[10:12:26] <RhinosF1>	 !help PM pls, I'm seeing a DDoS from within WMCS network
[10:12:26] <wm-bot>	 If you don't get a response in 15-30 minutes, please create a phabricator task -- https://phabricator.wikimedia.org/maniphest/task/edit/form/1/?projects=wmcs-kanban
[10:12:31] <RhinosF1>	 DoS*
[10:20:06] <SDineshKumar>	 RhinosF1 have you created a page at Klaxon ? or are the oncall handling the page ? - https://klaxon.wikimedia.org/
[10:24:47] <SDineshKumar>	 are you* the oncall ?
[10:29:29] <SDineshKumar>	 this task from recent past could be related RhinosF1 - https://phabricator.wikimedia.org/T291765
[10:38:41] <RhinosF1>	 SDineshKumar: I don't have klaxon access
[10:38:56] <RhinosF1>	 Nor do I need to page everyone
[10:40:25] <SDineshKumar>	 RhinosF1 - You would not page everyone but only a relevant SRE from security/traffic team. I suggest you report your findings to the chatroom #wikimedia-sre
[11:06:26] <RhinosF1>	 SDineshKumar: that's not how klaxon works to my knowledge and I only need WMCS staff to double check where some traffic is coming from if they're around
[11:16:41] <RhinosF1>	 But tbh it looks like it was just someone not understanding how to read a log
[11:20:46] <wm-bot>	 !log tools.lexeme-forms <lucaswerkmeister> deployed bf2834c472 (improve error handling)
[11:20:49] <stashbot>	 Logged the message at https://wikitech.wikimedia.org/wiki/Nova_Resource:Tools.lexeme-forms/SAL
[11:42:11] <majavah>	 RhinosF1: still need anything? I'm not around my laptop but might still be able to do something
[11:42:17] <RhinosF1>	 I'll pm
[12:55:09] <balloons>	 I hope all is sorted now
[12:55:59] <RhinosF1>	 balloons: WMCS IPs were a red herring
[12:56:13] <RhinosF1>	 doesn't looking like they were part of the issue
[12:56:32] <RhinosF1>	 Cant discuss details in public
[13:00:57] <balloons>	 Ack. Thank you.