http://blog.ebbypeter.com/Recent content on Ebby Builds!Hugoen-usTue, 31 Mar 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/03/the-architecture-review-you-actually-need-but-never-get/Tue, 31 Mar 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/03/the-architecture-review-you-actually-need-but-never-get/Most architecture reviews are compliance theatre. They arrive late, check the wrong things, and produce feedback nobody acts on. Here’s what a review that actually challenges a design looks like, and why the problem is structural, not personal.http://blog.ebbypeter.com/2026/03/everyone-owns-cloud-security-thats-why-nobody-does/Tue, 24 Mar 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/03/everyone-owns-cloud-security-thats-why-nobody-does/165 organisations got hit in the Snowflake breach using no novel attack — just stolen credentials, no MFA, and nobody watching. The shared responsibility model didn’t fail technically. It failed organisationally. Security wrote the policy. Engineering assumed someone reviewed it. The platform team figured ‘managed’ meant secured. Procurement filed the SOC 2 and called it done. Nobody lied. Nobody was negligent. They just each assumed someone else had it.http://blog.ebbypeter.com/2026/03/kql-for-adults-writing-queries-that-dont-lie-to-you/Tue, 17 Mar 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/03/kql-for-adults-writing-queries-that-dont-lie-to-you/Most KQL running in production is subtly wrong. Wrong operators, unscoped subqueries, and alert rules that silently miss events due to ingestion latency. Here’s how to write queries you can actually defend.http://blog.ebbypeter.com/2026/03/why-your-application-gateway-logs-dont-tell-the-whole-story-until-you-correlate-them/Tue, 10 Mar 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/03/why-your-application-gateway-logs-dont-tell-the-whole-story-until-you-correlate-them/Access logs, firewall logs, backend health, and metrics each tell a partial truth about what Application Gateway is doing. Here’s how they mislead you in isolation, and the KQL that fixes that.http://blog.ebbypeter.com/2026/03/detection-is-not-protection-what-azure-waf-detection-mode-actually-does-and-doesnt/Tue, 03 Mar 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/03/detection-is-not-protection-what-azure-waf-detection-mode-actually-does-and-doesnt/Most teams think a WAF in Detection mode is partially protecting them. It isn’t. Here’s what actually happens to requests, why the logs actively mislead, and how organisations end up stuck in Detection mode indefinitely without noticing.http://blog.ebbypeter.com/2026/02/your-alerts-are-a-product.-theyre-just-a-bad-one./Tue, 24 Feb 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/02/your-alerts-are-a-product.-theyre-just-a-bad-one./Alert fatigue isn’t a people problem, it’s a product design failure. Your on-call engineers are the users. Here’s why noisy alerts are biologically inevitable under bad design, and what treating alerting as a product actually looks like.http://blog.ebbypeter.com/2026/02/azure-will-stay-up.-your-system-is-a-different-story./Tue, 17 Feb 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/02/azure-will-stay-up.-your-system-is-a-different-story./Azure’s infrastructure is genuinely reliable. That’s exactly the problem. The more stable the platform, the easier it is to mistake platform health for system health, and that gap is where the expensive outages live. Availability is an architectural choice, not a SKU.http://blog.ebbypeter.com/2026/02/your-dr-plan-has-never-been-tested/Tue, 10 Feb 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/02/your-dr-plan-has-never-been-tested/Most Azure DR tests confirm the secondary came up. They don’t confirm your RTO is real, your RPO commitment holds under load, or that failback won’t silently destroy the incident window. Here’s how to test DR honestly, with exit criteria that actually prove the plan works.http://blog.ebbypeter.com/2026/02/the-hidden-cost-of-retry-everything-how-naive-retry-logic-creates-a-self-inflicted-ddos/Tue, 03 Feb 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/02/the-hidden-cost-of-retry-everything-how-naive-retry-logic-creates-a-self-inflicted-ddos/Retries are load, not safety. Without exponential backoff and jitter, your retry logic doesn’t protect against outages, it causes them. This post covers the mechanics of retry storms, five anti-patterns found in real production code, and what correct retry design actually looks like across layered Azure architectures.http://blog.ebbypeter.com/2026/01/the-hidden-cost-of-just-turn-on-logging-in-azure/Tue, 27 Jan 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/01/the-hidden-cost-of-just-turn-on-logging-in-azure/Your team enabled logging everywhere, a responsible move. Then the Azure bill arrived. This post traces exactly why Log Analytics costs spiral without warning, what the AzureDiagnostics table is quietly doing to your budget, and how resource-specific tables plus DCR transformations give you back control.http://blog.ebbypeter.com/2026/01/autoscaling-is-not-a-recovery-strategy/Tue, 20 Jan 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/01/autoscaling-is-not-a-recovery-strategy/Autoscaling is not a recovery strategy. It’s an elasticity tool, and knowing the difference is what separates teams that survive incidents from teams that just watch their instance count go up while users experience the outage anyway.http://blog.ebbypeter.com/2026/01/dotlog-bringing-notepads-best-kept-secret-to-vs-code/Tue, 13 Jan 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/01/dotlog-bringing-notepads-best-kept-secret-to-vs-code/Windows Notepad has had a hidden logging trick since 1992 - type .LOG as the first line of a file and it automatically appends a timestamp every time you open it. I missed it when I moved to VS Code, so I built dotLOG to bring it back.http://blog.ebbypeter.com/2026/01/getting-hugo-running-with-tranquilpeak-on-modern-hugo-v0.156/Tue, 06 Jan 2026 00:00:00 +0000http://blog.ebbypeter.com/2026/01/getting-hugo-running-with-tranquilpeak-on-modern-hugo-v0.156/Tranquilpeak is still one of the most elegant Hugo themes around, but it was built for an older Hugo. Here are all the fixes you need to get it running on Hugo v0.156+, collected in one place so you don’t have to go hunting.