Spaces:
Running
Running
| # 🛡️ AntiScam AI Pro - Reglas de Alertas | |
| # Configuración de alertas para monitoreo proactivo | |
| groups: | |
| - name: antiscam_ai_alerts | |
| rules: | |
| # Aplicación no disponible | |
| - alert: AntiScamAIDown | |
| expr: up{job="antiscam-ai"} == 0 | |
| for: 1m | |
| labels: | |
| severity: critical | |
| service: antiscam-ai | |
| annotations: | |
| summary: "AntiScam AI está caído" | |
| description: "La aplicación AntiScam AI no responde desde hace {{ $value }} minutos." | |
| # Alto uso de CPU | |
| - alert: HighCPUUsage | |
| expr: 100 - (avg by(instance) (irate(node_cpu_seconds_total{mode="idle"}[5m])) * 100) > 80 | |
| for: 5m | |
| labels: | |
| severity: warning | |
| service: system | |
| annotations: | |
| summary: "Alto uso de CPU" | |
| description: "CPU usage está en {{ $value }}% en {{ $labels.instance }}" | |
| # Alto uso de memoria | |
| - alert: HighMemoryUsage | |
| expr: (node_memory_MemTotal_bytes - node_memory_MemAvailable_bytes) / node_memory_MemTotal_bytes * 100 > 85 | |
| for: 5m | |
| labels: | |
| severity: warning | |
| service: system | |
| annotations: | |
| summary: "Alto uso de memoria" | |
| description: "Memoria usage está en {{ $value }}% en {{ $labels.instance }}" | |
| # Poco espacio en disco | |
| - alert: LowDiskSpace | |
| expr: node_filesystem_avail_bytes{mountpoint="/"} / node_filesystem_size_bytes{mountpoint="/"} * 100 < 10 | |
| for: 5m | |
| labels: | |
| severity: critical | |
| service: system | |
| annotations: | |
| summary: "Poco espacio en disco" | |
| description: "Solo queda {{ $value }}% de espacio libre en {{ $labels.instance }}" | |
| # Base de datos no disponible | |
| - alert: PostgreSQLDown | |
| expr: up{job="postgres"} == 0 | |
| for: 1m | |
| labels: | |
| severity: critical | |
| service: database | |
| annotations: | |
| summary: "PostgreSQL está caído" | |
| description: "La base de datos PostgreSQL no está disponible" | |
| # Redis no disponible | |
| - alert: RedisDown | |
| expr: up{job="redis"} == 0 | |
| for: 1m | |
| labels: | |
| severity: warning | |
| service: cache | |
| annotations: | |
| summary: "Redis está caído" | |
| description: "El servicio Redis no está disponible" | |
| # Alto número de errores HTTP | |
| - alert: HighErrorRate | |
| expr: rate(http_requests_total{status=~"5.."}[5m]) > 0.1 | |
| for: 2m | |
| labels: | |
| severity: warning | |
| service: antiscam-ai | |
| annotations: | |
| summary: "Alta tasa de errores HTTP" | |
| description: "Tasa de errores 5xx es {{ $value }} req/sec" | |
| # Tiempo de respuesta alto | |
| - alert: HighResponseTime | |
| expr: histogram_quantile(0.95, rate(http_request_duration_seconds_bucket[5m])) > 2 | |
| for: 3m | |
| labels: | |
| severity: warning | |
| service: antiscam-ai | |
| annotations: | |
| summary: "Tiempo de respuesta alto" | |
| description: "P95 de tiempo de respuesta es {{ $value }}s" | |
| # Muchos análisis fallidos | |
| - alert: HighAnalysisFailureRate | |
| expr: rate(analysis_failures_total[5m]) > 0.05 | |
| for: 2m | |
| labels: | |
| severity: warning | |
| service: antiscam-ai | |
| annotations: | |
| summary: "Alta tasa de fallos en análisis" | |
| description: "Tasa de fallos en análisis es {{ $value }} fallos/sec" | |
| # Carga de usuarios muy alta | |
| - alert: HighUserLoad | |
| expr: active_users > 1000 | |
| for: 5m | |
| labels: | |
| severity: info | |
| service: antiscam-ai | |
| annotations: | |
| summary: "Carga alta de usuarios" | |
| description: "{{ $value }} usuarios activos actualmente" | |
| - name: security_alerts | |
| rules: | |
| # Intentos de login fallidos | |
| - alert: HighFailedLogins | |
| expr: rate(failed_login_attempts_total[5m]) > 5 | |
| for: 2m | |
| labels: | |
| severity: warning | |
| service: security | |
| annotations: | |
| summary: "Muchos intentos de login fallidos" | |
| description: "{{ $value }} intentos de login fallidos por segundo" | |
| # Actividad sospechosa de IPs | |
| - alert: SuspiciousIPActivity | |
| expr: rate(suspicious_requests_total[5m]) > 10 | |
| for: 1m | |
| labels: | |
| severity: critical | |
| service: security | |
| annotations: | |
| summary: "Actividad sospechosa detectada" | |
| description: "{{ $value }} requests sospechosos por segundo desde IP {{ $labels.ip }}" | |
| - name: business_alerts | |
| rules: | |
| # Pocos registros de usuarios | |
| - alert: LowUserRegistrations | |
| expr: rate(user_registrations_total[1h]) < 0.01 | |
| for: 30m | |
| labels: | |
| severity: info | |
| service: business | |
| annotations: | |
| summary: "Pocos registros de usuarios" | |
| description: "Solo {{ $value }} registros por hora en la última hora" | |
| # Muchas cancelaciones de suscripción | |
| - alert: HighSubscriptionCancellations | |
| expr: rate(subscription_cancellations_total[1h]) > 0.1 | |
| for: 15m | |
| labels: | |
| severity: warning | |
| service: business | |
| annotations: | |
| summary: "Muchas cancelaciones de suscripción" | |
| description: "{{ $value }} cancelaciones por hora" |