diff --git a/.codecov.yml b/.codecov.yml index 106bb2c2e6833..e6f2dc6849f3e 100644 --- a/.codecov.yml +++ b/.codecov.yml @@ -570,6 +570,10 @@ coverage: target: 75 flags: - teamcity + Teleport: + target: 75 + flags: + - teleport Tekton: target: 75 flags: @@ -1392,6 +1396,11 @@ flags: paths: - teamcity/datadog_checks/teamcity - teamcity/tests + teleport: + carryforward: true + paths: + - teleport/datadog_checks/teleport + - teleport/tests tekton: carryforward: true paths: diff --git a/.github/workflows/config/labeler.yml b/.github/workflows/config/labeler.yml index ed81318358064..aba36a3bd37cb 100644 --- a/.github/workflows/config/labeler.yml +++ b/.github/workflows/config/labeler.yml @@ -335,10 +335,10 @@ integration/oracle: - oracle/**/* integration/otel: - otel/**/* -integration/pan_firewall: -- pan_firewall/**/* integration/palo_alto_panorama: - palo_alto_panorama/**/* +integration/pan_firewall: +- pan_firewall/**/* integration/pdh_check: - pdh_check/**/* integration/pgbouncer: @@ -447,6 +447,8 @@ integration/teamcity: - teamcity/**/* integration/tekton: - tekton/**/* +integration/teleport: +- teleport/**/* integration/temporal: - temporal/**/* integration/tenable: diff --git a/.github/workflows/test-all.yml b/.github/workflows/test-all.yml index 5b072a88f626f..5ca8f198d8ab8 100644 --- a/.github/workflows/test-all.yml +++ b/.github/workflows/test-all.yml @@ -3203,6 +3203,25 @@ jobs: test-py3: ${{ inputs.test-py3 }} minimum-base-package: ${{ inputs.minimum-base-package }} secrets: inherit + je68b3b9: + uses: ./.github/workflows/test-target.yml + with: + job-name: Teleport + target: teleport + platform: linux + runner: '["ubuntu-22.04"]' + repo: "${{ inputs.repo }}" + python-version: "${{ inputs.python-version }}" + standard: ${{ inputs.standard }} + latest: ${{ inputs.latest }} + agent-image: "${{ inputs.agent-image }}" + agent-image-py2: "${{ inputs.agent-image-py2 }}" + agent-image-windows: "${{ inputs.agent-image-windows }}" + agent-image-windows-py2: "${{ inputs.agent-image-windows-py2 }}" + test-py2: ${{ inputs.test-py2 }} + test-py3: ${{ inputs.test-py3 }} + minimum-base-package: ${{ inputs.minimum-base-package }} + secrets: inherit j840fec7: uses: ./.github/workflows/test-target.yml with: diff --git a/teleport/CHANGELOG.md b/teleport/CHANGELOG.md new file mode 100644 index 0000000000000..abaafea1bdebf --- /dev/null +++ b/teleport/CHANGELOG.md @@ -0,0 +1,3 @@ +# CHANGELOG - Teleport + + diff --git a/teleport/README.md b/teleport/README.md new file mode 100644 index 0000000000000..c8f38363e11ef --- /dev/null +++ b/teleport/README.md @@ -0,0 +1,63 @@ +# Agent Check: Teleport + +## Overview + +This check monitors [Teleport][1] through the Datadog Agent. + +## Setup + +Follow the instructions below to install and configure this check for an Agent running on a host. For containerized environments, see the [Autodiscovery Integration Templates][3] for guidance on applying these instructions. + +### Installation + +The Teleport check is included in the [Datadog Agent][2] package. +No additional installation is needed on your server. + +### Prerequisites + +The Teleport check gathers Teleport's metrics and performance data using two distinct endpoints: + - The [Health endpoint](https://goteleport.com/docs/management/diagnostics/monitoring/#healthz) provides the overall health status of your Teleport instance. + - The [OpenMetrics endpoint](https://goteleport.com/docs/reference/metrics/#auth-service-and-backends) extracts metrics on the Teleport instance and the various services operating within that instance. + +These endpoints aren't activated by default. To enable the diagnostic HTTP endpoints in your Teleport instance, please refer to the public Teleport [documentation](https://goteleport.com/docs/management/diagnostics/monitoring/#enable-health-monitoring). + +### Configuration + +1. Edit the `teleport.d/conf.yaml` file, in the `conf.d/` folder at the root of your Agent's configuration directory to start collecting your teleport performance data. See the [sample teleport.d/conf.yaml][4] for all available configuration options. + +2. [Restart the Agent][5]. + +### Validation + +[Run the Agent's status subcommand][6] and look for `teleport` under the Checks section. + +## Data Collected + +### Metrics + +See [metadata.csv][7] for a list of metrics provided by this integration. + +### Events + +The Teleport integration does not include any events. + +### Service Checks + +The Teleport integration does not include any service checks. + +See [service_checks.json][8] for a list of service checks provided by this integration. + +## Troubleshooting + +Need help? Contact [Datadog support][9]. + + +[1]: **LINK_TO_INTEGRATION_SITE** +[2]: https://app.datadoghq.com/account/settings/agent/latest +[3]: https://docs.datadoghq.com/agent/kubernetes/integrations/ +[4]: https://github.com/DataDog/integrations-core/blob/master/teleport/datadog_checks/teleport/data/conf.yaml.example +[5]: https://docs.datadoghq.com/agent/guide/agent-commands/#start-stop-and-restart-the-agent +[6]: https://docs.datadoghq.com/agent/guide/agent-commands/#agent-status-and-information +[7]: https://github.com/DataDog/integrations-core/blob/master/teleport/metadata.csv +[8]: https://github.com/DataDog/integrations-core/blob/master/teleport/assets/service_checks.json +[9]: https://docs.datadoghq.com/help/ diff --git a/teleport/assets/configuration/spec.yaml b/teleport/assets/configuration/spec.yaml new file mode 100644 index 0000000000000..680f2c90c5b8d --- /dev/null +++ b/teleport/assets/configuration/spec.yaml @@ -0,0 +1,23 @@ +name: Teleport +files: +- name: teleport.yaml + options: + - template: init_config + options: + - template: init_config/default + - template: instances + options: + - name: "teleport_url" + required: true + description: "The Teleport URL to connect to." + value: + type: string + example: "http://127.0.0.1" + - name: "diag_port" + description: "The Teleport Diagnostic Port." + value: + type: integer + example: 3000 + + + - template: instances/default diff --git a/teleport/assets/service_checks.json b/teleport/assets/service_checks.json new file mode 100644 index 0000000000000..fe51488c7066f --- /dev/null +++ b/teleport/assets/service_checks.json @@ -0,0 +1 @@ +[] diff --git a/teleport/changelog.d/16877.added b/teleport/changelog.d/16877.added