The first eight chapters of this series have been about building an Auth Gateway. This one is about living with one. A gateway in front of every authenticated request is a force multiplier — for both your platform and any oncall page. If something is broken, it's broken everywhere at once. So observability isn't a Chapter 9 thing. It's a Chapter 0 thing. We just describe it last because there's enough mechanism to talk about that you need the rest of the series first. This chapter covers the four things you need to be able to do at 3 AM: Read a single log line and understand what happened. Trace a slow request from edge to upstream. Tell whether a pod is alive, ready, or in deep trouble. Get an alert once — not once per pod per second — when something degrades. The log line There are exactly two structured log lines per protected request: one from NGINX, one from the Auth Service. They share request_id , so you can join them.…