Monitoring, Observability & Infrastructure Interview Guide

Prometheus (25 Questions)

Core Concepts

1. What is Prometheus? Key features
2. What is the Prometheus architecture? Components (Prometheus Server, Pushgateway, Alertmanager, Exporters)
3. What is a time-series database? How does Prometheus store data?
4. What is the difference between monitoring and observability?
5. What are the four golden signals of monitoring? (Latency, Traffic, Errors, Saturation)

Metrics & Data Model

6. What are metrics in Prometheus? Types of metrics:
   • Counter
   • Gauge
   • Histogram
   • Summary
7. What is a metric label? How to use labels effectively?
8. What is cardinality? Why is high cardinality problematic?
9. What is the difference between histogram and summary?
10. When to use Counter vs Gauge?
11. What is metric naming convention in Prometheus?
12. What is the data retention period in Prometheus?

PromQL (Prometheus Query Language)

13. What is PromQL? Basic query syntax
14. What is an instant vector vs range vector?
15. Common PromQL functions:
    • rate() - Calculate per-second rate
    • irate() - Instant rate
    • increase() - Total increase
    • sum(), avg(), max(), min()
    • by and without aggregations
16. What is the difference between rate() and irate()?
17. How to calculate percentiles in PromQL? (histogram_quantile)
18. How to filter metrics by labels in PromQL?
19. What is up metric? How to use it for health checks?

Integration & Exporters

20. What is an exporter in Prometheus?
21. Common exporters:
    • Node Exporter (system metrics)
    • JMX Exporter (Java applications)
    • Blackbox Exporter (endpoint monitoring)
    • Custom exporters
22. How to integrate Prometheus with Spring Boot? (Micrometer, Actuator)
23. What is Pushgateway? When to use it?
24. What is service discovery in Prometheus? (static config, DNS, Kubernetes, Consul)

Alerting

25. What is Alertmanager? How does it work?
26. How to configure alerts in Prometheus?
27. What is alert routing and grouping?
28. What is silencing in Alertmanager?
29. What are best practices for alert thresholds?

---

Grafana (20 Questions)

Core Concepts

30. What is Grafana? Key features
31. What is the difference between Prometheus and Grafana?
32. What are Grafana data sources? (Prometheus, InfluxDB, Elasticsearch, CloudWatch, MySQL)
33. What is a dashboard in Grafana?
34. What is a panel? Types of panels (Graph, Gauge, Table, Heatmap, Stat)

Dashboards & Visualization

35. How to create a dashboard in Grafana?
36. What are dashboard variables? Use cases
37. What is templating in Grafana?
38. How to create dynamic dashboards?
39. What are dashboard annotations?
40. What is the difference between absolute time and relative time ranges?
41. How to share dashboards? (export JSON, snapshots, public dashboards)

Alerting

42. How to configure alerts in Grafana?
43. What are notification channels? (Email, Slack, PagerDuty, Webhook)
44. What is alert state? (Pending, Alerting, OK, No Data)
45. What is the difference between Grafana alerts and Prometheus alerts?

Advanced Features

46. What is Grafana Loki? How is it different from Elasticsearch?
47. What is Grafana Tempo? (distributed tracing)
48. What are Grafana plugins?
49. How to use Grafana with Kubernetes?
50. What are best practices for dashboard design?

---

ELK Stack (Elasticsearch, Logstash, Kibana) (30 Questions)

Elasticsearch

51. What is Elasticsearch? Core concepts
52. What is an index in Elasticsearch?
53. What is a document and document ID?
54. What is a shard? Primary shard vs replica shard
55. Why is sharding important in Elasticsearch?
56. What is an inverted index?
57. What is a mapping in Elasticsearch?
58. What are analyzers? Common analyzers (Standard, Whitespace, Keyword, Pattern)
59. What is the difference between text and keyword data types?
60. How does Elasticsearch achieve near real-time search?
61. What is a cluster, node, and index in Elasticsearch?
62. What is the difference between GET and SEARCH API?
63. What are query types in Elasticsearch?
    • Match query
    • Term query
    • Range query
    • Bool query
    • Wildcard query
64. What is aggregation in Elasticsearch? (Bucket, Metric, Pipeline)
65. What is the difference between term query and match query?
66. How to perform full-text search in Elasticsearch?
67. What is scoring and relevance in Elasticsearch?
68. How to optimize Elasticsearch performance?
69. What is circuit breaker in Elasticsearch?
70. What is index lifecycle management (ILM)?

