From 687d623a5289db6145b5b68fbbf9956527c6c491 Mon Sep 17 00:00:00 2001 From: sjat Date: Sat, 6 Jun 2026 07:04:26 +0200 Subject: [PATCH] CAPABILITIES: Loki decided + Alloy agent + security alerting (ADR-018) --- docs/CAPABILITIES.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/CAPABILITIES.md b/docs/CAPABILITIES.md index a4eda32..a149eb2 100644 --- a/docs/CAPABILITIES.md +++ b/docs/CAPABILITIES.md @@ -43,8 +43,9 @@ _(DHCP, firewall, mDNS reflection live on OPNsense — Ansible-managed, not cont | Capability | Candidate service(s) | Tier | Commitment | What it does | Notes / open | |---|---|---|---|---|---| | Metrics | Prometheus | P | planned | Time-series metrics + alert rules | TODO 3.6 | -| Logs | Loki | P | planned | Log aggregation | TODO 3.6 | -| Dashboards | Grafana | P | planned | Visualisation + alerting | TODO 3.6 | +| Logs | Loki (cluster all-logs + off-site security subset on `askari`) | P | core | Central log aggregation; a security subset ships write-only off-site (append-only) | **Decided (ADR-018)** | +| Log shipping agent | Grafana Alloy (in `base`) | P | core | Collects journald + container + security logs on every host; ships to Loki (ADR-018) | **Decided (ADR-018)** | +| Dashboards | Grafana | P | planned | Visualisation + alerting (incl. AIDE/`auditd`/`fail2ban`/Suricata + log-silence — ADR-018) | TODO 3.6 | | Uptime checks | Uptime Kuma | P | planned | Endpoint up/down checks | TODO 3.6 | | External watchdog | askari (Hetzner VPS) | P | core | Off-site monitoring that survives a homelab outage | ADR-007 | | Notify / alerting | ntfy · Matrix · email (multi-channel) | S | planned | Deliver alerts to the user across channels | TODO 9; Matrix homeserver in §8 |