<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<div class="moz-cite-prefix">It'd still be good to have that exposed
as a metric, since:</div>
<div class="moz-cite-prefix">
<ul>
<li>that way you don't have to wait to make the mistake (or to
find the logs from someone else's mistake) in order to wrap
alerting around it</li>
<li>the metric's more or less the metric forever-ish, while it
seems more likely that a well-intentioned phrasing change in
one of the logs could screw up whatever pattern's being used
to match it</li>
<li>I personally think that the metric is somehow more in my
face than the logs (e.g., "oh look, I dumped the metrics with
a curl/wget and that looks very much like a counter we need to
wrap something around" 😁)</li>
<li>for those living in the Prometheus/Grafana/Loki ecosystem,
it may be a bit easier to just run a copy of the BIND exporter
(<a class="moz-txt-link-freetext" href="https://github.com/prometheus-community/bind_exporter">https://github.com/prometheus-community/bind_exporter</a>) than
to make sure that all the logs are getting scraped
appropriately and the path to get them into Loki works and
keeps working all the time -- it being easier to generate a
no-data alert for a metric than it is to say "this log message
we never get, we still haven't gotten it"<br>
</li>
</ul>
<p>And yes, I recognize that "well, Steve, the code's right over
here, go to it" is a valid argument.</p>
<p> -Steve<br>
</p>
</div>
<div class="moz-cite-prefix">On 11/3/2023 6:09 AM, Vladimír Čunát
via dns-operations wrote:<br>
</div>
<blockquote type="cite"
cite="mid:mailman.2350.1699006151.28592.dns-operations@lists.dns-oarc.net">
<p>My understanding is that in this case the signer was producing
loud syslog warnings immediately when the issue happened (i.e.
long before validation could fail).</p>
</blockquote>
<p><br>
</p>
</body>
</html>