Technology
Why Cardinality Explosion is Always a Problem?
I examine the problems of cardinality explosion in metric systems, with storage, performance, and cost impacts, using examples from my own experience.
#observability
78 posts found.
Technology
Traced Logging vs. Metric-Based Monitoring: A Practical Comparison
Should I use Traced Logging or Metric-Based Monitoring when observing my systems? My field experiences reveal the differences and trade-offs of both approaches…
Career
Managing High Cardinality Metrics in 3 Steps: Cost vs. Detail
I'm discussing the costs associated with high cardinality metrics and practical ways to manage them. Balancing the level of detail and cost…
Tutorials
Sampling in Distributed Tracing: Worth the Risk of Losing Detail?
I examine sampling strategies in distributed tracing, balancing cost and detail loss based on my own experiences. Which approach works when?
Life
Observability: Metrics or Logs, Which is Truly Enough?
Find the balance between metrics and logs on your system observability journey. In which situations is each more effective? I analyze with my experience.
Technology
High Cardinality Metrics: Does the Benefit Outweigh the Cost?
Examining the impact of high cardinality metrics on system performance, cost analysis, and optimal usage scenarios.
Tutorials
SNMP or NetFlow in Network Monitoring: Why Does the Choice Remain
I delve into the unending debate between SNMP and NetFlow in network monitoring, drawing from my own experiences. I discuss when I chose which, the trade-offs.
Tutorials
Why Unstructured Logging Falls Short: My Field Experiences
I examine the problems of unstructured logging I've encountered in systems, the parsing nightmare, and real-time analysis challenges through my own experiences.
Career
RED Metrics: Are Comprehensive Implementations Necessary in Every
What RED metrics are, when they are needed, and whether they are always comprehensive...
Technology
Agent-Based vs. Agentless Monitoring: Make the Right Choice in 3 Steps
Determine which system monitoring method, agent-based or agentless, is right for you in 3 simple steps. A practical guide based on my experience.
Technology
Metrics and Trace Data: Fundamentals of Understanding System Issues
Mustafa Erbay shares his experiences on the importance, usage, and practical tips for metric and trace data to deeply understand system issues…
Career
Cardinality Explosion: Should Every Detail Really Be Observed? And
What is cardinality explosion in monitoring systems, why does it happen, and how does this situation affect both systems and an engineer's career? Practical...
Technology
Metric Collection: Push vs. Pull Models - When to Use Which?
A deep dive into Push and Pull models for collecting system and application metrics, exploring which is more suitable for different scenarios...
Career
Log Level Strategies: Detailed Monitoring or Minimum Noise?
Correctly setting log levels in our systems requires striking a critical balance between detailed monitoring and reducing unnecessary noise. This…
Career
Log Level Strategy: Is Debug Always Unnecessary?
Effective management of log levels is critical for system health and troubleshooting processes. In this article, we explore the necessity of the debug level.
Technology
Metric Cardinality: An Overlooked Performance Burden or a Developer
How does metric cardinality affect system performance? In this guide, we delve deep into overlooked burdens and developer mistakes.
Technology
RED Metrics Design: Service-Oriented or Workflow-Oriented?
Should RED metrics be designed based on services or workflows? This post explores the pros, cons, and best use cases for each approach.
Life
Log Level Strategies: Balancing Observability and Cost
Optimize system observability and control costs by setting the right log levels. A practical guide based on my experiences.
Life
Cardinality Management in Observability: 3 Ways to Reduce Costs
Discover 3 practical ways to solve high cardinality issues in your observability metrics and reduce costs. With real-world scenarios and concrete examples...
Technology
Structured vs Unstructured Logging: Observability Fundamentals
Exploring the differences, benefits, and real-world applications of storing system and application logs in structured (structured) or unstructured.
Tutorials
Logs vs. Metrics: Which is More Effective for Troubleshooting?
Explore the differences between logs and metrics for troubleshooting, their strengths and weaknesses, and when to use each in detail.
Technology
Application Log Levels: When to Use DEBUG and INFO?
The correct use of DEBUG and INFO log levels plays a critical role in debugging and optimizing system performance during application development. In this post.
Life
AI's Silent Mistakes: Hours Lost in My Side Project
I'm sharing my experiences with hidden mistakes in AI projects that unknowingly consume time and resources, based on my own side project.
Technology
Service Mesh Sidecar Overhead: A Hidden Performance Tax
I dig into the hidden performance costs of the service mesh sidecar pattern — resource consumption, latency, and operational cost — and how to reason about…
Tutorials
The Prometheus High Cardinality Crisis: A Silent Metric Invasion
A guide to understanding, detecting, and managing the high cardinality crisis in Prometheus. Optimize your metrics to keep system performance and costs under…
Career
Hidden Performance Issues in the Shadow of Service Mesh: For Your…
Beyond the advantages Service Mesh offers, the often-overlooked performance costs and how they reflect on a software engineer's career…
Life
Ghosts of Distributed Systems: The Team Stress of Intermittent Errors
An in-depth look at the nature of intermittent errors in distributed systems, the stress they place on teams, and strategies for dealing with these 'ghosts'...
