Issif
commented
2 months ago This issue has been fixed in the PR #643 but the dependency to Falcosidekick hasn't been updated in the Falco chart.yaml. Do you feel confident to propose the PR yourself?
Closed ashtongraves closed 2 months ago
Issif
commented
2 months ago This issue has been fixed in the PR #643 but the dependency to Falcosidekick hasn't been updated in the Falco chart.yaml. Do you feel confident to propose the PR yourself?
ashtongraves
commented
2 months ago This issue has been fixed in the PR #643 but the dependency to Falcosidekick hasn't been updated in the Falco chart.yaml. Do you feel confident to propose the PR yourself?
Sorry thought I replied. But that PR just fixes one of two issues preventing me from installing the prometheus rule. So yes fixing the duplicate prometheus rule name is one issue, the other I'm having is with the query erroring out on prometheus. I don't believe that one is fixed yet, unless it's some prometheus version issue or something.
Issif
commented
2 months ago We'll fix that, thanks for the notice.
ArnaudCHT
commented
2 months ago Hello, this PR should fix the problem :
ashtongraves
commented
1 month ago Hello, this PR should fix the problem :
670
Thank you!
This is for the falcosidekick prometheus rules. Prometheus doesn't like the query you have for the FalcoErrorOutputEventsRateHigh alert.
When I run this in my prometheus instance I get:
Error executing query: invalid parameter "query": 1:48: parse error: unexpected <by>I'm running Prometheus 2.45.0
How to reproduce it
Run
rate(falcosidekick_output{status="error"}[5m]) by (destination) > 0in prometheusExpected behaviour
I expect it to run the query without error
Environment
I'm running via the sidekick chart bundled with the falco chart.
Prometheus 2.45.0
Additional context