33 lines
989 B
YAML
33 lines
989 B
YAML
groups:
|
|
- name: evidence-locker
|
|
rules:
|
|
- alert: EvidenceLockerRetentionDrift
|
|
expr: evidence_retention_days != 180
|
|
for: 10m
|
|
labels:
|
|
severity: warning
|
|
team: devops
|
|
annotations:
|
|
summary: "Evidence locker retention drift"
|
|
description: "Configured retention {{ $value }}d differs from target 180d."
|
|
|
|
- alert: EvidenceLockerWormDisabled
|
|
expr: evidence_worm_enabled == 0
|
|
for: 5m
|
|
labels:
|
|
severity: critical
|
|
team: devops
|
|
annotations:
|
|
summary: "WORM/immutability disabled"
|
|
description: "Evidence locker WORM not enabled."
|
|
|
|
- alert: EvidenceLockerBackupLag
|
|
expr: (time() - evidence_last_backup_seconds) > 3600
|
|
for: 10m
|
|
labels:
|
|
severity: warning
|
|
team: devops
|
|
annotations:
|
|
summary: "Evidence locker backup lag > 1h"
|
|
description: "Last backup older than 1 hour."
|