Technology
Syslog on Network Devices: TLS, Buffering, and Log Storm
A model for turning syslog loss and log storm risk into a reliable log channel for incident/audit, using TLS/relay, disk-backed queue, and rate limiting.
Technology
Protecting Router & Switch Control Plane with CoPP/CPP…
A CoPP/CPP model that classifies and polices routing, management, and ICMP traffic on the router/switch control plane to reduce CPU exhaustion and adjacency…
Tutorials
Secure Network Device Monitoring with SNMPv3: Auth, Encryption, ACL
A guide to leaving SNMPv2c community strings behind and making network device monitoring secure and operable with SNMPv3 authPriv, views and ACLs.
Tutorials
Kubernetes API Server Audit Log: Policy and SIEM Pipeline
Collecting Kubernetes audit logs without drowning in noise: a practical approach to policy, retention, masking and SIEM correlation.
Technology
DoH/DoT/DoQ in Enterprise Networks: Policy and Visibility
A controlled-transition, telemetry, and runbook approach for enterprise policy and visibility in a world of encrypted DNS via DoH/DoT/DoQ.
Tutorials
Centralized Logging with systemd-journal-remote: mTLS and Retention
A practical setup and runbook for shipping journald logs over mTLS to a central collector — without adding agents — while running a disciplined disk budget…
Technology
Network Telemetry with IPFIX/NetFlow: A Pipeline for DDoS and Capacity
Build an operational telemetry pipeline by collecting and enriching IPFIX/NetFlow streams for DDoS triage, capacity planning, and anomaly detection.
Tutorials
Linux SoftIRQ Saturation and IRQ Affinity Runbook
Quick triage, measurement and safe tuning steps (ring, queue, IRQ, RPS) under packet drops, high softirq load and ksoftirqd pressure.
Tutorials
Designing a Telemetry Pipeline with OpenTelemetry Collector
Treating Collector not just as an agent but as a central telemetry backbone for sampling, redaction, routing and multi-destination delivery.
Tutorials
Centralized Logging with Windows Event Forwarding (WEF)
Subscriptions, health checks, and a triage runbook to centrally collect and validate security and operations signals in Windows domain environments using WEF.
Technology
Route Analytics with BGP BMP: Visibility and Incident Triage
Bring route leak, flap, and blackhole events down to minutes by combining BMP telemetry, route analytics, and an alarm model in a practical approach.
Technology
Time Synchronization in Critical Systems: NTP, PTP and Observability
An architectural, security-focused, and operational view of NTP/PTP for distributed systems where TLS, log correlation, and consistency depend on accurate time.
Technology
QUIC / HTTP/3: Security and Operations on Enterprise Networks
A practical approach to managing HTTP/3 traffic over UDP/443 without breaking security, visibility, or performance.
Tutorials
An NTS and NTP Hardening Runbook with chrony
A practical chrony runbook for enterprise servers covering secure NTP (NTS), access restrictions, verification commands, and alarm thresholds.
Technology
Change Brakes via Error Budget: Designing a Release Gate
How do I turn SLO and error-budget signals into a release gate that controls change without halting it? Field-tested thresholds and an operations flow.
Technology
IPv6 in Enterprise Networks: A Roadmap from Dual-Stack to IPv6-Only
A field-applicable plan for rolling out IPv6 not just as 'an address' but together with DNS, security, observability, and operational reflexes.
Technology
A Safe Experiment Plane for Chaos Engineering
Hypotheses, blast radius and automatic rollback guardrails so resilience tests don't turn into blind risks in production.
Career
Evidence Collection Kit and Roles During an Incident
An evidence set, time standard, role assignment, and practical checklist to break the panic-driven 'SSH into one server' reflex.
Tutorials
Cgroup v2 Memory Pressure Runbook with systemd-oomd
PSI, systemd-oomd policy, testing, and recovery steps to catch a node OOM crisis early and evict workloads in a controlled way.
Technology
Safe Version Migration in ERP Infrastructures via Transaction…
A transaction-shadowing approach for testing a new release inside critical ERP flows without producing live impact.
Tutorials
Sensitive-Data Masking Pipeline for Logs with Vector and VRL
A practical Vector and VRL based approach for cleaning sensitive fields out of a centralised log stream before they reach the destination.
Career
From Alert Fatigue to a Learning Loop — A Guide for Tech Leads
A leadership approach that ties alert noise to team learning, on-call health, and operational quality — instead of just shaving the count down.
Technology
Service Impact Analysis with a Dependency Graph on Enterprise…
An approach that turns architectural dependencies from a static diagram into readable impact analysis available before changes.
Tutorials
Multi-Point Service Health Monitoring with Blackbox Exporter
An installation guide that pushes a real reachability signal into Prometheus by running HTTP, TCP, and TLS checks from multiple network locations.
Tutorials
Tail Sampling Design in the OpenTelemetry Collector
A guide that explains how to set up tail sampling to lower cost on high-volume trace data while preserving the critical flows.
Technology
A Backbone Capacity Planning Model for Enterprise Networks
An architectural model that manages backbone capacity ahead of growth by reading underlay and service traffic together.
Tutorials
A Telemetry Filtering Layer with the OpenTelemetry Collector
A guide describing how to set up filtering and routing on the OpenTelemetry Collector to reduce unnecessary volume in metric, log, and trace flows.
Tutorials
Reliable Remote Log Transport with Rsyslog and RELP
An rsyslog and RELP-based setup that keeps critical logs intact through TCP drops as they ship to a central system.
Tutorials
Building a Link Latency Baseline with SmokePing
A SmokePing guide for making latency and jitter behaviour visible across branch, data center, and cloud connections.
Technology
An Observability Control Room for ERP Infrastructures
An observability control room approach that gathers ERP-adjacent critical flows not into a single pane but into a single operational language.
Tutorials
Tiered Log Retention with Grafana Loki
A cost-focused retention guide for designing hot, warm, and archive log tiers on Loki.
Tutorials
East-West Traffic Profiling with Suricata: A Practical Guide
A low-friction profiling approach with Suricata to make service-to-service traffic visible inside the data center.
Technology
Batch-Window-Free Workflow Architecture in ERP Infrastructures
An architectural approach that converts ERP processes tied to nightly batch windows into event-driven and observable flows.
Technology
A Telemetry Control Plane for Enterprise Observability
An architecture that manages telemetry cost and security through a central decision layer instead of scattered agents and pipelines.
Technology
Control Plane Decoupling Strategy in Enterprise Platforms
An architectural approach that separates the control plane from the product lifecycle as platform teams scale shared services.
Tutorials
Monitoring Time Drift on Servers with Chrony
A Chrony-based guide to making clock drift visible across distributed Linux servers and reducing operational risk.
Tutorials
Network Flow Observability with eBPF and SLO Correlation
An approach to monitoring network flows at the kernel level and correlating them with service latency and error budget signals.
Tutorials
Long-Term Metric Retention with Grafana Mimir
A practical guide to designing long-term metric retention in multi-tenant environments without hitting the Prometheus bottleneck.
Tutorials
Passive Health Checks for Internal Services with HAProxy
An HAProxy approach to catching internal service failures from real request flow without adding active probe traffic.
Tutorials
A Centralised Log Collection Pipeline with Vector
A practical Vector-based setup approach for collecting and routing application, syslog, and infrastructure logs through a single stream.
Tutorials
Agent Consolidation with Grafana Alloy
A Grafana Alloy based approach for unifying the chaos of node exporter, log agent, and telemetry collector into a single pipeline.
Technology
Telemetry Sampling Strategy for Enterprise SIEM
Telemetry sampling design principles for keeping log volume under control without losing security visibility.
Tutorials
Runtime Security Observation with Falco
A Falco-based setup guide for surfacing suspicious runtime behavior across Linux and Kubernetes environments.
Tutorials
A Centralized Log Routing Pipeline with Vector
A practical Vector-based setup for filtering, enriching, and routing scattered log streams to multiple destinations.
Technology
East-West Traffic Visibility Without a Service Mesh
An approach for making east-west traffic visible across microservice and VM-based environments without standing up a service mesh.
Tutorials
Observing Linux Network Flows with eBPF
A guide for tracking flows, latency, and connection behavior on Linux servers with eBPF without drowning in packet capture.
Tutorials
Designing Prometheus Alert Routing
A guide for building an Alertmanager routing model that reduces misdirected alerts and accelerates incident response.
Tutorials
End-to-End Observability Pipeline with OpenTelemetry
An OpenTelemetry-based observability architecture that brings metric, log and trace data into a single standard.
Technology
Observability Stack Design
A practical observability design that brings logs, metrics, and traces together into a single operational model.
Tutorials
Log Level Decisions: The Anatomy of DEBUG, INFO, and ERROR Strategies
Managing system and application log levels (DEBUG, INFO, ERROR) correctly is critical for troubleshooting and operational efficiency. In this guide, based on.
Technology
20 Lessons I Learned in Server Management
In my twenty-year journey in system administration, I learned much more than just technical knowledge. The most important lessons came from my mistakes, my.