End-to-End Watchdog Alerts
Even if you build the most reliable internal meta-monitoring infrastructure, something can still go wrong: the meta-monitoring setup might have a systematic error that causes it to break, the Alertmanager through which notifications are supposed to get delivered to you might be down, or your entire organization's network might be disconnected from the internet!
To help you catch these kinds of situations as a last resort, it's a good idea to set up a watchdog alert (also sometimes called a "dead man's switch", sentinel alert, beacon alert, or heartbeat alert) that helps you continuously test your entire alerting pipeline from beginning to end.
You can achieve this by:
Configuring an alerting rule that is always firing, e.g. using the PromQL expression vector(1), or simply 1 (the numeric value doesn't matter) to always produce a single output time series.
Configuring Alertmanager to route the resulting alert notification to an external service with a repeat interval of a only a few (x) minutes.
Configuring the external service to expect an incoming alert notification every x minutes (plus some slack time) or to send you an alert notification otherwise.
https://training.promlabs.com/training/monitoring-and-debugging-prometheus/metrics-based-meta-monitoring/end-to-end-watchdog-alerts/
Even if you build the most reliable internal meta-monitoring infrastructure, something can still go wrong: the meta-monitoring setup might have a systematic error that causes it to break, the Alertmanager through which notifications are supposed to get delivered to you might be down, or your entire organization's network might be disconnected from the internet!
To help you catch these kinds of situations as a last resort, it's a good idea to set up a watchdog alert (also sometimes called a "dead man's switch", sentinel alert, beacon alert, or heartbeat alert) that helps you continuously test your entire alerting pipeline from beginning to end.
You can achieve this by:
Configuring an alerting rule that is always firing, e.g. using the PromQL expression vector(1), or simply 1 (the numeric value doesn't matter) to always produce a single output time series.
Configuring Alertmanager to route the resulting alert notification to an external service with a repeat interval of a only a few (x) minutes.
Configuring the external service to expect an incoming alert notification every x minutes (plus some slack time) or to send you an alert notification otherwise.
https://training.promlabs.com/training/monitoring-and-debugging-prometheus/metrics-based-meta-monitoring/end-to-end-watchdog-alerts/
Promlabs
Monitoring and Debugging Prometheus
Learn Prometheus in the most effective way with online trainings by PromLabs
❤1👍1
FAANG is an acronym used in finance to refer to five of the most influential American technology companies: Meta (formerly Facebook), Amazon, Apple, Netflix, and Alphabet (formerly Google).
Forwarded from AMIR
این رو به پیشنهاد دوستی ضبط کردم. جنبه آموزشی نداره، بخشی از کاریه که این روزها خیلی خستهطور، بین کارها پیش میبرمش:
https://www.youtube.com/watch?v=u3aTpKRcXQQ
https://www.youtube.com/watch?v=u3aTpKRcXQQ
YouTube
building a noscripting language for kernel scheduler - using eBPF! 🐝
donation: https://www.coffeete.ir/amiremohamadi
this project is a prototype for ebpf-summit hackathon!
https://ebpf-summit-2025.devpost.com
this project is a prototype for ebpf-summit hackathon!
https://ebpf-summit-2025.devpost.com
Secure Secrets Management: Leveraging Laravel with HashiCorp Vault
https://github.com/digitlimit/vaulitfy/tree/main/app/Services/Vault
https://www.youtube.com/watch?v=bZdzxcJ0cUg
https://github.com/digitlimit/vaulitfy/tree/main/app/Services/Vault
https://www.youtube.com/watch?v=bZdzxcJ0cUg
Forwarded from Infrastructure Artists
خوشگایی که hashicorp vault دارین تو زیرساخت استفاده میکنید آپدیت کنید که بساط نشید
Vault and Vault Enterprise are vulnerable to an unauthenticated denial of service when processing JSON payloads.https://nvd.nist.gov/vuln/detail/CVE-2025-12044
See also: https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393
The Community edition needs upgrade to 1.20.3 and Vault Enterprise to 1.21.0, 1.20.5, 1.19.11, or 1.16.27.
Vault and Vault Enterprise are vulnerable to an unauthenticated denial of service when processing JSON payloads.https://nvd.nist.gov/vuln/detail/CVE-2025-12044
See also: https://discuss.hashicorp.com/t/hcsec-2025-24-vault-denial-of-service-though-complex-json-payloads/76393
The Community edition needs upgrade to 1.20.3 and Vault Enterprise to 1.21.0, 1.20.5, 1.19.11, or 1.16.27.
HashiCorp Discuss
HCSEC-2025-24 - Vault Denial of Service Though Complex JSON Payloads
Bulletin ID: HCSEC-2025-24 Affected Products / Versions: Vault Community Edition from 1.15.0 up to 1.20.4, fixed in 1.21.0. Vault Enterprise from 1.15.0 up to 1.20.4, 1.19.10, 1.18.15, and 1.16.26, fixed in 1.21.0, 1.20.5, 1.19.11, and 1.16.27 Publication…
❤1
https://www.chainguard.dev/unchained/secure-and-free-minio-chainguard-containers
https://images.chainguard.dev/directory/image/minio/overview
https://images.chainguard.dev/directory/image/minio-client/overview
https://www.minimus.io/post/minio-docker-image-changes-how-to-find-a-secure-minio-alternative
https://images.chainguard.dev/directory/image/minio/overview
https://images.chainguard.dev/directory/image/minio-client/overview
https://www.minimus.io/post/minio-docker-image-changes-how-to-find-a-secure-minio-alternative
www.chainguard.dev
Secure and Free MinIO Chainguard Containers
MinIO pulled its free images—but Chainguard has you covered. Get zero-CVE, continuously built MinIO and MinIO Client containers, free and secure from Chainguard.
👍2