[observability] Observability Coverage Report - 2026-02-21

[github-actions[bot]]

Executive Summary

Analyzed 32 workflow runs from 2026-02-14 to 2026-02-21. Firewall observability is partially healthy: 28 runs had firewall enabled and 20 of those included access.log artifacts (71.4% coverage). Eight firewall-enabled runs are missing access.log, which is a critical gap for debugging egress failures.

MCP gateway observability is currently non-compliant with the expected artifact name. All 20 MCP-enabled runs are missing gateway.jsonl, even though mcp-logs/rpc-messages.jsonl is present in every case. This looks like a naming/packaging mismatch rather than a total absence of gateway telemetry, but it still violates the required artifact contract.

Note: The mcp-logs/ and sandbox/ directories are not readable from this environment. Presence/absence checks rely on run_summary.json artifact listings and the aggregated firewall metrics there.

Key Alerts and Anomalies

🔴 Critical Issues:

• Missing access.log in 8 firewall-enabled runs: Issue Monster (7 runs) and PR Triage Agent (1 run). See details below.
• Missing gateway.jsonl in all 20 MCP-enabled runs (100% miss rate). rpc-messages.jsonl is present in all 20, indicating a likely artifact naming mismatch.

⚠️ Warnings:

• mcp-logs/ and sandbox/ directories are not readable, preventing JSONL field validation and entry counts.

Coverage Summary

Component	Runs Analyzed	Logs Present	Coverage	Status
AWF Firewall (access.log)	28	20	71.4%	⚠️
MCP Gateway (gateway.jsonl)	20	0	0%	🔴
MCP Gateway (rpc-messages.jsonl)	20	20	100%	⚠️

📋 Detailed Run Analysis

Firewall-Enabled Runs

Workflow	Run ID	access.log	Status
Smoke Multi PR	§22248465878	✅	✅
GPL Dependency Cleaner (gpclean)	§22248535522	✅	✅
Smoke Multi PR	§22248592522	✅	✅
Multi-Device Docs Tester	§22248711109	✅	✅
jsweep - JavaScript Unbloater	§22249134471	✅	✅
Example: Custom Error Patterns	§22249172412	✅	✅
Auto-Triage Issues	§22249172403	✅	✅
Auto-Triage Issues	§22249177190	✅	✅
Duplicate Code Detector	§22249812816	✅	✅
AI Moderator	§22249915205	✅	✅
Daily Documentation Updater	§22250109792	✅	✅
Issue Monster	§22250109958	❌	🔴
Chroma Issue Indexer	§22250383493	✅	✅
Plan Command	§22250644803	✅	✅
Copilot PR Prompt Pattern Analysis	§22250675243	✅	✅
Issue Monster	§22250719656	❌	🔴
GitHub Remote MCP Authentication Test	§22250771740	✅	✅
Daily Safe Outputs Conformance Checker	§22250818082	✅	✅
Smoke Agent	§22250852030	✅	✅
Contribution Check	§22250939147	✅	✅
Issue Monster	§22251099084	❌	🔴
Issue Monster	§22251417985	❌	🔴
PR Triage Agent	§22251839006	❌	🔴
Issue Monster	§22251881208	❌	🔴
Auto-Triage Issues	§22251923034	✅	✅
Issue Monster	§22252258732	❌	🔴
Issue Monster	§22252647907	❌	🔴
Workflow Health Manager - Meta-Orchestrator	§22252687126	✅	✅

Missing Firewall Logs (access.log)

Workflow	Run ID	Date	Link
Issue Monster	22250109958	2026-02-21	§22250109958
Issue Monster	22250719656	2026-02-21	§22250719656
Issue Monster	22251099084	2026-02-21	§22251099084
Issue Monster	22251417985	2026-02-21	§22251417985
PR Triage Agent	22251839006	2026-02-21	§22251839006
Issue Monster	22251881208	2026-02-21	§22251881208
Issue Monster	22252258732	2026-02-21	§22252258732
Issue Monster	22252647907	2026-02-21	§22252647907