new file mode 100644 index 0000000000000..4ec7951e3695a --- /dev/null +++ b/teleport/changelog.d/16877.added @@ -0,0 +1 @@ +Add the Teleport Integration diff --git a/teleport/datadog_checks/__init__.py b/teleport/datadog_checks/__init__.py new file mode 100644 index 0000000000000..1517d901c0aae --- /dev/null +++ b/teleport/datadog_checks/__init__.py @@ -0,0 +1,4 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) +__path__ = __import__('pkgutil').extend_path(__path__, __name__) # type: ignore diff --git a/teleport/datadog_checks/teleport/__about__.py b/teleport/datadog_checks/teleport/__about__.py new file mode 100644 index 0000000000000..e9541ce83e9e5 --- /dev/null +++ b/teleport/datadog_checks/teleport/__about__.py @@ -0,0 +1,4 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) +__version__ = '0.0.1' diff --git a/teleport/datadog_checks/teleport/__init__.py b/teleport/datadog_checks/teleport/__init__.py new file mode 100644 index 0000000000000..49bfb144651dd --- /dev/null +++ b/teleport/datadog_checks/teleport/__init__.py @@ -0,0 +1,7 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) +from .__about__ import __version__ +from .check import TeleportCheck + +__all__ = ['__version__', 'TeleportCheck'] diff --git a/teleport/datadog_checks/teleport/check.py b/teleport/datadog_checks/teleport/check.py new file mode 100644 index 0000000000000..d9f97714b4059 --- /dev/null +++ b/teleport/datadog_checks/teleport/check.py @@ -0,0 +1,88 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +from datadog_checks.base import OpenMetricsBaseCheckV2 +from datadog_checks.base.checks.openmetrics.v2.transform import get_native_dynamic_transformer + +from .metrics import METRIC_MAP, METRIC_MAP_BY_SERVICE + + +class TeleportCheck(OpenMetricsBaseCheckV2): + __NAMESPACE__ = 'teleport' + DEFAULT_METRIC_LIMIT = 0 + DEFAULT_DIAG_PORT = 3000 + + def __init__(self, name, init_config, instances): + super().__init__(name, init_config, instances) + self.check_initializations.appendleft(self._parse_config) + self.check_initializations.append(self._configure_additional_transformers) + + def check(self, _): + try: + health_endpoint = f"{self.diag_addr}/healthz" + response = self.http.get(health_endpoint) + response.raise_for_status() + self.count("health.up", 1, tags=["teleport_status:ok"]) + except Exception as e: + self.log.error( + "Cannot connect to Teleport HTTP diagnostic health endpoint '%s': %s.\nPlease make sure to enable Teleport's diagnostic HTTP endpoints.", # noqa: E501 + health_endpoint, + str(e), + ) # noqa: E501 + self.count("health.up", 0, tags=["teleport_status:unreachable"]) + raise + + super().check(_) + + def _parse_config(self): + self.teleport_url = self.instance.get("teleport_url") + self.diag_port = self.instance.get("diag_port", self.DEFAULT_DIAG_PORT) + if self.teleport_url: + self.diag_addr = "{}:{}".format(self.teleport_url, self.diag_port) + self.instance.setdefault("openmetrics_endpoint", "{}/metrics".format(self.diag_addr)) + self.instance.setdefault("rename_labels", {'version': "teleport_version"}) + + def _configure_additional_transformers(self): + metric_transformer = self.scrapers[self.instance['openmetrics_endpoint']].metric_transformer + metric_transformer.add_custom_transformer(r'.*', self.configure_transformer_teleport_metrics(), pattern=True) + + def configure_transformer_teleport_metrics(self): + def transform(_metric, sample_data, _runtime_data): + for sample, tags, hostname in sample_data: + metric_name = _metric.name + metric_type = _metric.type + + # ignore metrics we don't collect + if metric_name not in METRIC_MAP: + continue + + # extract `teleport_service` tag + service = METRIC_MAP_BY_SERVICE.get(metric_name, "teleport") + tags = tags + [f"teleport_service:{service}"] + + # get mapped metric name + new_metric_name = METRIC_MAP[metric_name] + if isinstance(new_metric_name, dict) and "name" in new_metric_name: + new_metric_name = new_metric_name["name"] + + # send metric + metric_transformer = self.scrapers[self.instance['openmetrics_endpoint']].metric_transformer + + if metric_type == "counter": + self.count(new_metric_name + ".count", sample.value, tags=tags, hostname=hostname) + elif metric_type == "gauge": + self.gauge(new_metric_name, sample.value, tags=tags, hostname=hostname) + else: + native_transformer = get_native_dynamic_transformer( + self, new_metric_name, None, metric_transformer.global_options + ) + + def add_tag_to_sample(sample, service): + [sample, tags, hostname] = sample + return [sample, tags + [f"teleport_service:{service}"], hostname] + + modified_sample_data = (add_tag_to_sample(x, service) for x in sample_data) + native_transformer(_metric, modified_sample_data, _runtime_data) + + return transform diff --git a/teleport/datadog_checks/teleport/config_models/__init__.py b/teleport/datadog_checks/teleport/config_models/__init__.py new file mode 100644 index 0000000000000..106fff2032f68 --- /dev/null +++ b/teleport/datadog_checks/teleport/config_models/__init__.py @@ -0,0 +1,24 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +# This file is autogenerated. +# To change this file you should edit assets/configuration/spec.yaml and then run the following commands: +# ddev -x validate config -s +# ddev -x validate models -s + +from .instance import InstanceConfig +from .shared import SharedConfig + + +class ConfigMixin: + _config_model_instance: InstanceConfig + _config_model_shared: SharedConfig + + @property + def config(self) -> InstanceConfig: + return self._config_model_instance + + @property + def shared_config(self) -> SharedConfig: + return self._config_model_shared diff --git a/teleport/datadog_checks/teleport/config_models/defaults.py b/teleport/datadog_checks/teleport/config_models/defaults.py new file mode 100644 index 0000000000000..523382e36ca73 --- /dev/null +++ b/teleport/datadog_checks/teleport/config_models/defaults.py @@ -0,0 +1,24 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +# This file is autogenerated. +# To change this file you should edit assets/configuration/spec.yaml and then run the following commands: +# ddev -x validate config -s +# ddev -x validate models -s + + +def instance_diag_port(): + return 3000 + + +def instance_disable_generic_tags(): + return False + + +def instance_empty_default_hostname(): + return False + + +def