git.stella-ops.org/ops/devops/vuln/alerts.yaml

# Alert rules for Vuln Explorer (DEVOPS-VULN-29-002/003)
apiVersion: 1
groups:
- name: vuln-explorer
  rules:
  - alert: vuln_api_latency_p95_gt_300ms
    expr: histogram_quantile(0.95, rate(http_request_duration_seconds_bucket{service="vuln-explorer",path=~"/findings.*"}[5m])) > 0.3
    for: 5m
    labels:
      severity: page
    annotations:
      summary: Vuln Explorer API p95 latency high
      description: p95 latency for /findings exceeds 300ms for 5m.
  - alert: vuln_projection_lag_gt_60s
    expr: vuln_projection_lag_seconds > 60
    for: 5m
    labels:
      severity: page
    annotations:
      summary: Vuln projection lag exceeds 60s
      description: Ledger projector lag is above 60s.
  - alert: vuln_projection_error_rate_gt_1pct
    expr: rate(vuln_projection_errors_total[5m]) / rate(vuln_projection_runs_total[5m]) > 0.01
    for: 5m
    labels:
      severity: page
    annotations:
      summary: Vuln projector error rate >1%
      description: Projection errors exceed 1% over 5m.
  - alert: vuln_query_budget_enforced_gt_50_per_min
    expr: rate(vuln_query_budget_enforced_total[1m]) > 50
    for: 5m
    labels:
      severity: warn
    annotations:
      summary: Query budget enforcement high
      description: Budget enforcement is firing more than 50/min.