Operations | Monitoring | ITSM | DevOps | Cloud

Your dataset has hundreds of attributes. Some are self-explanatory: http.response.status_code, server.address. Others are not: meta.refinery.reason, dataset.slug, sli.latency_target_ms. If you don't know what an attribute means, you can't write a good query. And if an AI agent doesn't know what it means, it guesses.

Alert fatigue solutions have never been better, but on-call engineers are still burning out. Threshold tuning, AI triage, and alert correlation reduce the noise, but every alert that clears filtering lands with the same incomplete telemetry and triggers the same manual investigation cycle. This post explains why the evidence gap survives every fix, and how runtime context changes that.

Modern distributed systems fail in ways that can bypass even well-designed isolation patterns. When a failure is actively propagating across services at four in the morning, the question shifts from “how do we limit the blast radius” to “how do we confirm what it actually is.” Monitoring shows which services are in the impact zone, but it cannot show what code path caused the failure to spread, or whether it has stopped.

TL;DR: Attribute. More information on one event gives us more correlation power. It’s also cheaper. When you want to add some information to your tracing telemetry, you could emit a log, create a span, or add a piece of data to your current span. Adding a piece of data to your current span is the best! Usually.

There’s a new question teams are asking. How can we prevent AI agents from deleting production. When Cursor deleted PocketOS’s entire production database in nine seconds, the agent wasn’t malfunctioning. It had full technical capability, but it was inferring operational authority from static code rather than live environment state. That gap between capability and context is the root cause. This article breaks down exactly how that happens, and what runtime visibility does to stop it.

In the world of observability, “cardinality” has become a heavy word. It is a ghost used to justify skyrocketing bills or degraded query performance. When cardinality rises, the advice is almost always the same: reduce it. Drop your labels, or reduce the dimensions. It is usually framed as “optimization.” Every label you add to a metric is a dimension of knowledge. Each one gives you a way to slice, compare, and explain the chaos of production.

This article is a high-level overview of the Coralogix CLI. For a deeper look at how it works in practice, read the full technical deep dive here. Agent-driven investigation sounds simple: read the alert, query the data, return the cause. In reality, most agents either overload their context window with raw logs or guess at queries and return incorrect results.

Industry-leading observability experts provide strategic guidance on why and how modern IT teams are successfully moving beyond SolarWinds to more resilient, cloud-native platforms. IT teams running SolarWinds often know the pain points well before they start evaluating alternatives: separate modules for different monitoring needs, a self-hosted deployment model that requires ongoing maintenance, and pricing that gets harder to predict after each acquisition.