DataDog · CelianR · Jun 10, 2026 · Jun 10, 2026 · chatgpt-codex-connector · Jun 10, 2026
@@ -44,6 +44,7 @@ func (m *adSourceManager) AddSource(src *sources.LogSource) {
 	if isContainerSource(src) && m.sp.isAgentContainerID(src.Config.Identifier) {
 		return
 	}
+	disableAdaptiveSampling(src.Config)
 	m.logSources.AddSource(src)
 	if isContainerSource(src) {
 		m.sp.suppressIdentifier(src.Config.Identifier)
@@ -88,3 +89,16 @@ func isContainerSource(src *sources.LogSource) bool {
 	}
 	return false
 }
+
+// disableAdaptiveSampling stamps an explicit Enabled=false override on cfg so that
+// the decoder always picks NoopSampler for logssource sources, regardless of the
+// global logs_config.experimental_adaptive_sampling.enabled flag. The observer
+// pipeline must receive an unsampled stream; dropping logs here would cause the
+// anomaly detection engine to miss anomalies hidden in suppressed patterns.
+func disableAdaptiveSampling(cfg *logsconfig.LogsConfig) {
+	disabled := false
+	if cfg.ExperimentalAdaptiveSampling == nil {
+		cfg.ExperimentalAdaptiveSampling = &logsconfig.SourceAdaptiveSamplingOptions{}
+	}
+	cfg.ExperimentalAdaptiveSampling.Enabled = &disabled
+}
@@ -61,6 +61,25 @@ func TestADSourceManagerAddSourceKeepsNonAgentContainer(t *testing.T) {
 	assert.True(t, isSuppressed(sp, "app-container"), "active AD source should still suppress generic fallback collection")
 }
 
+func TestADSourceManagerAddSource_DisablesAdaptiveSampling(t *testing.T) {
+	wmeta := newWMetaMock(t)
+	wmeta.Set(runningContainer("app-container", "nginx"))
+
+	logSources := sources.NewLogSources()
+	sp := newSourceProvider(wmeta, logSources, nil)
+	mgr := newADSourceManager(logSources, service.NewServices(), sp)
+
+	src := newContainerADSource("app-container")
+	mgr.AddSource(src)
+
+	got := logSources.GetSources()
+	require.Len(t, got, 1)
+	as := got[0].Config.ExperimentalAdaptiveSampling
+	require.NotNil(t, as, "ExperimentalAdaptiveSampling must be set")
+	require.NotNil(t, as.Enabled, "ExperimentalAdaptiveSampling.Enabled must be set")
+	assert.False(t, *as.Enabled, "adaptive sampling must be disabled on logssource AD sources")
+}
+
 func TestADSourceManagerAddSourceKeepsUnknownContainer(t *testing.T) {
 	wmeta := newWMetaMock(t)
 

@@ -119,10 +119,12 @@ func (sp *sourceProvider) handleSet(c *workloadmeta.Container) {
 		sp.mu.Unlock()
 		return // an AD source already owns this container; skip generic source
 	}
-	src := sources.NewLogSource(c.EntityID.ID, &logsconfig.LogsConfig{
+	cfg := &logsconfig.LogsConfig{
 		Type:       string(c.Runtime),
 		Identifier: c.EntityID.ID,
-	})
+	}
+	disableAdaptiveSampling(cfg)
+	src := sources.NewLogSource(c.EntityID.ID, cfg)
 	sp.activeSources[c.EntityID.ID] = src
 	sp.mu.Unlock()
 

@@ -100,6 +100,17 @@ func TestHandleSet_AddsRunningContainer(t *testing.T) {
 	assert.Len(t, ls.GetSources(), 1)
 }
 
+func TestHandleSet_DisablesAdaptiveSampling(t *testing.T) {
+	sp, ls := newTestSourceProvider()
+	sp.handleSet(runningContainer("abc", "nginx"))
+	srcs := ls.GetSources()
+	require.Len(t, srcs, 1)
+	as := srcs[0].Config.ExperimentalAdaptiveSampling
+	require.NotNil(t, as, "ExperimentalAdaptiveSampling must be set")
+	require.NotNil(t, as.Enabled, "ExperimentalAdaptiveSampling.Enabled must be set")
+	assert.False(t, *as.Enabled, "adaptive sampling must be disabled on logssource sources")
+}
+
 func TestHandleSet_SkipsNonRunning(t *testing.T) {
 	sp, ls := newTestSourceProvider()
 	c := runningContainer("abc", "nginx")