login
acedergren

OCI Monitoring and Observability

by @acedergren in Data & Analytics
1
1
# Install this skill:
npx skills add acedergren/oci-agent-skills --skill "OCI Monitoring and Observability"

Install specific skill from multi-skill repository

# Description

Use when setting up metrics, alarms, or troubleshooting missing data in OCI Monitoring. Covers metric namespace confusion, alarm threshold gotchas, log collection setup, and common monitoring gaps. Keywords: metrics not showing, alarm not firing, oci_* namespace, metric query, service connector.

# SKILL.md

name: OCI Monitoring and Observability
description: Use when setting up metrics, alarms, or troubleshooting missing data in OCI Monitoring. Covers metric namespace confusion, alarm threshold gotchas, log collection setup, and common monitoring gaps. Keywords: metrics not showing, alarm not firing, oci_* namespace, metric query, service connector.
version: 2.0.0

OCI Monitoring and Observability - Expert Knowledge

πŸ—οΈ Use OCI Landing Zone Terraform Modules

Don't reinvent the wheel. Use oracle-terraform-modules/landing-zone for observability stack.

Landing Zone solves:
- ❌ Bad Practice #10: No logging, monitoring, notifications (Landing Zone deploys complete observability)
- ❌ Bad Practice #7: Limited security services (Landing Zone integrates Cloud Guard, VSS, OSMS)

This skill provides: Metrics, alarms, and troubleshooting for monitoring deployed WITHIN a Landing Zone.

⚠️ OCI CLI/API Knowledge Gap

You don't know OCI CLI commands or OCI API structure.

Your training data has limited and outdated knowledge of:
- OCI CLI syntax and parameters (updates monthly)
- OCI API endpoints and request/response formats
- Monitoring service CLI operations (oci monitoring alarm, oci monitoring metric)
- Metric namespaces and MQL (Monitoring Query Language)
- Latest Logging and Service Connector features

When OCI operations are needed:
1. Use exact CLI commands from this skill's references
2. Do NOT guess metric namespace names
3. Do NOT assume AWS CloudWatch patterns work in OCI
4. Load reference files for detailed MQL documentation

What you DO know:
- General observability concepts
- Alerting and threshold design principles
- Log aggregation patterns

This skill bridges the gap by providing current OCI-specific monitoring patterns and gotchas.

NEVER Do This

❌ NEVER assume metrics are instant (10-15 minute lag)
- Metrics published every 1-5 minutes
- Processing delay: 5-10 minutes
- Total lag: 10-15 minutes from event to visible metric
- Don't debug "missing metrics" within first 15 minutes of resource creation

❌ NEVER use = for alarm thresholds with sparse metrics

# WRONG - alarm never fires if metric has gaps
MetricName[1m].mean() = 0

# RIGHT - handle missing data
MetricName[1m]{dataMissing=zero}.mean() > 0

❌ NEVER forget metric dimensions (causes "no data")

# WRONG - missing required dimension
CPUUtilization[1m].mean()

# RIGHT - include resourceId dimension
CPUUtilization[1m]{resourceId="<instance-ocid>"}.mean()

❌ NEVER set alarm thresholds without trigger delay (alert fatigue)

# BAD - fires on every CPU spike
CPUUtilization[1m].mean() > 80

# BETTER - sustained high CPU
CPUUtilization[5m].mean() > 80
Trigger delay: 5 minutes (fires after 5 consecutive breaches)

❌ NEVER create alarms without notification channels

# WRONG - alarm fires but nobody knows
oci monitoring alarm create ... --destinations '[]'

# RIGHT - always link to notification topic
oci monitoring alarm create ... --destinations '["<notification-topic-ocid>"]'

Cost impact: Undetected outages cost $5,000-50,000/hour in production

❌ NEVER ignore Cloud Guard findings (security audit failure)
- Cloud Guard detects misconfigurations BEFORE they become incidents
- Integrate Cloud Guard β†’ Notifications β†’ Email/Slack/PagerDuty
- Cost impact: $100,000+ per security breach vs $0 for proactive remediation