Logstash

71. What is Logstash? Architecture
72. What are the three stages of Logstash pipeline? (Input, Filter, Output)
73. Common Logstash input plugins (file, beats, kafka, jdbc)
74. Common Logstash filter plugins (grok, mutate, date, json, geoip)
75. Common Logstash output plugins (elasticsearch, file, kafka, stdout)
76. What is Grok pattern? How to use it?
77. What is the difference between Logstash and Filebeat?
78. How to handle log parsing errors in Logstash?

Kibana

79. What is Kibana? Key features
80. What is Discover in Kibana?
81. How to create visualizations in Kibana? (Bar, Line, Pie, Heatmap, Data Table)
82. What is a Kibana dashboard?
83. What are index patterns in Kibana?
84. What is Kibana Query Language (KQL)?
85. What is Kibana Lens?
86. How to create alerts in Kibana?
87. What is Canvas in Kibana?

ELK Stack Integration & Best Practices

88. What is the typical ELK stack workflow?
89. What are Beats? (Filebeat, Metricbeat, Packetbeat, Heartbeat, Auditbeat)
90. When to use Logstash vs Filebeat?
91. How to secure ELK stack? (authentication, encryption, role-based access)
92. What are best practices for log management?
93. How to handle large-scale log ingestion?
94. What is hot-warm-cold architecture in Elasticsearch?

---

Apache Kafka (35 Questions)

Core Concepts

95. What is Apache Kafka? Use cases
96. What is the Kafka architecture? Components:
    • Broker
    • Topic
    • Partition
    • Producer
    • Consumer
    • Zookeeper/KRaft
97. What is a topic in Kafka?
98. What is a partition? Why is partitioning important?
99. What is a broker in Kafka?
100. What is a Kafka cluster?
101. What is the role of Zookeeper in Kafka?
102. What is KRaft mode? Difference from Zookeeper
103. What is a message/record in Kafka? (Key, Value, Timestamp, Headers)

Producers

104. What is a Kafka producer?
105. How does a producer send messages to Kafka?
106. What is producer acknowledgment (acks)? (0, 1, all/-1)
107. What is idempotent producer?
108. What is the difference between sync and async send?
109. What is partitioner? How does producer choose partition? (key-based, round-robin, custom)
110. What is producer batching?
111. What are producer configuration parameters?

• batch.size
• linger.ms
• compression.type
• max.in.flight.requests.per.connection

Consumers

112. What is a Kafka consumer?
113. What is a consumer group?
114. How does Kafka achieve load balancing among consumers?
115. What is consumer offset?
116. What is offset commit? Auto-commit vs manual commit
117. What happens when a consumer fails? (rebalancing)
118. What is consumer lag? How to monitor it?
119. What is the difference between poll() and subscribe()?
120. What is enable.auto.commit?
121. What are consumer configuration parameters?

• group.id
• auto.offset.reset (earliest, latest, none)
• max.poll.records
• session.timeout.ms

Replication & Fault Tolerance

122. What is replication in Kafka?
123. What is replication factor?
124. What is leader and follower?
125. What is ISR (In-Sync Replica)?
126. How does Kafka ensure message durability?
127. What is min.insync.replicas?
128. What happens when a broker fails?
129. What is unclean leader election?

Performance & Scalability

130. How does Kafka achieve high throughput?
131. What is log compaction?
132. What is retention policy in Kafka? (time-based, size-based)
133. How to scale Kafka? (add brokers, increase partitions)
134. What is the relationship between partitions and parallelism?
135. What are Kafka performance tuning tips?
136. What is the difference between Kafka and traditional message queues? (RabbitMQ, ActiveMQ)

Kafka Streams & Connect

137. What is Kafka Streams?
138. What is Kafka Connect?
139. What are source and sink connectors?
140. When to use Kafka Streams vs Kafka Connect?

Monitoring & Operations

141. How to monitor Kafka? (JMX metrics, Kafka Manager, Burrow)
142. Important Kafka metrics to monitor:

• UnderReplicatedPartitions
• OfflinePartitionsCount
• ActiveControllerCount
• RequestHandlerAvgIdlePercent

143. What is Kafka MirrorMaker?

---

Redis (30 Questions)

Core Concepts

144. What is Redis? Key features
145. What makes Redis fast? (in-memory, single-threaded, efficient data structures)
146. What are Redis data types?

• String
• List
• Set
• Sorted Set
• Hash
• Bitmap
• HyperLogLog
• Stream

147. What is Redis use case? (caching, session storage, rate limiting, real-time analytics)
148. What is the difference between Redis and Memcached?
149. Is Redis single-threaded? How does it handle concurrent requests?

