Cardinality killer
The cardinality killer watches series-per-label-value, blocks the runaway dimension before it hits storage, and tells you exactly which deploy introduced it.
Configure
POST /api/admin/cardinality/rules
{
"tenantId": "acme",
"labelName": "user_id",
"maxValues": 1000,
"action": "drop_new" // or "drop_metric" to drop the whole series
}
Detection
The edge maintains a per-tenant, per-label-name HyperLogLog. When a new label value would push the cardinality above the cap, the sample is dropped at ingest, a counter increments and a cardinality.violation event is logged with the offending series and the first deploy timestamp on that label value.
Deploy correlation
If you POST your CI deploy events to /api/admin/deploys the killer cross-references the violation timestamp with the closest deploy and surfaces "this deploy introduced 12,400 new request_id values" in the Cost view.
Pair with PulseAgent
The agent ships with a matching cardinality_guard processor (see PulseAgent) that drops the bad series even earlier — at the host. Defence in depth: agent + edge each cap independently.