Settings & Configuration

Help
Tag Rules

Create auto-tagging rules to automatically label logs, traces, errors, AI, and RUM records based on content, severity, service name, or attribute values. Tags are stored alongside records and can be used for filtering, grouping, and anomaly detection. For consistency, each record keeps one effective value per tag key.

0 rules Manage Tag Rules
Metrics Anomaly Rules

Configure threshold and composite anomaly detection rules for derived signals and OTEL metrics. Rules fire warning or critical states that surface in the Metrics view and can be correlated with tag-based filtering.

10 rules Manage Anomaly Rules
Custom Dashboards

Build and manage custom dashboards using the chart editor. Dashboards support time series, heatmaps, box plots, anomaly overlays, and more โ€” all powered by SQL queries against your telemetry data.

Manage Dashboards
AI Assistant

Configure an OpenAI-compatible LLM endpoint to power the in-app AI helper widget. The helper is contextually aware of the page you are viewing and can answer questions, suggest SQL queries, and help troubleshoot observability data. Supports custom system prompts, a configurable guard model for safety, and any OpenAI-compatible API.

Not configured Configure AI
Automated Agent Flows

Set up rules that automatically trigger an AI agent flow when anomaly rules fire or tag rules match. The agent performs root-cause analysis, suggests fixes, and can optionally create a GitHub issue assigned to Copilot. Rate-limiting, guard model checks, and optional DLP scanning ensure safe and controlled automation.

0 rules Manage Agent Rules
Notifications & Webhooks

Configure outbound notification channels (Slack, webhook, email, browser push) and define custom alerting rules based on signal thresholds and anomaly conditions. Rules support AND/OR composition and configurable cooldowns to prevent alert fatigue.

0 channels ยท 0 rules Manage Notifications
Output Masking

Manage the shared display-layer masking rules used by observability views, replay JSON previews, selected OTEL JSON APIs, notifications, and GitHub issue creation. Default rules stay active; add custom keys or regex patterns here when your environment has additional secrets or identifiers that should never be shown verbatim.

0 custom keys ยท 0 custom patterns Manage Masking
Enrichment

Configure IP geo-lookup (geoip2fast, MIT license, local DB โ€” no external API calls) and daily CVE scanning (OSV.dev, Apache 2.0, free). Library versions are auto-detected from OTEL telemetry.sdk.* attributes. Findings are stored in sobs_cve_findings and shown on the Web Traffic page.

Configure Enrichment
GitHub Repositories

Single source of truth for repository URLs and tracked releases used by CVE GitHub backfill and version-scoped repo health. Configure repos once here for all enrichment workflows.

Manage Repositories
Kubernetes Health View

Display Kubernetes health from OTEL tables only. Designed for in-cluster OpenTelemetry collector deployments (deployment + daemonset) and migration-compatible OTEL schema usage. Off by default.

Disabled Configure Kubernetes
Data Management

Configure ClickHouse TTL for automatic data expiration, schedule full and incremental S3 backups (with optional encryption), restore from previous backups, and couple TTL windows with backup cycles to ensure expired data always has a backup.

Backup disabled Configure Data Management
MCP (Copilot Access)

Expose SOBS observability data (logs, traces, metrics) to GitHub Copilot Agent and VS Code Copilot via the Model Context Protocol. Generate API keys, enable or disable the MCP server, and view available tools that AI agents can call.

MCP Configure MCP
Data Model & OTEL Compatibility

SOBS stores core telemetry in OTEL-aligned tables and adds a small set of custom rule/derived tables and views for product behavior (anomaly detection, derived signals, and curated query surfaces).

Core OTEL-Aligned Tables
  • otel_logs - logs and log-derived events
  • otel_traces - distributed spans (including AI spans)
  • otel_metrics_gauge/sum/histogram - metric point storage
  • hyperdx_sessions - RUM session events
Custom SOBS Data Layer
  • sobs_anomaly_rules - rule definitions
  • sobs_raw_windows - signal windows for analysis
  • otel_metrics_1m_agg and v_otel_metrics_1m - 1-minute metric rollups
  • v_derived_signals_1m and v_derived_signals_anomaly - derived signal views
Runtime Query Allowlist (authoritative)

Query/Table Explorer access is constrained to this runtime list from _QUERY_ALLOWED_TABLES plus operator extensions from SOBS_QUERY_ALLOWED_TABLES.

  • hyperdx_sessions table
  • otel_logs table
  • otel_metrics_1m_agg table
  • otel_metrics_gauge table
  • otel_metrics_gauge_pinned table
  • otel_metrics_histogram table
  • otel_metrics_histogram_pinned table
  • otel_metrics_sum table
  • otel_metrics_sum_pinned table
  • otel_traces table
  • sobs_anomaly_rules table
  • sobs_raw_windows table
  • v_derived_signals_1m view
  • v_derived_signals_anomaly view
  • v_otel_metrics_1m view
  • v_otel_metrics_anomaly view
  • v_otel_metrics_dedup view
  • v_otel_metrics_signal_context view

Metadata reads against system.tables and system.columns are also permitted for schema discovery.