Data Structures & Commands

150. Important String commands (SET, GET, INCR, DECR, MSET, MGET)
151. Important List commands (LPUSH, RPUSH, LPOP, RPOP, LRANGE)
152. Important Set commands (SADD, SMEMBERS, SINTER, SUNION, SDIFF)
153. Important Sorted Set commands (ZADD, ZRANGE, ZRANK, ZINCRBY)
154. Important Hash commands (HSET, HGET, HGETALL, HINCRBY)
155. What is the time complexity of common Redis operations?
156. What is SCAN command? Difference from KEYS
157. What are Redis transactions? (MULTI, EXEC, DISCARD, WATCH)

Persistence

158. What are Redis persistence mechanisms?

• RDB (Redis Database Backup)
• AOF (Append-Only File)

159. What is the difference between RDB and AOF?
160. When to use RDB vs AOF?
161. What is hybrid persistence (RDB+AOF)?
162. What is snapshotting in Redis?

Caching Strategies

163. What are caching strategies?

• Cache-Aside (Lazy Loading)
• Write-Through
• Write-Behind (Write-Back)
• Read-Through

164. What is cache eviction policy? (LRU, LFU, FIFO, Random, TTL)
165. What is TTL (Time To Live)?
166. How to handle cache stampede?
167. What is cache penetration, cache breakdown, and cache avalanche?
168. How to implement distributed locking in Redis? (SETNX, RedLock algorithm)

High Availability & Scalability

169. What is Redis Sentinel? How does it work?
170. What is Redis Cluster? How does it achieve scalability?
171. What is the difference between Redis Sentinel and Redis Cluster?
172. How does Redis Cluster handle data sharding?
173. What is hash slot in Redis Cluster?
174. What is split-brain problem in Redis?
175. What is Redis replication? Master-slave architecture
176. How to handle failover in Redis?

Performance & Monitoring

177. How to monitor Redis? (INFO command, redis-cli, monitoring tools)
178. Important Redis metrics:

• Memory usage
• Hit rate
• Connected clients
• Commands processed per second
• Evicted keys

179. How to optimize Redis performance?
180. What is pipelining in Redis?
181. What is Redis pub/sub?
182. What are Redis Streams? Use cases
183. What is the maximum size of a Redis key/value?

---

CDN (Content Delivery Network) (20 Questions)

Core Concepts

184. What is CDN? How does it work?
185. What are the benefits of using CDN? (reduced latency, improved performance, DDoS protection, reduced bandwidth cost)
186. What is edge server/edge location?
187. What is origin server?
188. What is Point of Presence (PoP)?
189. How does CDN routing work? (DNS-based routing, Anycast)

CDN Types & Architecture

190. What are types of CDN?

• Push CDN
• Pull CDN

191. What is the difference between push and pull CDN?
192. What is CDN caching? Cache hierarchy
193. What is cache hit ratio?
194. What is Time To Live (TTL) in CDN?
195. What is cache invalidation/purging?

CDN Features

196. What is edge computing?
197. What is CDN load balancing?
198. How does CDN handle dynamic content?
199. What is CDN SSL/TLS termination?
200. What is geo-blocking in CDN?
201. What are CDN security features? (DDoS protection, WAF, bot protection)
202. What is image optimization in CDN?
203. What is compression in CDN? (Gzip, Brotli)

Popular CDN Providers

204. Popular CDN providers (Cloudflare, Akamai, AWS CloudFront, Fastly, Azure CDN)
205. What is CloudFlare? Key features
206. What is AWS CloudFront?
207. How to integrate CDN with your application?

---

Spring Boot Actuator (25 Questions)

Core Concepts

208. What is Spring Boot Actuator?
209. How to enable Actuator in Spring Boot?
210. What are Actuator endpoints?
211. What is the difference between web endpoints and JMX endpoints?

Built-in Endpoints

212. Important Actuator endpoints:

• /actuator/health - Application health
• /actuator/info - Application information
• /actuator/metrics - Application metrics
• /actuator/env - Environment properties
• /actuator/beans - Spring beans
• /actuator/mappings - Request mappings
• /actuator/loggers - Logger configuration
• /actuator/threaddump - Thread dump
• /actuator/heapdump - Heap dump
• /actuator/prometheus - Prometheus metrics

213. What is health indicator? (disk space, database, Redis, custom)
214. How to create custom health indicators?
215. What is health status? (UP, DOWN, OUT_OF_SERVICE, UNKNOWN)
216. How to expose/hide specific endpoints?
217. What is the /info endpoint? How to add custom info?