instance_min_collection_interval(): + return 15 diff --git a/teleport/datadog_checks/teleport/config_models/instance.py b/teleport/datadog_checks/teleport/config_models/instance.py new file mode 100644 index 0000000000000..f784546aa2fb9 --- /dev/null +++ b/teleport/datadog_checks/teleport/config_models/instance.py @@ -0,0 +1,63 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +# This file is autogenerated. +# To change this file you should edit assets/configuration/spec.yaml and then run the following commands: +# ddev -x validate config -s +# ddev -x validate models -s + +from __future__ import annotations + +from typing import Optional + +from pydantic import BaseModel, ConfigDict, field_validator, model_validator + +from datadog_checks.base.utils.functions import identity +from datadog_checks.base.utils.models import validation + +from . import defaults, validators + + +class MetricPatterns(BaseModel): + model_config = ConfigDict( + arbitrary_types_allowed=True, + frozen=True, + ) + exclude: Optional[tuple[str, ...]] = None + include: Optional[tuple[str, ...]] = None + + +class InstanceConfig(BaseModel): + model_config = ConfigDict( + validate_default=True, + arbitrary_types_allowed=True, + frozen=True, + ) + diag_port: Optional[int] = None + disable_generic_tags: Optional[bool] = None + empty_default_hostname: Optional[bool] = None + metric_patterns: Optional[MetricPatterns] = None + min_collection_interval: Optional[float] = None + service: Optional[str] = None + tags: Optional[tuple[str, ...]] = None + teleport_url: str + + @model_validator(mode='before') + def _initial_validation(cls, values): + return validation.core.initialize_config(getattr(validators, 'initialize_instance', identity)(values)) + + @field_validator('*', mode='before') + def _validate(cls, value, info): + field = cls.model_fields[info.field_name] + field_name = field.alias or info.field_name + if field_name in info.context['configured_fields']: + value = getattr(validators, f'instance_{info.field_name}', identity)(value, field=field) + else: + value = getattr(defaults, f'instance_{info.field_name}', lambda: value)() + + return validation.utils.make_immutable(value) + + @model_validator(mode='after') + def _final_validation(cls, model): + return validation.core.check_model(getattr(validators, 'check_instance', identity)(model)) diff --git a/teleport/datadog_checks/teleport/config_models/shared.py b/teleport/datadog_checks/teleport/config_models/shared.py new file mode 100644 index 0000000000000..e39d447dfc4b9 --- /dev/null +++ b/teleport/datadog_checks/teleport/config_models/shared.py @@ -0,0 +1,45 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +# This file is autogenerated. +# To change this file you should edit assets/configuration/spec.yaml and then run the following commands: +# ddev -x validate config -s +# ddev -x validate models -s + +from __future__ import annotations + +from typing import Optional + +from pydantic import BaseModel, ConfigDict, field_validator, model_validator + +from datadog_checks.base.utils.functions import identity +from datadog_checks.base.utils.models import validation + +from . import validators + + +class SharedConfig(BaseModel): + model_config = ConfigDict( + validate_default=True, + arbitrary_types_allowed=True, + frozen=True, + ) + service: Optional[str] = None + + @model_validator(mode='before') + def _initial_validation(cls, values): + return validation.core.initialize_config(getattr(validators, 'initialize_shared', identity)(values)) + + @field_validator('*', mode='before') + def _validate(cls, value, info): + field = cls.model_fields[info.field_name] + field_name = field.alias or info.field_name + if field_name in info.context['configured_fields']: + value = getattr(validators, f'shared_{info.field_name}', identity)(value, field=field) + + return validation.utils.make_immutable(value) + + @model_validator(mode='after') + def _final_validation(cls, model): + return validation.core.check_model(getattr(validators, 'check_shared', identity)(model)) diff --git a/teleport/datadog_checks/teleport/config_models/validators.py b/teleport/datadog_checks/teleport/config_models/validators.py new file mode 100644 index 0000000000000..70150e85e6124 --- /dev/null +++ b/teleport/datadog_checks/teleport/config_models/validators.py @@ -0,0 +1,13 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +# Here you can include additional config validators or transformers +# +# def initialize_instance(values, **kwargs): +# if 'my_option' not in values and 'my_legacy_option' in values: +# values['my_option'] = values['my_legacy_option'] +# if values.get('my_number') > 10: +# raise ValueError('my_number max value is 10, got %s' % str(values.get('my_number'))) +# +# return values diff --git a/teleport/datadog_checks/teleport/data/conf.yaml.example b/teleport/datadog_checks/teleport/data/conf.yaml.example new file mode 100644 index 0000000000000..3cf8bcf5c9d2d --- /dev/null +++ b/teleport/datadog_checks/teleport/data/conf.yaml.example @@ -0,0 +1,64 @@ +## All options defined here are available to all instances. +# +init_config: + + ## @param service - string - optional + ## Attach the tag `service:` to every metric, event, and service check emitted by this integration. + ## + ## Additionally, this sets the default `service` for every log source. + # + # service: + +## Every instance is scheduled independently of the others. +# +instances: + + ## @param teleport_url - string - required + ## The Teleport URL to connect to. + # + - teleport_url: http://127.0.0.1 + + ## @param diag_port - integer - optional - default: 3000 + ## The Teleport Diagnostic Port. + # + # diag_port: 3000 + + ## @param tags - list of strings - optional + ## A list of tags to attach to every metric and service check emitted by this instance. + ## + ## Learn more about tagging at https://docs.datadoghq.com/tagging + # + # tags: + # - : + # - : + + ## @param service - string - optional + ## Attach the tag `service:` to every metric, event, and service check emitted by this integration. + ## + ## Overrides any `service` defined in the `init_config` section. + # + # service: + + ## @param min_collection_interval - number - optional - default: 15 + ## This changes the collection interval of the check. For more information, see: + ## https://docs.datadoghq.com/developers/write_agent_check/#collection-interval + # + # min_collection_interval: 15 + + ## @param empty_default_hostname - boolean - optional - default: false + ## This forces the check to send metrics with no hostname. + ## + ## This is useful for cluster-level checks. + # + # empty_default_hostname: false + + ## @param metric_patterns - mapping - optional + ## A mapping of metrics to include or exclude, with each entry being a regular expression. + ## + ## Metrics defined in `exclude` will take precedence in case of overlap. + # + # metric_patterns: + # include: + # - + # exclude: + # - diff --git a/teleport/datadog_checks/teleport/metrics.py b/teleport/datadog_checks/teleport/metrics.py new file mode 100644 index 0000000000000..5d788d19a950b --- /dev/null +++ b/teleport/datadog_checks/teleport/metrics.py @@ -0,0 +1,215 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +COMMON_METRICS_MAP = { + "process_state": "common.process_state", + "certificate_mismatch": "common.certificate_mismatch", + "rx": "common.rx", + "server_interactive_sessions_total": "common.server_interactive_sessions_total", + "teleport_build_info": "common.teleport_build_info", + "teleport_cache_events": "common.teleport_cache_events", + "teleport_cache_stale_events": "common.teleport_cache_stale_events", + "tx": "common.tx", +} + +PROXY_METRICS_MAP = { + "failed_connect_to_node_attempts": "proxy.failed_connect_to_node_attempts", + "failed_login_attempts": "proxy.failed_login_attempts", + "grpc_client_started": "proxy.grpc_client_started", + "grpc_client_handled": "proxy.grpc_client_handled", + "grpc_client_msg_received": "proxy.grpc_client_msg_received", + "grpc_client_msg_sent": "proxy.grpc_client_msg_sent", + "proxy_connection_limit_exceeded": "proxy.connection_limit_exceeded", + "proxy_peer_client_dial_error": "proxy.peer_client_dial_error", + "proxy_peer_server_connections": "proxy.peer_server_connections", + "proxy_peer_client_rpc": {"name": "proxy.peer_client_rpc", "type": "native_dynamic"}, + "proxy_peer_client_rpc_duration_seconds": "proxy.peer_client_rpc_duration_seconds", + "proxy_peer_client_message_sent_size": "proxy.peer_client_message_sent_size", + "proxy_peer_client_message_received_size": "proxy.peer_client_message_received_size", + "proxy_peer_server_rpc": "proxy.peer_server_rpc", + "proxy_peer_server_rpc_duration_seconds": "proxy.peer_server_rpc_duration_seconds", + "proxy_peer_server_message_sent_size": "proxy.peer_server_message_sent_size", + "proxy_peer_server_message_received_size": "proxy.peer_server_message_received_size", + "proxy_ssh_sessions_total": "proxy.ssh_sessions_total", + "proxy_missing_ssh_tunnels": "proxy.missing_ssh_tunnels", + "remote_clusters": "proxy.remote_clusters", + "teleport_connect_to_node_attempts": "proxy.teleport_connect_to_node_attempts", + "teleport_reverse_tunnels_connected": "proxy.teleport_reverse_tunnels_connected", + "trusted_clusters": "proxy.trusted_clusters", + "teleport_proxy_db_connection_setup_time_seconds": "proxy.teleport_proxy_db_connection_setup_time_seconds", + "teleport_proxy_db_connection_dial_attempts": "proxy.teleport_proxy_db_connection_dial_attempts", + "teleport_proxy_db_connection_dial_failures": "proxy.teleport_proxy_db_connection_dial_failures", + "teleport_proxy_db_attempted_servers_total": "proxy.teleport_proxy_db_attempted_servers_total", + "teleport_proxy_db_connection_tls_config_time_seconds": "proxy.teleport_proxy_db_connection_tls_config_time_seconds", # noqa: E501 + "teleport_proxy_db_active_connections_total": "proxy.teleport_proxy_db_active_connections_total", +} + +AUTH_SERVICE_METRICS_MAP = { + "auth_generate_requests_throttled": "auth.generate_requests_throttled", + "auth_generate_requests": {"name": "auth.generate_requests", "type": "native_dynamic"}, + "auth_generate_seconds": "auth.generate_seconds", + "grpc_server_handled": "auth.grpc_server_handled", + "grpc_server_msg_received": "auth.grpc_server_msg_received", + "grpc_server_msg_sent": "auth.grpc_server_msg_sent", + "grpc_server_started": "auth.grpc_server_started", + "cluster_name_not_found": "auth.cluster_name_not_found", + "teleport_connected_resources": "auth.connected_resources", + "teleport_registered_servers": "auth.registered_servers", + "teleport_registered_servers_by_install_methods": "auth.registered_servers_by_install_methods", + "user_login": "auth.user_login", + "teleport_migrations": "auth.migrations", + "watcher_event_sizes": "auth.watcher_event_sizes", + "watcher_events": "auth.watcher_events", +} + +AUTH_AUDIT_LOG_METRICS_MAP = { + "audit_failed_disk_monitoring": "auth.audit_log.failed_disk_monitoring", + "audit_failed_emit_events": "auth.audit_log.failed_emit_events", + "audit_percentage_disk_space_used": "auth.audit_log.percentage_disk_space_used", + "audit_server_open_files": "auth.audit_log.server_open_files", + "teleport_audit_emit_events": "auth.audit_log.emit_events", + "teleport_audit_parquetlog_batch_processing_seconds": "auth.audit_log.parquetlog_batch_processing_seconds", + "teleport_audit_parquetlog_s3_flush_seconds": "auth.audit_log.parquetlog_s3_flush_seconds", + "teleport_audit_parquetlog_delete_events_seconds": "auth.audit_log.parquetlog_delete_events_seconds", + "teleport_audit_parquetlog_batch_size": "auth.audit_log.parquetlog_batch_size", + "teleport_audit_parquetlog_batch_count": "auth.audit_log.parquetlog_batch_count", + "teleport_audit_parquetlog_last_processed_timestamp": "auth.audit_log.parquetlog_last_processed_timestamp", + "teleport_audit_parquetlog_age_oldest_processed_message": "auth.audit_log.parquetlog_age_oldest_processed_message", + "teleport_audit_parquetlog_errors_from_collect_count": "auth.audit_log.parquetlog_errors_from_collect_count", +} + +AUTH_BACKEND_S3_METRICS_MAP = { + "s3_requests": "auth.backend.s3_requests", + "s3_requests_seconds": "auth.backend.s3_requests_seconds", +} + +AUTH_BACKEND_CACHE_METRICS_MAP = { + "backend_batch_read_requests": "auth.cache.backend_batch_read_requests", + "backend_batch_read_seconds": "auth.cache.backend_batch_read_seconds", + "backend_batch_write_requests": "auth.cache.backend_batch_write_requests", + "backend_batch_write_seconds": "auth.cache.backend_batch_write_seconds", + "backend_read_requests": "auth.cache.backend_read_requests", + "backend_read_seconds": "auth.cache.backend_read_seconds", + "backend_requests": "auth.cache.backend_requests", + "backend_write_requests": "auth.cache.backend_write_requests", + "backend_write_seconds": "auth.cache.backend_write_seconds", + "watcher_event_sizes": "auth.cache.watcher_event_sizes", + "watcher_events": "auth.cache.watcher_events", +} + +AUTH_BACKEND_DYNAMO_METRICS_MAP = { + "dynamo_requests": "auth.backend.dynamo_requests", + "dynamo_requests_seconds": "auth.backend.dynamo_requests_seconds", +} + +AUTH_BACKEND_FIRESTORE_METRICS_MAP = { + "firestore_events_backend_batch_read_requests": "auth.backend.firestore_events_backend_batch_read_requests", + "firestore_events_backend_batch_read_seconds": "auth.backend.firestore_events_backend_batch_read_seconds", + "firestore_events_backend_batch_write_requests": "auth.backend.firestore_events_backend_batch_write_requests", + "firestore_events_backend_batch_write_seconds": "auth.backend.firestore_events_backend_batch_write_seconds", + "firestore_events_backend_read_requests": "auth.backend.firestore_events_backend_read_requests", + "firestore_events_backend_read_seconds": "auth.backend.firestore_events_backend_read_seconds", + "firestore_events_backend_requests": "auth.backend.firestore_events_backend_requests", + "firestore_events_backend_write_requests": "auth.backend.firestore_events_backend_write_requests", + "firestore_events_backend_write_seconds": "auth.backend.firestore_events_backend_write_seconds", +} + +AUTH_GCP_GCS_METRICS_MAP = { + "gcs_event_storage_downloads_seconds": "auth.backend.gcs_event_storage_downloads_seconds", + "gcs_event_storage_downloads": "auth.backend.gcs_event_storage_downloads", + "gcs_event_storage_uploads_seconds": "auth.backend.gcs_event_storage_uploads_seconds", + "gcs_event_storage_uploads": "auth.backend.gcs_event_storage_uploads", +} + +AUTH_ETCD_METRICS_MAP = { + "etcd_backend_batch_read_requests": "auth.backend.etcd_backend_batch_read_requests", + "etcd_backend_batch_read_seconds": "auth.backend.etcd_backend_batch_read_seconds", + "etcd_backend_read_requests": "auth.backend.etcd_backend_read_requests", + "etcd_backend_read_seconds": "auth.backend.etcd_backend_read_seconds", + "etcd_backend_tx_requests": "auth.backend.etcd_backend_tx_requests", + "etcd_backend_tx_seconds": "auth.backend.etcd_backend_tx_seconds", + "etcd_backend_write_requests": "auth.backend.etcd_backend_write_requests", + "etcd_backend_write_seconds": "auth.backend.etcd_backend_write_seconds", + "teleport_etcd_events": "auth.backend.etcd_teleport_etcd_events", + "teleport_etcd_event_backpressure": "auth.backend.etcd_teleport_etcd_event_backpressure", +} + + +AUTH_METRICS_MAP = { + **AUTH_SERVICE_METRICS_MAP, + **AUTH_AUDIT_LOG_METRICS_MAP, + **AUTH_BACKEND_S3_METRICS_MAP, + **AUTH_BACKEND_CACHE_METRICS_MAP, + **AUTH_BACKEND_DYNAMO_METRICS_MAP, + **AUTH_BACKEND_FIRESTORE_METRICS_MAP, + **AUTH_GCP_GCS_METRICS_MAP, + **AUTH_ETCD_METRICS_MAP, +} # noqa: E501 + +SSH_METRICS_MAP = { + "user_max_concurrent_sessions_hit": "ssh.user_max_concurrent_sessions_hit", +} + +KUBERNETES_METRICS_MAP = { + "teleport_kubernetes_client_in_flight_requests": "kubernetes.client_in_flight_requests", + "teleport_kubernetes_client_requests": "kubernetes.client_requests", + "teleport_kubernetes_client_tls_duration_seconds": "kubernetes.client_tls_duration_seconds", + "teleport_kubernetes_client_got_conn_duration_seconds": "kubernetes.client_got_conn_duration_seconds", + "teleport_kubernetes_client_first_byte_response_duration_seconds": "kubernetes.client_first_byte_response_duration_seconds", # noqa: E501 + "teleport_kubernetes_client_request_duration_seconds": "kubernetes.client_request_duration_seconds", + "teleport_kubernetes_server_in_flight_requests": "kubernetes.server_in_flight_requests", + "teleport_kubernetes_server_api_requests": "kubernetes.server_api_requests", + "teleport_kubernetes_server_request_duration_seconds": "kubernetes.server_request_duration_seconds", + "teleport_kubernetes_server_response_size_bytes": "kubernetes.server_response_size_bytes", + "teleport_kubernetes_server_exec_in_flight_sessions": "kubernetes.server_exec_in_flight_sessions", + "teleport_kubernetes_server_exec_sessions": "kubernetes.server_exec_sessions", + "teleport_kubernetes_server_portforward_in_flight_sessions": "kubernetes.server_portforward_in_flight_sessions", # noqa: E501 + "teleport_kubernetes_server_portforward_sessions": "kubernetes.server_portforward_sessions", + "teleport_kubernetes_server_join_in_flight_sessions": "kubernetes.server_join_in_flight_sessions", + "teleport_kubernetes_server_join_sessions": "kubernetes.server_join_sessions", +} + +DATABASE_METRICS_MAP = { + "teleport_db_messages_from_client": "db.messages_from_client", + "teleport_db_messages_from_server": "db.messages_from_server", + "teleport_db_method_call_count": "db.method_call_count", + "teleport_db_method_call_latency_seconds": "db.method_call_latency_seconds", + "teleport_db_initialized_connections": "db.initialized_connections", + "teleport_db_active_connections_total": "db.active_connections_total", + "teleport_db_connection_durations_seconds": "db.connection_durations_seconds", + "teleport_db_connection_setup_time_seconds": "db.connection_setup_time_seconds", + "teleport_db_errors": "db.errors", +} + +BPF_METRICS_MAP = { + "bpf_lost_command_events": "bpf.lost_command_events", + "bpf_lost_disk_events": "bpf.lost_disk_events", + "bpf_lost_network_events": "bpf.lost_network_events", +} + +PROMETHEUS_METRICS_MAP = { + "promhttp_metric_handler_requests_in_flight": "prom.http_metric_handler_requests_in_flight", + "promhttp_metric_handler_requests": "prom.http_metric_handler_requests", +} + + +METRIC_MAP = { + **COMMON_METRICS_MAP, + **PROXY_METRICS_MAP, + **AUTH_METRICS_MAP, + **SSH_METRICS_MAP, + **KUBERNETES_METRICS_MAP, + **DATABASE_METRICS_MAP, + **BPF_METRICS_MAP, + **PROMETHEUS_METRICS_MAP, +} + +METRIC_MAP_BY_SERVICE = { + **{metric: "teleport" for metric in COMMON_METRICS_MAP.keys()}, + **{metric: "proxy" for metric in PROXY_METRICS_MAP.keys()}, + **{metric: "auth" for metric in AUTH_METRICS_MAP.keys()}, + **{metric: "ssh" for metric in SSH_METRICS_MAP.keys()}, + **{metric: "kubernetes" for metric in KUBERNETES_METRICS_MAP.keys()}, + **{metric: "database" for metric in DATABASE_METRICS_MAP.keys()}, +} diff --git a/teleport/hatch.toml b/teleport/hatch.toml new file mode 100644 index 0000000000000..001e43ce25414 --- /dev/null +++ b/teleport/hatch.toml @@ -0,0 +1,4 @@ +[env.collectors.datadog-checks] + +[[envs.default.matrix]] +python = ["3.11"] diff --git a/teleport/images/IMAGES_README.md b/teleport/images/IMAGES_README.md new file mode 100644 index 0000000000000..c915b722acace --- /dev/null +++ b/teleport/images/IMAGES_README.md @@ -0,0 +1,46 @@ +# Marketplace Media Carousel Guidelines + +## Using the media gallery + +To use the media gallery, you must upload a minimum of one image. The gallery +can hold a maximum of 8 pieces of media total, and one of these pieces of media +can be a video (guidelines and submission steps below). Images should be +added to your /images directory and referenced in the manifest.json file. + + +## Image and video requirements + +### Images + +``` +File type : .jpg or .png +File size : ~500 KB per image, with a max of 1 MB per image +File dimensions : The aspect ratio must be 16:9 minimum, with these constraints: + + Width: 1440px + Min height: 810px + Max height: 2560px + +File name : Use only letters, numbers, underscores, and hyphens +Color mode : RGB +Color profile : sRGB +Description : 300 characters maximum +``` + +### Video + +To display a video in your media gallery, please send our team the zipped file +or a link to download the video at `marketplace@datadog.com`. In addition, +please upload a thumbnail image for your video as a part of the pull request. +Once approved, we will upload the file to Vimeo and provide you with the +vimeo_id to add to your manifest.json file. Please note that the gallery can +only hold one video. + +``` +File type : MP4 H.264 +File size : Max 1 video; 1 GB maximum size +File dimensions : The aspect ratio must be exactly 16:9, and the resolution must be 1920x1080 or higher +File name : partnerName-appName.mp4 +Run time : Recommendation of 60 seconds or less +Description : 300 characters maximum +``` diff --git a/teleport/manifest.json b/teleport/manifest.json new file mode 100644 index 0000000000000..bd4bd2176d893 --- /dev/null +++ b/teleport/manifest.json @@ -0,0 +1,55 @@ +{ + "manifest_version": "2.0.0", + "app_uuid": "e47d5541-de7d-4ce6-8105-03c6dac5852a", + "app_id": "teleport", + "display_on_public_website": false, + "tile": { + "overview": "README.md#Overview", + "configuration": "README.md#Setup", + "support": "README.md#Support", + "changelog": "CHANGELOG.md", + "description": "Collect key metrics to monitor the health of your Teleport instance.", + "title": "Teleport", + "media": [], + "classifier_tags": [ + "Supported OS::Linux", + "Supported OS::Windows", + "Supported OS::macOS", + "Category::Cloud", + "Category::Security" + ] + }, + "assets": { + "integration": { + "auto_install": true, + "source_type_id": 7291105, + "source_type_name": "Teleport", + "configuration": { + "spec": "assets/configuration/spec.yaml" + }, + "events": { + "creates_events": false + }, + "metrics": { + "prefix": "teleport.", + "check": [ + "teleport.common.process_state", + "teleport.common.rx", + "teleport.common.tx", + "teleport.common.teleport_build_info" + ], + "metadata_path": "metadata.csv" + }, + "service_checks": { + "metadata_path": "assets/service_checks.json" + } + } + }, + "author": { + "support_email": "help@datadoghq.com", + "name": "Datadog", + "homepage": "https://www.datadoghq.com", + "sales_email": "info@datadoghq.com" + }, + "oauth": {} +} diff --git a/teleport/metadata.csv b/teleport/metadata.csv new file mode 100644 index 0000000000000..55eafc8510d5b --- /dev/null +++ b/teleport/metadata.csv @@ -0,0 +1,210 @@ +metric_name,metric_type,interval,unit_name,per_unit_name,description,orientation,integration,short_name,curated_metric +teleport.auth.audit_log.emit_events,count,,,,Number of audit events emitted,0,teleport,, +teleport.auth.audit_log.failed_disk_monitoring,count,,,,Number of times disk monitoring failed.,0,teleport,, +teleport.auth.audit_log.failed_emit_events,count,,,,Number of times emitting audit event failed.,0,teleport,, +teleport.auth.audit_log.parquetlog_age_oldest_processed_message,gauge,,,,,0,teleport,, +teleport.auth.audit_log.parquetlog_batch_count,count,,,,,0,teleport,, +teleport.auth.audit_log.parquetlog_batch_processing_seconds.bucket,count,,second,,,0,teleport,, +teleport.auth.audit_log.parquetlog_batch_processing_seconds.count,count,,second,,,0,teleport,, +teleport.auth.audit_log.parquetlog_batch_processing_seconds.sum,count,,second,,,0,teleport,, +teleport.auth.audit_log.parquetlog_batch_size.bucket,count,,,,,0,teleport,, +teleport.auth.audit_log.parquetlog_batch_size.count,count,,,,,0,teleport,, +teleport.auth.audit_log.parquetlog_batch_size.sum,count,,,,,0,teleport,, +teleport.auth.audit_log.parquetlog_delete_events_seconds.bucket,count,,second,,,0,teleport,, +teleport.auth.audit_log.parquetlog_delete_events_seconds.count,count,,second,,,0,teleport,, +teleport.auth.audit_log.parquetlog_delete_events_seconds.sum,count,,second,,,0,teleport,, +teleport.auth.audit_log.parquetlog_errors_from_collect_count,count,,,,,0,teleport,, +teleport.auth.audit_log.parquetlog_last_processed_timestamp,gauge,,,,,0,teleport,, +teleport.auth.audit_log.parquetlog_s3_flush_seconds.bucket,count,,second,,,0,teleport,, +teleport.auth.audit_log.parquetlog_s3_flush_seconds.count,count,,second,,,0,teleport,, +teleport.auth.audit_log.parquetlog_s3_flush_seconds.sum,count,,second,,,0,teleport,, +teleport.auth.audit_log.percentage_disk_space_used,gauge,,,,Percentage disk space used.,0,teleport,, +teleport.auth.audit_log.server_open_files,gauge,,,,Number of open audit files,0,teleport,, +teleport.auth.backend.dynamo_requests,count,,,,Total number of requests to the DYNAMO API.,0,teleport,, +teleport.auth.backend.dynamo_requests_seconds.bucket,count,,second,,,0,teleport,, +teleport.auth.backend.dynamo_requests_seconds.count,count,,second,,,0,teleport,, +teleport.auth.backend.dynamo_requests_seconds.sum,count,,second,,,0,teleport,, +teleport.auth.backend.etcd_backend_batch_read_requests,count,,,,Number of read requests to the etcd database.,0,teleport,, +teleport.auth.backend.etcd_backend_batch_read_seconds.bucket,count,,second,,Latency for etcd read operations.,0,teleport,, +teleport.auth.backend.etcd_backend_batch_read_seconds.count,count,,second,,Latency for etcd read