Reviewing for Observability & Operability

The real test of a diff: can the on-call who has never seen this code debug it at 2 AM with only the dashboards?

Code that works but can't be observed is a future outage with no flashlight. This question tests whether you review changes for their operational life — not just “is it correct” but “when it breaks, will we know, and will we be able to find out why fast.” For someone from storage and events infra, where you've carried the pager, this should be a strength. A new code path with no metric, a failure that logs nothing, an alert that pages on a symptom no one can act on — these are the things a senior reviewer catches before they become a 3 AM mystery.

Flow of reviewing for observability: RED/USE metrics, structured logs, correlation IDs, trace spans, alerts, dashboards and runbook, cardinality cost
The operability lens: RED/USE metrics on new paths, structured logs at the right level, correlation/request IDs, trace spans, actionable alerts, dashboards and a runbook — and control the cardinality cost of it all.

What this question is really testing

Whether you own the 2 AM debuggability of code you approve. The signal is that you treat instrumentation as part of the feature, not an afterthought, and that you know the vocabulary — RED/USE, structured logging, correlation IDs, traces, actionable alerting — and the cost model behind it. It also tests judgment: more telemetry isn't automatically better; high-cardinality metrics and chatty logs have a real bill and can bury the signal.

How to answer What the interviewer is looking for
Concrete example — the invisible failure branch. A diff adds a fallback path: if the primary dimension store times out, the code silently emits the event un-enriched. Functionally reasonable. But there's no counter on the fallback, the timeout is caught and logged at DEBUG, and the enrichment latency isn't measured. In production, the primary store degrades, 30% of events quietly go un-enriched, downstream revenue attribution drifts — and every dashboard is green because nothing is instrumented. The reviewer's asks: a counter on the fallback branch, a latency histogram on the enrichment call, an ERROR-or-WARN log with the campaign/request ID, and an alert when the fallback rate crosses a threshold. Now the same degradation pages in minutes with a clear cause.

Common follow-ups

How do you tell good instrumentation from noise?

How to answer

What makes an alert good vs bad?

How to answer

The team says instrumentation can be a follow-up diff. Agree?

How to answer

How do you review the cost of observability?

How to answer
Where to get your data (Meta)