DEV Community: Ebby Peter

KQL for Adults: Writing Queries That Don't Lie to You

Ebby Peter — Tue, 17 Mar 2026 00:00:00 +0000

Most KQL running in production is subtly wrong. Wrong operators, unscoped subqueries, and alert rules that silently miss events due to ingestion latency. Here’s how to write queries you can actually defend.

More >>

Why Your Application Gateway Logs Don't Tell the Whole Story (Until You Correlate Them)

Ebby Peter — Tue, 10 Mar 2026 00:00:00 +0000

Access logs, firewall logs, backend health, and metrics each tell a partial truth about what Application Gateway is doing. Here’s how they mislead you in isolation, and the KQL that fixes that.

More...

Detection Is Not Protection: What Azure WAF Detection Mode Actually Does (and Doesn't)

Ebby Peter — Tue, 03 Mar 2026 00:00:00 +0000

Most teams think a WAF in Detection mode is partially protecting them. It isn’t. Here’s what actually happens to requests, why the logs actively mislead, and how organisations end up stuck in Detection mode indefinitely without noticing.

More...

The Hidden Cost of 'Just Turn On Logging' in Azure

Ebby Peter — Sun, 01 Mar 2026 20:44:55 +0000

Why your Log Analytics bill is lying to you, and how to fix it before it compounds.

Your team enabled logging everywhere, a responsible move. Then the Azure bill arrived. This post traces exactly why Log Analytics costs spiral without warning, what the AzureDiagnostics table is quietly doing to your budget, and how resource-specific tables plus DCR transformations give you back control.

More...

Autoscaling Is Not a Recovery Strategy

Ebby Peter — Thu, 26 Feb 2026 20:12:58 +0000

A guide for cloud engineers, SREs, and the engineering managers who ask "why is the system still down, didn’t we autoscale?"

Autoscaling is not a recovery strategy. It’s an elasticity tool, and knowing the difference is what separates teams that survive incidents from teams that just watch their instance count go up while users experience the outage anyway.

More...

dotLOG - Bringing Notepad's Best Kept Secret to VS Code

Ebby Peter — Thu, 26 Feb 2026 00:23:09 +0000

Windows Notepad has had a hidden logging trick since 1992 - type .LOG as the first line of a file and it automatically appends a timestamp every time you open it. I missed it when I moved to VS Code, so I built dotLOG to bring it back.

dotLOG in VSCode Marketplace

Your Alerts Are a Product. They're Just a Bad One.

Ebby Peter — Tue, 24 Feb 2026 00:00:00 +0000

Alert fatigue isn’t a people problem, it’s a product design failure. Your on-call engineers are the users. Here’s why noisy alerts are biologically inevitable under bad design, and what treating alerting as a product actually looks like.

More...

Azure Will Stay Up. Your System Is a Different Story.

Ebby Peter — Tue, 17 Feb 2026 00:00:00 +0000

The Azure status page is green. Your users are getting errors. Somewhere in the gap between those two facts is the outage nobody planned for.

Azure’s infrastructure is genuinely reliable. That’s exactly the problem. The more stable the platform, the easier it is to mistake platform health for system health, and that gap is where the expensive outages live. Availability is an architectural choice, not a SKU.

Your DR Plan Has Never Been Tested

Ebby Peter — Tue, 10 Feb 2026 00:00:00 +0000

Most DR tests prove the secondary came up. Not that your RTO is real, your data is intact, or your failback won’t destroy the incident window. Let’s fix that.

Most Azure DR tests confirm the secondary came up. They don’t confirm your RTO is real, your RPO commitment holds under load, or that failback won’t silently destroy the incident window. Here’s how to test DR honestly, with exit criteria that actually prove the plan works.

The Hidden Cost of 'Retry Everything': How Naive Retry Logic Creates a Self-Inflicted DDoS

Ebby Peter — Tue, 03 Feb 2026 00:00:00 +0000

Retries are load, not safety. Without exponential backoff and jitter, your retry logic doesn’t protect against outages, it causes them. This post covers the mechanics of retry storms, five anti-patterns found in real production code, and what correct retry design actually looks like across layered Azure architectures.