Initial commit: Cloudflare infrastructure with WAF Intelligence

- Complete Cloudflare Terraform configuration (DNS, WAF, tunnels, access) - WAF Intelligence MCP server with threat analysis and ML classification - GitOps automation with PR workflows and drift detection - Observatory monitoring stack with Prometheus/Grafana - IDE operator rules for governed development - Security playbooks and compliance frameworks - Autonomous remediation and state reconciliation
2025-12-16 18:31:53 +00:00
commit 37a867c485
123 changed files with 25407 additions and 0 deletions
--- a/observatory/prometheus.yml
+++ b/observatory/prometheus.yml
@@ -0,0 +1,43 @@
+# Prometheus Configuration for Cloudflare Mesh Observatory
+# Scrapes metrics from the custom exporter
+
+global:
+  scrape_interval: 60s
+  evaluation_interval: 60s
+  external_labels:
+    monitor: 'cloudflare-mesh'
+
+# Alerting configuration
+alerting:
+  alertmanagers:
+    - static_configs:
+        - targets:
+          - alertmanager:9093
+
+# Rule files - Load all alert rules from the alerts directory
+rule_files:
+  - /etc/prometheus/alerts/*.yml
+
+# Scrape configurations
+scrape_configs:
+  # Prometheus self-monitoring
+  - job_name: 'prometheus'
+    static_configs:
+      - targets: ['localhost:9090']
+    metrics_path: /metrics
+    scheme: http
+
+  # Cloudflare metrics exporter
+  - job_name: 'cloudflare'
+    static_configs:
+      - targets: ['metrics-exporter:9100']
+    metrics_path: /metrics
+    scheme: http
+    scrape_interval: 60s
+    scrape_timeout: 30s
+    honor_labels: true
+
+  # Optional: Node exporter for host metrics
+  # - job_name: 'node'
+  #   static_configs:
+  #     - targets: ['node-exporter:9100']