Metrics

218. What metrics are available in Actuator?

• JVM metrics (memory, threads, GC)
• HTTP metrics (request count, response time)
• Database metrics (connection pool)
• Custom metrics

219. How to create custom metrics? (MeterRegistry, Counter, Gauge, Timer)
220. What is Micrometer?
221. How to integrate Actuator with Prometheus?
222. What is dimensional metrics?

Security & Configuration

223. How to secure Actuator endpoints?
224. What is the role of Spring Security with Actuator?
225. How to configure endpoint exposure? (management.endpoints.web.exposure.include)
226. What is base path for Actuator? (management.endpoints.web.base-path)
227. How to customize Actuator endpoints?
228. What is @Endpoint annotation?

Advanced Features

229. How to create custom Actuator endpoints?
230. What is /auditevents endpoint?
231. How to monitor application performance using Actuator?
232. How to integrate Actuator with external monitoring systems? (Grafana, Prometheus, ELK)

---

Application Performance Monitoring (APM) (20 Questions)

Core Concepts

233. What is APM? Why is it important?
234. What is distributed tracing?
235. What is a trace, span, and trace ID?
236. What is observability vs monitoring?
237. Three pillars of observability (Logs, Metrics, Traces)

APM Tools

238. Popular APM tools:

• New Relic
• Datadog
• AppDynamics
• Dynatrace
• Elastic APM
• Jaeger
• Zipkin

239. What is Zipkin? How does it work?
240. What is Jaeger? Architecture
241. What is Spring Cloud Sleuth?
242. How to implement distributed tracing in Spring Boot? (Sleuth + Zipkin)

Metrics & Monitoring

243. What is Apdex score?
244. What is response time percentiles? (p50, p95, p99)
245. What is throughput and latency?
246. What is error rate?
247. How to monitor database query performance?
248. How to identify performance bottlenecks?
249. What is transaction tracing?
250. What is Real User Monitoring (RUM)?
251. What is Synthetic Monitoring?
252. What is the difference between RUM and Synthetic Monitoring?

---

API Monitoring & Management (20 Questions)

API Monitoring

253. What is API monitoring? Why is it important?
254. What metrics should be monitored for APIs?

• Response time
• Error rate
• Request rate
• Availability/Uptime
• Latency

255. How to monitor API endpoints? (health checks, synthetic monitoring)
256. What is API uptime monitoring?
257. What are API monitoring tools? (Postman, Runscope, Pingdom, Uptime Robot)
258. How to implement API health checks in Spring Boot?

API Gateway Monitoring

259. What is API Gateway?
260. What metrics to monitor in API Gateway?
261. How to monitor API Gateway performance?
262. What is rate limiting in API Gateway?
263. How to implement throttling?

API Logging & Analytics

264. What should be logged for APIs?

• Request/Response
• Headers
• Timestamps
• User information
• Errors

265. How to implement structured logging for APIs?
266. What is API analytics?
267. How to track API usage patterns?
268. What is request tracing?
269. How to correlate logs across microservices? (correlation ID)

API Security Monitoring

270. How to monitor API security?
271. What are common API security threats? (DDoS, SQL injection, unauthorized access)
272. How to detect API abuse?
273. What is anomaly detection in API monitoring?

---

Log Management & Best Practices (20 Questions)

Logging Fundamentals

274. What are log levels? (TRACE, DEBUG, INFO, WARN, ERROR, FATAL)
275. When to use each log level?
276. What is structured logging?
277. What is the difference between structured and unstructured logs?
278. What is JSON logging? Benefits
279. What should be included in log messages?

• Timestamp
• Log level
• Service name
• Correlation ID
• User ID
• Error details

Logging Frameworks

280. Popular Java logging frameworks:

• Logback
• Log4j2
• SLF4J (Simple Logging Facade)

281. What is SLF4J? Why use it?
282. What is the difference between Log4j, Log4j2, and Logback?
283. How to configure logging in Spring Boot?
284. What is logging pattern/layout?

Log Aggregation

285. What is log aggregation? Why is it important?
286. What is centralized logging?
287. How to implement centralized logging in microservices?
288. What is log retention policy?
289. How to handle log rotation?
290. What is log sampling?

Best Practices

291. What are logging best practices?

• Use appropriate log levels
• Include context information
• Avoid logging sensitive data
• Use correlation IDs
• Implement log sampling for high-volume systems

292. How to avoid logging sensitive information? (passwords, credit cards, PII)
293. How to optimize log storage costs?
294. What is log enrichment?
295. How to search and analyze logs efficiently?

