[observability] Observability Coverage Report - 2026-02-10 #14738
Description
Executive Summary
Over the last 7 days (2026-02-03 to 2026-02-10 UTC), the only runs successfully fetched for analysis were the scheduled "Daily Observability Report for AWF Firewall and MCP Gateway" workflow executions (6 total, 2026-02-04 through 2026-02-09). Attempts to retrieve logs for all workflows timed out, so this report is scoped to those runs only.
All 6 runs had firewall enabled and included access.log artifacts according to the run summaries, so firewall log coverage is complete. However, the MCP Gateway gateway.jsonl artifact is missing from every MCP-enabled run, which is a critical observability gap for debugging tool execution.
Key Alerts and Anomalies
🔴 Critical Issues:
- MCP Gateway
gateway.jsonlmissing in 6/6 MCP-enabled runs (all runs in scope), preventing structured gateway telemetry and tool-call metrics.
- Firewall log quality could not be fully validated in 4/6 runs (firewall analysis missing despite
access.logartifact present). - Safe output logs (
outputs.jsonl) missing in 2/6 runs.
Coverage Summary
| Component | Runs Analyzed | Logs Present | Coverage | Status |
|---|---|---|---|---|
AWF Firewall (access.log) |
6 | 6 | 100% | ✅ |
MCP Gateway (gateway.jsonl) |
6 | 0 | 0% | 🔴 |
📋 Detailed Run Analysis
Firewall-Enabled Runs
| Workflow | Run ID | access.log | Entries | Allowed | Blocked | Status |
|---|---|---|---|---|---|---|
| Daily Observability Report for AWF Firewall and MCP Gateway | §21662159747 | ✅ | 1 | 0 | 1 | ✅ |
| Daily Observability Report for AWF Firewall and MCP Gateway | §21702422127 | ✅ | 15 | 5 | 10 | ✅ |
| Daily Observability Report for AWF Firewall and MCP Gateway | §21742112867 | ✅ | unknown | unknown | unknown | |
| Daily Observability Report for AWF Firewall and MCP Gateway | §21776183749 | ✅ | unknown | unknown | unknown | |
| Daily Observability Report for AWF Firewall and MCP Gateway | §21794150719 | ✅ | unknown | unknown | unknown | |
| Daily Observability Report for AWF Firewall and MCP Gateway | §21815889629 | ✅ | unknown | unknown | unknown |
Missing Firewall Logs (access.log)
None detected.
MCP-Enabled Runs
| Workflow | Run ID | gateway.jsonl | Entries | Servers | Tool Calls | Errors | Status |
|---|---|---|---|---|---|---|---|
| Daily Observability Report for AWF Firewall and MCP Gateway | §21662159747 | ❌ | N/A | N/A | N/A | N/A | 🔴 |
| Daily Observability Report for AWF Firewall and MCP Gateway | §21702422127 | ❌ | N/A | N/A | N/A | N/A | 🔴 |
| Daily Observability Report for AWF Firewall and MCP Gateway | §21742112867 | ❌ | N/A | N/A | N/A | N/A | 🔴 |
| Daily Observability Report for AWF Firewall and MCP Gateway | §21776183749 | ❌ | N/A | N/A | N/A | N/A | 🔴 |
| Daily Observability Report for AWF Firewall and MCP Gateway | §21794150719 | ❌ | N/A | N/A | N/A | N/A | 🔴 |
| Daily Observability Report for AWF Firewall and MCP Gateway | §21815889629 | ❌ | N/A | N/A | N/A | N/A | 🔴 |
Missing Gateway Logs (gateway.jsonl)
| Workflow | Run ID | Date | Link |
|---|---|---|---|
| Daily Observability Report for AWF Firewall and MCP Gateway | 21662159747 | 2026-02-04 | §21662159747 |
| Daily Observability Report for AWF Firewall and MCP Gateway | 21702422127 | 2026-02-05 | §21702422127 |
| Daily Observability Report for AWF Firewall and MCP Gateway | 21742112867 | 2026-02-06 | §21742112867 |
| Daily Observability Report for AWF Firewall and MCP Gateway | 21776183749 | 2026-02-07 | §21776183749 |
| Daily Observability Report for AWF Firewall and MCP Gateway | 21794150719 | 2026-02-08 | §21794150719 |
| Daily Observability Report for AWF Firewall and MCP Gateway | 21815889629 | 2026-02-09 | §21815889629 |
🔍 Telemetry Quality Analysis
Firewall Log Quality
- Total access.log entries analyzed: 16 (from 2/6 runs with parsed firewall analysis)
- Blocked requests: 11 (68.75%)
- Allowed requests: 5 (31.25%)
- Most accessed domains:
172.30.0.1,-(redacted)
Gateway Log Quality
gateway.jsonlnot present in any run; structured MCP telemetry unavailable.- Fallback artifacts present:
mcp-gateway.log,rpc-messages.jsonl,gateway.md.
Additional Telemetry Coverage
agent-stdio.log: 6/6 runsaw_info.json: 6/6 runs- Safe output logs (
outputs.jsonl): 4/6 runs
Recommended Actions
- Ensure MCP Gateway emits
gateway.jsonlfor all MCP-enabled runs; confirm artifact upload path and retention. - Investigate why firewall analysis is missing in 4/6 runs despite
access.logartifacts; ensure parser is executed and permissions allow access to sandbox logs. - Validate safe output logging for the two runs missing
outputs.jsonlto maintain auditability.
Context
- Analysis window: 2026-02-03 to 2026-02-10 UTC
- Runs analyzed: 6 (Daily Observability Report workflow only)
- Data limitations:
agenticworkflows/logstimed out when fetching all workflows; scope limited to runs successfully downloaded.
References: §21815889629 §21742112867 §21702422127
Note: This was intended to be a discussion, but discussions could not be created due to permissions issues. This issue was created as a fallback.
AI generated by Daily Observability Report for AWF Firewall and MCP Gateway
- expires on Feb 11, 2026, 7:28 AM UTC