-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to ascertain vault agent
authentication status from metrics
#26569
Labels
Comments
HI @markafarrell, thank you so much for raising this and for submitting your PR? I wonder if instead of adding a new metric, the server logs would be helpful? See https://github.com/hashicorp/vault/blob/main/command/agentproxyshared/auth/auth.go#L480 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Currently
vault agent
only exposes counters for authentication failures and successes. It does not expose a metric to tell you the current state of authentication (i.e.vault agent
has successfully authenticated and has a valid token orvault agent
has been unable to authenticate and does not have a valid token).Describe the solution you'd like
It would be good to expose a gauge (
vault.agent.auth.authenticated
) that is set to1
ifvault agent
has a valid token or0
if it does not.This metric could then be used for alerting to act if
vault agent
does not have a valid token.Describe alternatives you've considered
Currently this can be done in a round about way for looking at the value of
vault.agent.auth.failure
andvault.agent.auth.success
in a sliding window, however, it would be nicer if there was a single metric that told you the current status ofvault agent
authentication.The text was updated successfully, but these errors were encountered: