You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Analyzed 32 workflow runs from 2026-02-14 to 2026-02-21. Firewall observability is partially healthy: 28 runs had firewall enabled and 20 of those included access.log artifacts (71.4% coverage). Eight firewall-enabled runs are missing access.log, which is a critical gap for debugging egress failures.
MCP gateway observability is currently non-compliant with the expected artifact name. All 20 MCP-enabled runs are missing gateway.jsonl, even though mcp-logs/rpc-messages.jsonl is present in every case. This looks like a naming/packaging mismatch rather than a total absence of gateway telemetry, but it still violates the required artifact contract.
Note: The mcp-logs/ and sandbox/ directories are not readable from this environment. Presence/absence checks rely on run_summary.json artifact listings and the aggregated firewall metrics there.
Key Alerts and Anomalies
🔴 Critical Issues:
Missing access.log in 8 firewall-enabled runs: Issue Monster (7 runs) and PR Triage Agent (1 run). See details below.
Missing gateway.jsonl in all 20 MCP-enabled runs (100% miss rate). rpc-messages.jsonl is present in all 20, indicating a likely artifact naming mismatch.
⚠️Warnings:
mcp-logs/ and sandbox/ directories are not readable, preventing JSONL field validation and entry counts.
gateway.jsonl not present in any MCP-enabled run, so JSONL schema validation and entry counts could not be computed.
mcp-logs/rpc-messages.jsonl is present in all MCP-enabled runs, but directory permissions prevented direct parsing.
Healthy Runs Summary
20 runs show complete firewall artifacts and MCP rpc logs, but none include gateway.jsonl as currently required.
Recommended Actions
Restore access.log artifact collection for Issue Monster and PR Triage Agent runs; confirm the sandbox firewall logs directory is captured on failure paths.
Standardize MCP gateway log artifact naming. Either emit gateway.jsonl or update the reporting contract to accept rpc-messages.jsonl as the canonical file.
Adjust log export permissions for mcp-logs/ and sandbox/ so automated analysis can validate JSONL schema quality and count entries.
Report generated automatically by the Daily Observability Report workflow Analysis window: 2026-02-14 to 2026-02-21 | Runs analyzed: 32
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Executive Summary
Analyzed 32 workflow runs from 2026-02-14 to 2026-02-21. Firewall observability is partially healthy: 28 runs had firewall enabled and 20 of those included
access.logartifacts (71.4% coverage). Eight firewall-enabled runs are missingaccess.log, which is a critical gap for debugging egress failures.MCP gateway observability is currently non-compliant with the expected artifact name. All 20 MCP-enabled runs are missing
gateway.jsonl, even thoughmcp-logs/rpc-messages.jsonlis present in every case. This looks like a naming/packaging mismatch rather than a total absence of gateway telemetry, but it still violates the required artifact contract.Note: The
mcp-logs/andsandbox/directories are not readable from this environment. Presence/absence checks rely onrun_summary.jsonartifact listings and the aggregated firewall metrics there.Key Alerts and Anomalies
🔴 Critical Issues:
access.login 8 firewall-enabled runs: Issue Monster (7 runs) and PR Triage Agent (1 run). See details below.gateway.jsonlin all 20 MCP-enabled runs (100% miss rate).rpc-messages.jsonlis present in all 20, indicating a likely artifact naming mismatch.mcp-logs/andsandbox/directories are not readable, preventing JSONL field validation and entry counts.Coverage Summary
access.log)gateway.jsonl)rpc-messages.jsonl)📋 Detailed Run Analysis
Firewall-Enabled Runs
Missing Firewall Logs (access.log)
MCP-Enabled Runs
Missing Gateway Logs (gateway.jsonl)
🔍 Telemetry Quality Analysis
Firewall Log Quality
-(781 blocked),api.githubcopilot.com:443(551 allowed),api.anthropic.com:443(200 allowed),proxy.golang.org:443(25 total),api.openai.com:443(24 allowed)evil.com,example.com,files.com)Gateway Log Quality
gateway.jsonlnot present in any MCP-enabled run, so JSONL schema validation and entry counts could not be computed.mcp-logs/rpc-messages.jsonlis present in all MCP-enabled runs, but directory permissions prevented direct parsing.Healthy Runs Summary
gateway.jsonlas currently required.Recommended Actions
access.logartifact collection for Issue Monster and PR Triage Agent runs; confirm the sandbox firewall logs directory is captured on failure paths.gateway.jsonlor update the reporting contract to acceptrpc-messages.jsonlas the canonical file.mcp-logs/andsandbox/so automated analysis can validate JSONL schema quality and count entries.Report generated automatically by the Daily Observability Report workflow
Analysis window: 2026-02-14 to 2026-02-21 | Runs analyzed: 32
References: §22252647907, §22251839006, §22251923034
Beta Was this translation helpful? Give feedback.
All reactions