You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Falcosidekick metrics priority does not match with the priority in the PrometheusRule.
Metrics are provided and scraped like following:
falco_events{priority="Critical",rule="Drop and execute new binary in container"} 1
But the prometheusrule expects the priority to be a number:
- alert: FalcoWarningEventsRateHighannotations:
description: A high rate of warning events are being detected by Falcosummary: Falco is experiencing high rate of warning eventsexpr: rate(falco_events{priority="4"}[5m]) > 0
To have a consistency between the labels of the falco and falcosidekick metrics, I changed the format of the value for the priority label, it will fix the issue you face. This issue comes the fact I copied/pasted the rules from the exported and forgot to change the format of the values.
To wait til the release of falcosidekick with these changes, I'm preparing a PR to change the values used in the current rules for their string versions.
Describe the bug
The Falcosidekick metrics priority does not match with the priority in the PrometheusRule.
Metrics are provided and scraped like following:
But the prometheusrule expects the priority to be a number:
With this combination, the rules will not work.
How to reproduce it
Here is the configuration we have
Expected behaviour
The prometheus rules should match the metrics provided by Falcosidekick.
Screenshots
Environment
The text was updated successfully, but these errors were encountered: