Unable to ascertain vault agent authentication status from metrics

[markafarrell]

Is your feature request related to a problem? Please describe.
Currently vault agent only exposes counters for authentication failures and successes. It does not expose a metric to tell you the current state of authentication (i.e. vault agent has successfully authenticated and has a valid token or vault agent has been unable to authenticate and does not have a valid token).

Describe the solution you'd like
It would be good to expose a gauge (vault.agent.auth.authenticated) that is set to 1 if vault agent has a valid token or 0 if it does not.
This metric could then be used for alerting to act if vault agent does not have a valid token.

Describe alternatives you've considered
Currently this can be done in a round about way for looking at the value of vault.agent.auth.failure and vault.agent.auth.success in a sliding window, however, it would be nicer if there was a single metric that told you the current status of vault agent authentication.

[divyaac]

HI @markafarrell, thank you so much for raising this and for submitting your PR? I wonder if instead of adding a new metric, the server logs would be helpful? See https://github.com/hashicorp/vault/blob/main/command/agentproxyshared/auth/auth.go#L480

[markafarrell]

@divyaac See #26570 (comment)