The following table outlines the conditions that should trigger alerts to help detect misconfigurations or abusive workloads:
Condition Recommended action
Deny rate exceeds 5% of total requests Investigate for abusive workloads or incorrect burst configuration.
Sudden drop in throughput with rising deny count Check for accidental loops or broken client retry logic.