Workflow: Governance & Compliance Review
Step-by-step guide for auditing Alertmanager operations — review silence changes, export configurations for Git diffing, and ensure organizational policies are followed.
When to Use
Use this workflow when:
- Reviewing silence activity for compliance
- Exporting Alertmanager configuration for Git storage and diffing
- Investigating unauthorized or overly broad silences
- Verifying that silence policies are being enforced
Journey
Step-by-Step
| Step | Action | Tool / Resource | Key Parameters |
|---|---|---|---|
| 1 | Export config | Resource: am://system/config | Full routing config for Git storage |
| 2 | Audit silence changes | am_list_recent_changes(hours=24) | Created/expired silences with authors |
| 3 | Review MCP audit log | Resource: am://system/audit-log | All MCP-initiated operations |
| 4 | Validate silences | am_validate_silence_policy(matchers=[...], duration_minutes=..., comment="...", created_by="...") | Check against policy rules |
| 5 | Expire bad silences | am_expire_silence(silence_id="<id>") | Reactivates notifications |
Governance Checklist
| Check | Tool / Resource | What to Look For |
|---|---|---|
| Config drift | am://system/config | Compare with Git-stored config |
| Unauthorized silences | am_list_recent_changes | Unknown authors, missing comments |
| Overly broad silences | am_validate_silence_policy | Severity-only matchers, env-only matchers |
| MCP operation history | am://system/audit-log | Unexpected create/expire patterns |
| Default route leakage | am_audit_default_route | Alerts hitting the fallback receiver |
Next Steps
- Alert Triage — On-call triage workflow
- Maintenance Silence — Safe silence lifecycle
- Routing Audit — Inspect and simulate routing