---

Alerting & Incident Management (20 Questions)

Alerting Fundamentals

296. What is alerting? Why is it important?
297. What makes a good alert?
298. What is alert fatigue? How to prevent it?
299. What is the difference between alert and notification?
300. What are alert severity levels? (Critical, High, Medium, Low)

Alert Types

301. What are different types of alerts?

• Threshold-based alerts
• Anomaly detection alerts
• Composite alerts

302. What is threshold alerting?
303. What is anomaly-based alerting?
304. What is alert aggregation?
305. What is alert deduplication?

Alert Configuration

306. What factors to consider when setting alert thresholds?
307. What is alert hysteresis?
308. What is alert flapping? How to prevent it?
309. What is alert routing?
310. What is on-call rotation?
311. How to prioritize alerts?

Incident Management

312. What is incident management process?
313. What is incident severity classification?
314. What is MTTR (Mean Time To Repair)?
315. What is MTTD (Mean Time To Detect)?
316. What is MTTA (Mean Time To Acknowledge)?
317. What are incident management tools? (PagerDuty, Opsgenie, VictorOps)
318. What is incident postmortem? Why is it important?
319. What is runbook/playbook?

---

Scenario-Based Questions (40 Questions)

Performance Issues

320. Your application response time suddenly increased. How would you troubleshoot?
321. How would you identify if the issue is in application, database, or network?
322. CPU usage is at 100%. How would you investigate?
323. Memory usage is continuously growing. How would you detect memory leaks?
324. Database queries are slow. How would you optimize?
325. How would you handle a sudden spike in traffic?
326. Application is timing out. How would you debug?

Monitoring & Observability

327. How would you set up monitoring for a new microservice?
328. What metrics would you monitor for a REST API?
329. How would you monitor database performance?
330. How would you implement distributed tracing across 10 microservices?
331. How would you correlate logs across multiple services?
332. How would you monitor Kafka consumer lag?
333. How would you detect if a microservice is down?
334. How would you monitor Redis cache hit rate?

Alerting & Incident Response

335. You received an alert about high error rate. What steps would you take?
336. How would you configure alerts to avoid false positives?
337. Multiple alerts are firing. How would you prioritize?
338. A critical service is down at 3 AM. Walk through your incident response process
339. How would you implement on-call rotation for your team?
340. How would you conduct a postmortem after an incident?

ELK Stack Scenarios

341. Elasticsearch cluster is slow. How would you optimize?
342. How would you handle log ingestion of 1TB/day?
343. Elasticsearch nodes are running out of memory. What would you do?
344. How would you search for specific error messages across millions of logs?
345. How would you implement log retention policy for cost optimization?
346. Kibana dashboards are loading slowly. How would you troubleshoot?

Kafka Scenarios

347. Kafka consumer lag is increasing. How would you address it?
348. A Kafka broker went down. What happens?
349. How would you handle Kafka rebalancing issues?
350. Messages are being duplicated. How would you ensure exactly-once delivery?
351. How would you migrate Kafka cluster without downtime?
352. How would you scale Kafka to handle 10x traffic?

Redis Scenarios

353. Redis is running out of memory. What would you do?
354. Cache hit rate is very low. How would you improve it?
355. How would you handle cache stampede during peak traffic?
356. Redis master went down. How does failover work?
357. How would you implement rate limiting using Redis?
358. How would you migrate from single Redis instance to Redis Cluster?

Prometheus & Grafana Scenarios

359. Prometheus is consuming too much storage. How would you optimize?
360. How would you monitor multiple Kubernetes clusters with Prometheus?
361. Grafana dashboard is not showing recent data. What could be wrong?
362. How would you create a dashboard for database performance monitoring?
363. How would you set up alerts for API latency > 500ms?

CDN & API Gateway Scenarios

364. CDN cache hit rate is low. How would you improve it?
365. Static assets are not being cached. How would you debug?
366. How would you handle CDN cache invalidation for a critical update?
367. API Gateway is becoming a bottleneck. How would you scale?
368. How would you implement rate limiting at API Gateway level?

System Design with Monitoring

369. Design a monitoring system for an e-commerce application
370. How would you monitor a microservices-based system with 50+ services?
371. Design an alerting strategy for a payment processing system
372. How would you implement observability in a serverless architecture?
373. Design a logging strategy for a multi-region deployment

---

Best Practices & Guidelines (25 Questions)

Monitoring Best Practices

374. What are the key principles of effective monitoring?

• Monitor what matters
• Keep it simple
• Avoid alert fatigue
• Use meaningful metrics

375. What is the USE method? (Utilization, Saturation, Errors)
376. What is the RED method? (Rate, Errors, Duration)
377. What metrics should be monitored at different layers?