MCP-Enabled Runs

Workflow	Run ID	gateway.jsonl	rpc-messages.jsonl	Status
Smoke Multi PR	§22248465878	❌	✅	🔴
GPL Dependency Cleaner (gpclean)	§22248535522	❌	✅	🔴
Smoke Multi PR	§22248592522	❌	✅	🔴
Multi-Device Docs Tester	§22248711109	❌	✅	🔴
jsweep - JavaScript Unbloater	§22249134471	❌	✅	🔴
Example: Custom Error Patterns	§22249172412	❌	✅	🔴
Auto-Triage Issues	§22249172403	❌	✅	🔴
Auto-Triage Issues	§22249177190	❌	✅	🔴
Duplicate Code Detector	§22249812816	❌	✅	🔴
AI Moderator	§22249915205	❌	✅	🔴
Daily Documentation Updater	§22250109792	❌	✅	🔴
Chroma Issue Indexer	§22250383493	❌	✅	🔴
Plan Command	§22250644803	❌	✅	🔴
Copilot PR Prompt Pattern Analysis	§22250675243	❌	✅	🔴
GitHub Remote MCP Authentication Test	§22250771740	❌	✅	🔴
Daily Safe Outputs Conformance Checker	§22250818082	❌	✅	🔴
Smoke Agent	§22250852030	❌	✅	🔴
Contribution Check	§22250939147	❌	✅	🔴
Auto-Triage Issues	§22251923034	❌	✅	🔴
Workflow Health Manager - Meta-Orchestrator	§22252687126	❌	✅	🔴

Missing Gateway Logs (gateway.jsonl)

Workflow	Run ID	Date	Link
Smoke Multi PR	22248465878	2026-02-21	§22248465878
GPL Dependency Cleaner (gpclean)	22248535522	2026-02-21	§22248535522
Smoke Multi PR	22248592522	2026-02-21	§22248592522
Multi-Device Docs Tester	22248711109	2026-02-21	§22248711109
jsweep - JavaScript Unbloater	22249134471	2026-02-21	§22249134471
Example: Custom Error Patterns	22249172412	2026-02-21	§22249172412
Auto-Triage Issues	22249172403	2026-02-21	§22249172403
Auto-Triage Issues	22249177190	2026-02-21	§22249177190
Duplicate Code Detector	22249812816	2026-02-21	§22249812816
AI Moderator	22249915205	2026-02-21	§22249915205
Daily Documentation Updater	22250109792	2026-02-21	§22250109792
Chroma Issue Indexer	22250383493	2026-02-21	§22250383493
Plan Command	22250644803	2026-02-21	§22250644803
Copilot PR Prompt Pattern Analysis	22250675243	2026-02-21	§22250675243
GitHub Remote MCP Authentication Test	22250771740	2026-02-21	§22250771740
Daily Safe Outputs Conformance Checker	22250818082	2026-02-21	§22250818082
Smoke Agent	22250852030	2026-02-21	§22250852030
Contribution Check	22250939147	2026-02-21	§22250939147
Auto-Triage Issues	22251923034	2026-02-21	§22251923034
Workflow Health Manager - Meta-Orchestrator	22252687126	2026-02-21	§22252687126

🔍 Telemetry Quality Analysis

Firewall Log Quality

• Total requests logged: 1,613
• Allowed requests: 800
• Blocked requests: 813
• Most accessed domains: - (781 blocked), api.githubcopilot.com:443 (551 allowed), api.anthropic.com:443 (200 allowed), proxy.golang.org:443 (25 total), api.openai.com:443 (24 allowed)
• Redacted domains: 3 (evil.com, example.com, files.com)

Gateway Log Quality

• gateway.jsonl not present in any MCP-enabled run, so JSONL schema validation and entry counts could not be computed.
• mcp-logs/rpc-messages.jsonl is present in all MCP-enabled runs, but directory permissions prevented direct parsing.

Healthy Runs Summary

• 20 runs show complete firewall artifacts and MCP rpc logs, but none include gateway.jsonl as currently required.

Recommended Actions

1. Restore access.log artifact collection for Issue Monster and PR Triage Agent runs; confirm the sandbox firewall logs directory is captured on failure paths.
2. Standardize MCP gateway log artifact naming. Either emit gateway.jsonl or update the reporting contract to accept rpc-messages.jsonl as the canonical file.
3. Adjust log export permissions for mcp-logs/ and sandbox/ so automated analysis can validate JSONL schema quality and count entries.

---

Report generated automatically by the Daily Observability Report workflow
Analysis window: 2026-02-14 to 2026-02-21 | Runs analyzed: 32

References: §22252647907, §22251839006, §22251923034

AI generated by Daily Observability Report for AWF Firewall and MCP Gateway

• expires on Feb 22, 2026, 7:49 AM UTC

[github-actions[bot]]

This discussion was automatically closed because it expired on 2026-02-22T07:49:08.541Z.

Closed by Workflow