operations.,0,teleport,, +teleport.auth.backend.etcd_backend_batch_read_seconds.sum,count,,second,,Latency for etcd read operations.,0,teleport,, +teleport.auth.backend.etcd_backend_read_requests,count,,,,Number of read requests to the etcd database.,0,teleport,, +teleport.auth.backend.etcd_backend_read_seconds.bucket,count,,second,,Latency for etcd read operations.,0,teleport,, +teleport.auth.backend.etcd_backend_read_seconds.count,count,,second,,Latency for etcd read operations.,0,teleport,, +teleport.auth.backend.etcd_backend_read_seconds.sum,count,,second,,Latency for etcd read operations.,0,teleport,, +teleport.auth.backend.etcd_backend_tx_requests,count,,,,Number of transaction requests to the database.,0,teleport,, +teleport.auth.backend.etcd_backend_tx_seconds.bucket,count,,second,,Latency for etcd transaction operations.,0,teleport,, +teleport.auth.backend.etcd_backend_tx_seconds.count,count,,second,,Latency for etcd transaction operations.,0,teleport,, +teleport.auth.backend.etcd_backend_tx_seconds.sum,count,,second,,Latency for etcd transaction operations.,0,teleport,, +teleport.auth.backend.etcd_backend_write_requests,count,,,,Number of write requests to the database.,0,teleport,, +teleport.auth.backend.etcd_backend_write_seconds.bucket,count,,second,,Latency for etcd write operations.,0,teleport,, +teleport.auth.backend.etcd_backend_write_seconds.count,count,,second,,Latency for etcd write operations.,0,teleport,, +teleport.auth.backend.etcd_backend_write_seconds.sum,count,,second,,Latency for etcd write operations.,0,teleport,, +teleport.auth.backend.etcd_teleport_etcd_event_backpressure,count,,,,Total number of times event processing encountered backpressure.,0,teleport,, +teleport.auth.backend.etcd_teleport_etcd_events,count,,,,Total number of etcd events processed.,0,teleport,, +teleport.auth.backend.firestore_events_backend_batch_read_requests,count,,,,Number of batch read requests to Cloud Firestore events.,0,teleport,, +teleport.auth.backend.firestore_events_backend_batch_read_seconds.bucket,count,,second,,Latency for Cloud Firestore events batch read operations.,0,teleport,, +teleport.auth.backend.firestore_events_backend_batch_read_seconds.count,count,,second,,Latency for Cloud Firestore events batch read operations.,0,teleport,, +teleport.auth.backend.firestore_events_backend_batch_read_seconds.sum,count,,second,,Latency for Cloud Firestore events batch read operations.,0,teleport,, +teleport.auth.backend.firestore_events_backend_batch_write_requests,count,,,,Number of batch write requests to Cloud Firestore events.,0,teleport,, +teleport.auth.backend.firestore_events_backend_batch_write_seconds.bucket,count,,second,,Latency for Cloud Firestore events batch write operations.,0,teleport,, +teleport.auth.backend.firestore_events_backend_batch_write_seconds.count,count,,second,,Latency for Cloud Firestore events batch write operations.,0,teleport,, +teleport.auth.backend.firestore_events_backend_batch_write_seconds.sum,count,,second,,Latency for Cloud Firestore events batch write operations.,0,teleport,, +teleport.auth.backend.firestore_events_backend_write_requests,count,,,,Number of write requests to Cloud Firestore events.,0,teleport,, +teleport.auth.backend.firestore_events_backend_write_seconds.bucket,count,,second,,Latency for Cloud Firestore events write operations.,0,teleport,, +teleport.auth.backend.firestore_events_backend_write_seconds.count,count,,second,,Latency for Cloud Firestore events write operations.,0,teleport,, +teleport.auth.backend.firestore_events_backend_write_seconds.sum,count,,second,,Latency for Cloud Firestore events write operations.,0,teleport,, +teleport.auth.backend.gcs_event_storage_downloads,count,,,,Number of downloads from the GCS backend.,0,teleport,, +teleport.auth.backend.gcs_event_storage_downloads_seconds.bucket,count,,second,,Latency for GCS download operations.,0,teleport,, +teleport.auth.backend.gcs_event_storage_downloads_seconds.count,count,,second,,Latency for GCS download operations.,0,teleport,, +teleport.auth.backend.gcs_event_storage_downloads_seconds.sum,count,,second,,Latency for GCS download operations.,0,teleport,, +teleport.auth.backend.gcs_event_storage_uploads,count,,,,Number of uploads to the GCS backend.,0,teleport,, +teleport.auth.backend.gcs_event_storage_uploads_seconds.bucket,count,,second,,Latency for GCS upload operations.,0,teleport,, +teleport.auth.backend.gcs_event_storage_uploads_seconds.count,count,,second,,Latency for GCS upload operations.,0,teleport,, +teleport.auth.backend.gcs_event_storage_uploads_seconds.sum,count,,second,,Latency for GCS upload operations.,0,teleport,, +teleport.auth.backend.s3_requests,count,,,,Total number of requests to the S3 API.,0,teleport,, +teleport.auth.backend.s3_requests_seconds.bucket,count,,second,,,0,teleport,, +teleport.auth.backend.s3_requests_seconds.count,count,,second,,,0,teleport,, +teleport.auth.backend.s3_requests_seconds.sum,count,,second,,,0,teleport,, +teleport.auth.cache.backend_batch_read_requests,count,,,,Number of read requests to the backend,0,teleport,, +teleport.auth.cache.backend_batch_read_seconds.bucket,count,,second,,Latency for batch read operations,0,teleport,, +teleport.auth.cache.backend_batch_read_seconds.count,count,,second,,Latency for batch read operations,0,teleport,, +teleport.auth.cache.backend_batch_read_seconds.sum,count,,second,,Latency for batch read operations,0,teleport,, +teleport.auth.cache.backend_batch_write_requests,count,,,,Number of batch write requests to the backend,0,teleport,, +teleport.auth.cache.backend_batch_write_seconds.bucket,count,,second,,Latency for backend batch write operations,0,teleport,, +teleport.auth.cache.backend_batch_write_seconds.count,count,,second,,Latency for backend batch write operations,0,teleport,, +teleport.auth.cache.backend_batch_write_seconds.sum,count,,second,,Latency for backend batch write operations,0,teleport,, +teleport.auth.cache.backend_read_requests,count,,,,Number of read requests to the backend,0,teleport,, +teleport.auth.cache.backend_read_seconds.bucket,count,,second,,Latency for read operations,0,teleport,, +teleport.auth.cache.backend_read_seconds.count,count,,second,,Latency for read operations,0,teleport,, +teleport.auth.cache.backend_read_seconds.sum,count,,second,,Latency for read operations,0,teleport,, +teleport.auth.cache.backend_requests,count,,,,"Number