• Application layer
• Infrastructure layer
• Network layer
• Database layer

378. How to establish SLO (Service Level Objectives)?
379. What is the difference between SLI, SLO, and SLA?

Logging Best Practices

380. What are logging best practices in microservices?
381. How to implement correlation across distributed systems?
382. What should never be logged? (passwords, tokens, PII, credit cards)
383. How to balance between detailed logging and performance?
384. What is the cost of excessive logging?

Alerting Best Practices

385. What makes an actionable alert?
386. How many alerts are too many?
387. What is alert-to-noise ratio?
388. Should you alert on symptoms or causes?
389. What is the difference between alerts and notifications?

Performance Best Practices

390. What are performance monitoring best practices?
391. How to establish baseline metrics?
392. What is capacity planning?
393. How to perform load testing with monitoring?
394. What is chaos engineering? How does monitoring help?

Security & Compliance

395. How to ensure sensitive data is not exposed in logs?
396. What are compliance requirements for log retention? (GDPR, HIPAA)
397. How to implement audit logging?
398. How to secure monitoring endpoints?
399. What access controls should be in place for monitoring systems?

---

Tools Comparison (10 Questions)

400. Prometheus vs InfluxDB - When to use which?

• Prometheus: Pull-based, optimized for metrics/monitoring, strong alerting, better for Kubernetes, PromQL
• InfluxDB: Push-based, general-purpose time-series DB, better for IoT/sensor data, InfluxQL/Flux, built-in data retention
• Use Prometheus for infrastructure monitoring, InfluxDB for application analytics

401. ELK Stack vs Splunk - Pros and cons

• ELK Stack:
  • Pros: Open-source, cost-effective, flexible, large community
  • Cons: Complex setup, resource-intensive, requires maintenance
• Splunk:
  • Pros: Enterprise features, powerful analytics, better support, easier setup
  • Cons: Expensive licensing, cost scales with data volume
• Use ELK for cost-sensitive projects, Splunk for enterprise with budget

402. Grafana vs Kibana - Key differences

• Grafana: Multi-source visualization, better for metrics/time-series, cleaner dashboards, alerting
• Kibana: Tightly integrated with Elasticsearch, better for logs, built-in analytics, Elastic ecosystem
• Use Grafana for metrics dashboards, Kibana for log analysis

403. Kafka vs RabbitMQ - Use cases

• Kafka:
  • High throughput, distributed streaming, log aggregation, event sourcing
  • Durable, replay capability, horizontal scaling
• RabbitMQ:
  • Traditional message queue, complex routing, low latency, easier setup
  • Better for request-reply patterns
• Use Kafka for event streaming/big data, RabbitMQ for traditional messaging

404. Redis vs Memcached - Key differences

• Redis:
  • Multiple data structures, persistence, pub/sub, clustering, Lua scripting
  • Single-threaded, feature-rich
• Memcached:
  • Simple key-value only, multi-threaded, no persistence
  • Slightly faster for simple caching
• Use Redis for complex use cases, Memcached for simple distributed caching

405. Logstash vs Fluentd - Comparison

• Logstash:
  • Elastic ecosystem, rich plugins, Grok patterns, Java-based (resource heavy)
• Fluentd:
  • Lightweight (Ruby/C), better performance, Cloud Native, CNCF project
  • JSON native, unified logging layer
• Use Logstash with ELK Stack, Fluentd for cloud-native/Kubernetes

406. Jaeger vs Zipkin - Distributed tracing comparison

• Jaeger:
  • Uber-developed, CNCF project, better for Kubernetes
  • Adaptive sampling, hot-path support
• Zipkin:
  • Twitter-developed, simpler setup, more mature
  • Better documentation, wider adoption
• Both are good choices; choose based on ecosystem fit

407. New Relic vs Datadog - APM comparison

• New Relic:
  • Strong APM focus, easier learning curve, better for application monitoring
  • Per-host pricing
• Datadog:
  • Better infrastructure monitoring, more integrations, real-time analytics
  • Per-metric pricing, can be expensive
• Choose based on primary use case (application vs infrastructure focus)

408. CloudWatch vs Prometheus for AWS - When to use which?

• CloudWatch:
  • Native AWS integration, no setup required, managed service
  • Limited retention, AWS-specific
• Prometheus:
  • Open-source, flexible, better query language, cross-cloud
  • Self-managed, requires setup
• Use CloudWatch for AWS-only, Prometheus for multi-cloud/detailed metrics