Metric Namespace Gotchas

OCI Metrics Use Service-Specific Namespaces:

Service Namespace Example Metric
Compute oci_computeagent CPUUtilization, MemoryUtilization
Autonomous DB oci_autonomous_database CpuUtilization, StorageUtilization
Load Balancer oci_lbaas HttpRequests, UnHealthyBackendServers
Object Storage oci_objectstorage ObjectCount, BytesUploaded

Common Mistake: Using wrong namespace (oci_compute vs oci_computeagent)

Alarm Missing Data Handling

Setting Behavior Use When
treatMissingDataAsBreaching Alarm fires if no data Critical services (outage = breach)
treatMissingDataAsNotBreaching Alarm silent if no data Optional monitoring
{dataMissing=zero} Treat missing as 0 Counters (requests/sec)

Log Collection Common Gaps

Problem: Logs not showing in Log Analytics

Logs not appearing?
β”œβ”€ Is log enabled on resource?
β”‚  └─ Compute: oci-compute-agent must be running
β”‚  └─ Function: Logging enabled in function config
β”‚
β”œβ”€ Is Service Connector configured?
β”‚  └─ Source: Log Group β†’ Target: Log Analytics
β”‚  └─ Check: Service Connector status = ACTIVE
β”‚
β”œβ”€ IAM policy for Service Connector?
β”‚  └─ "Allow any-user to use log-content in tenancy"
β”‚  └─ "Allow service loganalytics to READ logcontent in tenancy"
β”‚
└─ 10-15 minute ingestion lag?
   └─ Wait before debugging

Metric Query Optimization

Expensive (slow):

# Queries ALL instances
CPUUtilization[1m].mean()

Optimized (filter by dimension):

# Query specific instance
CPUUtilization[1m]{resourceId='<instance-ocid>'}.mean()

Cost: Queries free, but rate limited (1000 req/min)

Progressive Loading References

OCI Monitoring Reference (Official Oracle Documentation)

WHEN TO LOAD oci-monitoring-reference.md:
- Need comprehensive list of all OCI service metrics
- Understanding MQL (Monitoring Query Language) in depth
- Implementing complex alarm conditions and composites
- Need official Oracle guidance on Logging and Service Connector
- Setting up Log Analytics and APM integration

Do NOT load for:
- Quick alarm setup (examples in this skill)
- Common metric patterns (tables above)
- Troubleshooting decision trees (covered above)

When to Use This Skill

  • Alarms: threshold configuration, missing data handling, trigger delay
  • Troubleshooting: metrics not showing, alarms not firing, namespace errors
  • Log collection: Service Connector, IAM policies, missing logs
  • Performance: query optimization, dimension filtering

# Related Skills

moltbot
apple-reminders @moltbot

Manage Apple Reminders via the `remindctl` CLI on macOS (list, add, edit, complete, delete)....

β˜… 65,001
moltbot
goplaces @moltbot

Query Google Places API (New) via the goplaces CLI for text search, place details, resolve, and...

β˜… 65,001
moltbot
notion @moltbot

Notion API for creating and managing pages, databases, and blocks.

β˜… 65,001
moltbot
things-mac @moltbot

Manage Things 3 via the `things` CLI on macOS (add/update projects+todos via URL scheme;...

β˜… 65,001

# Supported AI Coding Agents

This skill is compatible with the SKILL.md standard and works with all major AI coding agents:

⚑ Amp πŸš€ Antigravity πŸ€– Claude Code πŸ¦€ Clawdbot πŸ“ Codex ▢️ Cursor πŸ€– Droid πŸ’Ž Gemini CLI πŸ™ GitHub Copilot πŸͺΏ Goose πŸ“Š Kilo Code πŸ”§ Kiro CLI πŸ’» OpenCode 🦘 Roo Code 🌲 Trae πŸ„ Windsurf

Learn more about the SKILL.md standard and how to use these skills with your preferred AI coding agent.