| Category | Signal | Typical action |
|---|---|---|
| Duplicate fields | The same value appears in multiple fields. | Remove duplicate fields. |
| Accidental debug statements | Temporary debugging messages shipped to production. | Remove the statement in code or drop the matching event. |
| Malformed data | Binary, corrupted, or unparseable log payloads. | Drop malformed events. |
| Health checks | Successful readiness, liveness, or synthetic monitor requests. | Drop successful probe logs. |
| Bot traffic | Requests from known crawlers, scanners, and unfurlers. | Drop or sample matching bot request logs. |
| Instrumentation bloat | SDK, agent, collector, or platform metadata with little review value. | Remove low-value fields. |
| PII leakage | Sensitive values in log fields or free-form messages. | Redact or remove sensitive values. |
| Excessive payloads | Large bodies, serialized objects, or oversized stack traces. | Trim or remove large fields. |
| Debug mode left on | A service emits prolonged DEBUG-level volume in production. | Create a ticket, open a config PR, or apply a temporary filter. |
| Logs in hot path | One event dominates a service’s steady-state log volume. | Remove or relocate the log statement. |
| Burst protection | Infrastructure error events can flood during outages. | Rate-limit the matching event. |
| High cardinality tags | Metric tags have unbounded or fast-changing values. | Remove high-cardinality tags. |
Policy Categories
Policy categories
Telemetry issue categories that can produce policy recommendations
Tero groups telemetry issues into the categories below. Each category can produce policy recommendations.
Use Policy lifecycle for policy states and Enforcement for enforcement methods.
⌘I