Page MenuHomePhabricator
Create Task
Maniphest T187101

Setup some alert mechanism when some 'critical' cron jobs fail
Open, MediumPublic
Actions

Description

I noticed that on T187053: Setup puppet cron to delete old data daily the script we use to purge old afl_ip data from the abuse log to comply with the WMF privacy policy and the data retention policy broke in 2016 and it was not until today that we noticed that when we were working on making some of that data avalaible per T160357: Allow those with CheckUser right to access AbuseLog private information on WMF projects. This means WMF has been inadvertently collecting private data for more than 90 days. To avoid that in the future, please configure the purge_abusefilter and the purge_checkuser mediawiki cron jobs to email someone to let them know when the script has crashed, not run for some reason, etc. Please also expand this practice to any other maintenance script which could be tagged as 'critical' by its function. Thanks.

Related Objects

Event Timeline

MarcoAurelio created this task.Feb 12 2018, 6:17 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 12 2018, 6:17 PM
MarcoAurelio mentioned this in T187078: Re-consider ` >/dev/null 2>&1` as output of many cron'd MW maintenance scripts.Feb 12 2018, 10:22 PM
fgiunchedi triaged this task as Medium priority.Feb 13 2018, 11:23 AM
fgiunchedi subscribed.

I agree with the general sentiment/idea, though implementation wise we should be going through icinga alerts or phab tasks and not emails.

MarcoAurelio added a comment.Feb 13 2018, 11:44 AM

icinga alerts or phab tasks works for me as well

Phabricator_maintenance moved this task from Backlog to Acknowledged on the SRE board.Jan 26 2019, 9:46 PM
Aklapper added a project: Infrastructure-Foundations.Jun 21 2021, 9:00 PM
MarcoAurelio mentioned this in T285896: Ingest logs from scheduled maintenance scripts at WMF in Logstash.May 11 2023, 9:56 PM
Novem_Linguae subscribed.May 12 2023, 5:23 AM
jbond edited projects, added Observability-Alerting; removed Infrastructure-Foundations, Puppet.Jul 17 2023, 3:33 PM
jbond subscribed.

Im not sure if this is still valid however i have removed the puppet tag as this would be better done in the alertmanager repo now

lmata moved this task from Inbox to Backlog on the Observability-Alerting board.Jul 18 2023, 5:14 PM
lmata subscribed.

Understood, we will make a note of it in our backlog and carefully evaluate it when the opportunity arises

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy