCP Tool Concurrency Analysisrun §29010934239 used MCP tools, but neithergateway.jsonlnorrpc-messages.jsonlwas present.Coverage Summary
access.log)gateway.jsonlorrpc-messages.jsonl)📋 Detailed Run Analysis
Firewall-Enabled Runs
Missing Firewall Logs (
access.log)MCP-Enabled Runs
Missing MCP Telemetry (no
gateway.jsonlorrpc-messages.jsonl)🔍 Telemetry Quality Analysis
Firewall Log Quality
access.logentries analyzed: 0agent-stdio.log, but the exported Squid log bundle was missing.Gateway Log Quality
agent-stdio.log, but neithergateway.jsonlnorrpc-messages.jsonlwas exported.Healthy Runs Summary
Recommended Actions
access.logis missing from a firewall-enabled run.gateway.jsonlorrpc-messages.jsonlinto the run bundle.agent-stdio.logas supplemental context only; promote the dedicated firewall and MCP artifacts to the canonical debugging source.Historical Trends
Report generated automatically by the Daily Observability Report workflow
Analysis window: Last 7 days | Runs analyzed: 4
Beta Was this translation helpful? Give feedback.
All reactions