You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Our 4XX alert was constantly triggering due to RS (and other things) calling non-existent endpoints. Changed the alert to be log based and filtering out the pre-live slot, the RS receiver status check, and Microsoft pinging non-existent endpoints.
The reason will be displayed to describe this comment to others. Learn more.
Consider adding a specific log for when the alert is triggered. This would help in debugging and understanding the context of the alert when reviewing logs. [important]
Refine the log filtering conditions to ensure necessary logs are not excluded
Ensure that the query does not inadvertently exclude necessary logs by refining the conditions that filter out specific methods and URIs. Consider using more specific conditions or adding additional URIs that might be relevant to ignore.
+query = <<-QUERY+ AppServiceHTTPLogs |+ where CsHost !contains "pre-live" |+ where UserAgent != "AlwaysOn" |+ where not(CsMethod == "GET" and CsUriStem startswith "/v1/etor/") | // ignore RS receiver status check that uses GET+ where not(CsMethod == "GET" and CsUriStem startswith "/admin/") | // ignore Microsoft hitting non-existent URLs+ where ScStatus >= 400 and ScStatus < 500+ QUERY-
Suggestion importance[1-10]: 5
Why: The suggestion to refine log filtering conditions is relevant as it ensures important logs are not excluded, which is crucial for accurate monitoring. However, the improved code provided is identical to the existing code, indicating no specific changes were suggested.
5
Performance
Optimize the alert's frequency and time window for effective monitoring
Consider adjusting the frequency and time_window parameters to optimize the alert's responsiveness and accuracy, ensuring it effectively captures relevant data without causing unnecessary noise.
Why: Optimizing the frequency and time window can enhance the alert system's effectiveness. However, the suggestion lacks specific improvements or alternatives, making it less impactful.
4
Maintainability
Ensure all necessary tags are included in the ignore_changes lifecycle configuration
Review the ignore_changes lifecycle configuration to ensure it includes all necessary tags that should not trigger a redeployment or update of the resource, potentially adding more tags as needed.
Why: Ensuring all necessary tags are included in the ignore_changes configuration is important for maintainability. However, the suggestion does not provide specific tags to add, limiting its practical applicability.
4
Best practice
Check and adjust the severity level of the alert to match organizational standards
Verify the severity level set for the alert to ensure it aligns with organizational standards for 4xx error monitoring, potentially adjusting it if necessary.
Why: This suggestion is a good practice to ensure the severity level aligns with organizational standards. However, it's more of a verification step rather than a direct code improvement, hence the moderate score.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
Description
Our 4XX alert was constantly triggering due to RS (and other things) calling non-existent endpoints. Changed the alert to be log based and filtering out the pre-live slot, the RS receiver status check, and Microsoft pinging non-existent endpoints.
Issue
#1517
Checklist