409. Sentry vs ELK for error tracking - Comparison

• Sentry:
  • Specialized error tracking, better error grouping, release tracking
  • Developer-friendly, issue assignment
• ELK:
  • General-purpose logging, full-text search, broader use cases
  • More complex but more flexible
• Use Sentry for application error tracking, ELK for comprehensive logging

---

Additional Advanced Topics (15 Questions)

Observability as Code

410. What is Observability as Code?

• Defining monitoring, logging, and alerting configuration as code
• Version control, peer review, automated deployment
• Infrastructure as Code for observability

411. What are benefits of GitOps for monitoring?

• Version control for dashboards and alerts
• Reproducible environments
• Easy rollback and audit trail

Service Mesh Observability

412. What is service mesh? How does it help observability?

• Istio, Linkerd, Consul Connect
• Automatic distributed tracing
• Standardized metrics collection
• Traffic visibility without code changes

413. What metrics does service mesh provide?

• Request success rates
• Latency distribution
• Service dependencies
• Circuit breaker stats

Cost Optimization

414. How to optimize monitoring costs?

• Sampling high-volume metrics
• Data retention policies
• Log level filtering
• Metric aggregation
• Use tiered storage (hot/warm/cold)

415. What is metric cardinality explosion? How to prevent it?

• Too many unique label combinations
• Increases storage and query costs
• Prevention: Limit label values, avoid unbounded labels, use label guidelines

Modern Observability Patterns

416. What is OpenTelemetry?

• Vendor-neutral observability framework
• Unified APIs for traces, metrics, logs
• Auto-instrumentation support
• CNCF project

417. What is eBPF in observability?

• Extended Berkeley Packet Filter
• Kernel-level observability without agents
• Low overhead monitoring
• Tools: Pixie, Cilium

418. What is continuous profiling?

• Always-on performance profiling
• Production-safe profiling
• Identify performance regressions
• Tools: Pyroscope, Parca

SRE & Reliability

419. What is SRE (Site Reliability Engineering)?

• Applies software engineering to operations
• Focus on reliability, scalability, automation
• Error budgets and SLOs

420. What is error budget?

• Acceptable downtime based on SLO
• Balance between reliability and feature velocity
• Example: 99.9% uptime = 43 minutes downtime/month

421. What are the four golden signals of SRE?

• Latency: Time to serve requests
• Traffic: Demand on system
• Errors: Rate of failed requests
• Saturation: Resource utilization

Cloud-Native Monitoring

422. How to monitor Kubernetes clusters?

• Prometheus Operator
• kube-state-metrics
• Node exporter
• cAdvisor for container metrics
• Grafana dashboards

423. What is container monitoring? Key metrics

• CPU and memory usage per container
• Container restart count
• Network I/O
• Disk I/O
• Tools: cAdvisor, Datadog, New Relic

424. How to monitor serverless applications?

• Cold start duration
• Invocation count and errors
• Duration and memory usage
• CloudWatch for AWS Lambda
• Distributed tracing challenges

---

Real-World Integration Patterns (10 Questions)

425. How to integrate Prometheus with Spring Boot microservices?

• Add Micrometer dependency
• Enable Actuator with Prometheus endpoint
• Configure Prometheus scraping
• Create Grafana dashboards

426. How to set up centralized logging for microservices?

• Filebeat on each service → Logstash → Elasticsearch → Kibana
• Add correlation ID to all logs
• Structured JSON logging
• Log aggregation pattern

427. How to implement health checks across microservices?

• Liveness probes (is service running?)
• Readiness probes (can service handle traffic?)
• Custom health indicators
• Aggregate health status

428. How to monitor API Gateway (Kong/AWS API Gateway)?

• Request/response metrics
• Rate limiting metrics
• Authentication success/failure
• Backend service health
• Integration with Prometheus/CloudWatch

429. How to integrate Kafka with monitoring systems?

• JMX Exporter for Prometheus
• Consumer lag monitoring (Burrow)
• Kafka Manager/AKHQ for UI
• Alert on lag, under-replicated partitions

430. How to monitor database connections in Spring Boot?

• HikariCP metrics via Actuator
• Monitor active, idle, pending connections
• Connection pool saturation alerts
• Query performance with slow query logs

431. How to implement circuit breaker monitoring?

• Resilience4j with Micrometer
• Monitor state transitions (closed/open/half-open)
• Success/failure rates
• Visualize in Grafana

