The Falcosidekick metrics priority does not match with the priority in the PrometheusRule.
Metrics are provided and scraped like following:
falco_events{priority="Critical",rule="Drop and execute new binary in container"} 1
But the prometheusrule expects the priority to be a number:
- alert: FalcoWarningEventsRateHigh
annotations:
description: A high rate of warning events are being detected by Falco
summary: Falco is experiencing high rate of warning events
expr: rate(falco_events{priority="4"}[5m]) > 0
Describe the bug
The Falcosidekick metrics priority does not match with the priority in the PrometheusRule. Metrics are provided and scraped like following:
But the prometheusrule expects the priority to be a number:
With this combination, the rules will not work.
How to reproduce it
Here is the configuration we have
Expected behaviour
The prometheus rules should match the metrics provided by Falcosidekick.
Screenshots
Environment