Why not just buy a full SaaS observability suite?

You can. Many teams do. The problem we see is cost blowouts and little discipline: lots of data, little signal. We prefer OSS-first with clear SLOs and sampling, then add SaaS where it adds leverage (e.g., RUM, long-term logs for compliance).

What’s the fastest way to get exemplars working?

Use OpenTelemetry SDKs, propagate trace context end-to-end, and enable exemplar storage in Prometheus. Most histograms will automatically attach the current span ID as an exemplar you can click through in Grafana.

How do you keep Prometheus from melting under cardinality?

Budget labels. Drop high-cardinality dimensions (user IDs, SQL text). Enforce metric naming reviews in PRs, and set federation/recording rules for SLO queries so live alerts don’t scan raw series.

Is multi-window burn alerting overkill for small teams?

It’s a few lines of PromQL for a huge payoff. Fast window catches sharp regressions; slow window avoids flapping. It’s one of the highest ROI alerting patterns we roll out.

What if we’re on EKS or ECS, not GKE?

Same playbook. The k8s primitives, OTel, Prometheus, Grafana, and burn alerts are portable. Swap cloud-specific plumbing; keep the SLOs and discipline.

Case-studies · Oct 26, 2025 · 10 minute read

The Night an SLO Burn Alert Saved Black Friday: An Observability Rehab That Paid for Itself

A fintech on GKE was flying blind into peak traffic. Four weeks of pragmatic observability work turned a looming incident into a non-event—and cut MTTR by 60%.

Back to all posts

The Night an SLO Burn Alert Saved Black Friday: An Observability Rehab That Paid for Itself

Key takeaways

Implementation checklist