Goal

• List of meta-data available in alerts
• Categorize alerts based on the  associated resources and meta-data

• For each category propose correlation rules to identify relevant
  • logs
  • metrics
  • traces
  • k8s events

Look for a small set of general-purpose rules. Types of correlation will likelyl include:

• Time window
• Origin resources (pod, namespace, deployment,  node, cluster etc.)
• Direct correlations: e.g. Trace-IDs found in log messages.
• Owner: tenant, k8s labels, ownership metadata.
• Application type: k8s labels, namespaces

Provide detailed walk-throughs of a few example alerts, describing the data the user would want to see.