432. How to trace requests across API Gateway → Microservices → Database?

• Spring Cloud Sleuth for trace ID generation
• Propagate trace context in HTTP headers
• Zipkin/Jaeger for trace collection
• Visualize complete request flow

433. How to implement custom business metrics?

• MeterRegistry in Spring Boot
• Counter for events (orders, signups)
• Timer for operations
• Gauge for current state
• Export to Prometheus

434. How to monitor scheduled jobs/batch processes?

• Job execution time
• Success/failure rate
• Last successful run timestamp
• Dead letter queue monitoring
• Alert on job failures

---

Troubleshooting Checklist (10 Questions)

435. Application is slow - Where to start?

436. Check application metrics (response time, throughput)

437. Review recent deployments/changes

438. Check resource utilization (CPU, memory, disk)

439. Analyze slow queries in database

440. Check external service dependencies

441. Review logs for errors/warnings

442. High memory usage - Investigation steps

443. Take heap dump (jmap, Actuator)

444. Analyze with tools (MAT, VisualVM)

445. Check for memory leaks

446. Review garbage collection logs

447. Check cache sizes

448. Monitor memory growth over time

449. Database queries timing out - Debug approach

450. Enable slow query log

451. Check query execution plans (EXPLAIN)

452. Look for missing indexes

453. Check database connection pool

454. Review lock contention

455. Check database resource utilization

456. Microservice not responding - Troubleshooting

457. Check health endpoint

458. Review application logs

459. Check resource limits (CPU, memory)

460. Verify network connectivity

461. Check dependent services

462. Review recent deployments

463. Redis cache misses increasing - Investigation

464. Check cache hit/miss ratio

465. Verify TTL settings

466. Check memory usage and eviction

467. Review cache key patterns

468. Look for cache invalidation issues

469. Check client connection issues

470. Kafka consumer lag growing - Resolution steps

471. Check consumer processing time

472. Verify partition assignment

473. Scale consumers (add instances)

474. Optimize consumer batch size

475. Check for slow downstream dependencies

476. Review consumer configuration

477. Elasticsearch cluster yellow/red status - Fix

478. Check unassigned shards

479. Verify replica settings

480. Check disk space on nodes

481. Review cluster allocation settings

482. Check for node failures

483. Rebalance shards if needed

484. Prometheus scraping failures - Troubleshooting

485. Verify target is reachable

486. Check firewall/network rules

487. Verify metrics endpoint is exposed

488. Check Prometheus logs

489. Verify service discovery config

490. Test metrics endpoint manually

491. Grafana dashboard not updating - Debug

492. Check data source connection

493. Verify time range selection

494. Check query syntax

495. Review Prometheus/data source availability

496. Check dashboard refresh settings

497. Look for query errors in browser console

498. API Gateway returning 5xx errors - Investigation

499. Check gateway logs

500. Verify backend service health

501. Check timeout configurations

502. Review rate limiting rules

503. Check authentication/authorization

504. Verify routing configuration

---

Interview Preparation Tips

Common Interview Patterns

Pattern 1: Troubleshooting Scenarios

• Always start with data/metrics
• Follow systematic approach
• Consider recent changes
• Think about dependencies
• Propose monitoring improvements

Pattern 2: System Design Questions

• Define requirements first
• Consider scale and load
• Plan for failure scenarios
• Include monitoring from start
• Discuss trade-offs

Pattern 3: Tool Selection

• Understand use case
• Consider scale and cost
• Think about team expertise
• Integration with existing tools
• Open-source vs commercial

Key Concepts to Master

1. Metrics Collection: Pull vs Push, sampling, cardinality
2. Log Aggregation: Centralization, parsing, storage, retention
3. Distributed Tracing: Correlation, context propagation, sampling
4. Alerting: Thresholds, alert fatigue, actionable alerts
5. Scalability: Horizontal scaling, partitioning, caching
6. High Availability: Replication, failover, disaster recovery

Quick Reference Metrics

Application:

• Response time (p50, p95, p99)
• Request rate (req/sec)
• Error rate (%)
• Active users/connections

Infrastructure:

• CPU utilization (%)
• Memory usage (%)
• Disk I/O (IOPS, throughput)
• Network I/O (bytes/sec)

Database:

• Query execution time
• Connection pool usage
• Slow query count
• Replication lag

Cache (Redis):

• Hit rate (%)
• Memory usage
• Evicted keys
• Connected clients

Message Queue (Kafka):

• Consumer lag
• Message rate
• Under-replicated partitions
• Broker availability