of requests to the backend (reads, writes, and keepalives)",0,teleport,, +teleport.auth.cache.backend_write_requests,count,,,,Number of write requests to the backend,0,teleport,, +teleport.auth.cache.backend_write_seconds.bucket,count,,second,,Latency for backend write operations,0,teleport,, +teleport.auth.cache.backend_write_seconds.count,count,,second,,Latency for backend write operations,0,teleport,, +teleport.auth.cache.backend_write_seconds.sum,count,,second,,Latency for backend write operations,0,teleport,, +teleport.auth.cache.watcher_event_sizes.bucket,count,,,,Overall size of events emitted,0,teleport,, +teleport.auth.cache.watcher_event_sizes.count,count,,,,Overall size of events emitted,0,teleport,, +teleport.auth.cache.watcher_event_sizes.sum,count,,,,Overall size of events emitted,0,teleport,, +teleport.auth.cache.watcher_events.bucket,count,,,,Per resources size of events emitted,0,teleport,, +teleport.auth.cache.watcher_events.count,count,,,,Per resources size of events emitted,0,teleport,, +teleport.auth.cache.watcher_events.sum,count,,,,Per resources size of events emitted,0,teleport,, +teleport.auth.cluster_name_not_found,count,,,,Number of times a cluster name was not found,0,teleport,, +teleport.auth.connected_resources,gauge,,,,,0,teleport,, +teleport.auth.generate_requests,gauge,,,,Number of current generate requests for server keys,0,teleport,, +teleport.auth.generate_requests_throttled,count,,,,Number of throttled requests to generate new server keys,0,teleport,, +teleport.auth.generate_seconds.bucket,count,,second,,Latency for generate requests for server keys,0,teleport,, +teleport.auth.generate_seconds.count,count,,second,,Latency for generate requests for server keys,0,teleport,, +teleport.auth.generate_seconds.sum,count,,second,,Latency for generate requests for server keys,0,teleport,, +teleport.auth.grpc_server_handled,count,,,,"Total number of RPCs completed on the server, regardless of success or failure.",0,teleport,, +teleport.auth.grpc_server_msg_received,count,,,,Total number of RPC stream messages received on the server.,0,teleport,, +teleport.auth.grpc_server_msg_sent,count,,,,Total number of gRPC stream messages sent by the server.,0,teleport,, +teleport.auth.grpc_server_started,count,,,,Total number of RPCs started on the server.,0,teleport,, +teleport.auth.migrations,gauge,,,,Migrations tracks for each migration if it is active (1) or not (0).,0,teleport,, +teleport.auth.registered_servers,gauge,,,,,0,teleport,, +teleport.auth.registered_servers_by_install_methods,gauge,,,,,0,teleport,, +teleport.auth.user_login,count,,,,Number of times there was a user login,0,teleport,, +teleport.bpf.lost_command_events,count,,,,,0,teleport,, +teleport.bpf.lost_disk_events,count,,,,,0,teleport,, +teleport.bpf.lost_network_events,count,,,,,0,teleport,, +teleport.common.certificate_mismatch,count,,,,Number of times there was a certificate mismatch,0,teleport,, +teleport.common.process_state,gauge,,,,"State of the teleport process: 0 - ok, 1 - recovering, 2 - degraded, 3 - starting",0,teleport,, +teleport.common.rx,count,,byte,,Number of bytes received.,0,teleport,, +teleport.common.server_interactive_sessions_total,gauge,,,,Number of active sessions to this host,0,teleport,, +teleport.common.teleport_build_info,gauge,,,,"Provides build information of Teleport including gitref (git describe --long --tags), Go version, and Teleport version. The value of this gauge will always be 1.",0,teleport,, +teleport.common.teleport_cache_events,count,,,,"Number of events received by a Teleport service cache. Teleport's Auth Service, Proxy Service, and other services cache incoming events related to their service.",0,teleport,, +teleport.common.teleport_cache_stale_events,count,,,,Number of stale events received by a Teleport service cache. A high percentage of stale events can indicate a degraded backend.,0,teleport,, +teleport.common.tx,count,,byte,,Number of bytes transmitted.,0,teleport,, +teleport.db.active_connections_total,gauge,,,,Number of active DB connections,0,teleport,, +teleport.db.connection_durations_seconds.bucket,count,,second,,Duration of DB connection,0,teleport,, +teleport.db.connection_durations_seconds.count,count,,second,,Duration of DB connection,0,teleport,, +teleport.db.connection_durations_seconds.sum,count,,second,,Duration of DB connection,0,teleport,, +teleport.db.connection_setup_time_seconds.bucket,count,,second,,"Initial time to setup DB connection, before any requests are handled",0,teleport,, +teleport.db.connection_setup_time_seconds.count,count,,second,,"Initial time to setup DB connection, before any requests are handled",0,teleport,, +teleport.db.connection_setup_time_seconds.sum,count,,second,,"Initial time to setup DB connection, before any requests are handled",0,teleport,, +teleport.db.errors,count,,,,Number of synthetic DB errors sent to the client,0,teleport,, +teleport.db.initialized_connections,count,,,,Number of initialized DB connections,0,teleport,, +teleport.db.messages_from_client,count,,,,Number of messages (packets) received from the DB client,0,teleport,, +teleport.db.messages_from_server,count,,,,Number of messages (packets) received from the DB server,0,teleport,, +teleport.db.method_call_count,count,,,,Number of times a DB method was called,0,teleport,, +teleport.db.method_call_latency_seconds.bucket,count,,second,,Call latency for a DB method calls,0,teleport,, +teleport.db.method_call_latency_seconds.count,count,,second,,Call latency for a DB method calls,0,teleport,, +teleport.db.method_call_latency_seconds.sum,count,,second,,Call latency for a DB method calls,0,teleport,, +teleport.kubernetes.client_first_byte_response_duration_seconds.bucket,count,,second,,Teleport Kubernetes Service Latency distribution of time to receive the first response byte from the upstream server.,0,teleport,, +teleport.kubernetes.client_first_byte_response_duration_seconds.count,count,,second,,Teleport Kubernetes Service Latency distribution of time to receive the first response byte from the upstream server.,0,teleport,, +teleport.kubernetes.client_first_byte_response_duration_seconds.sum,count,,second,,Teleport Kubernetes Service Latency distribution of time to receive the first response byte from the upstream server.,0,teleport,, +teleport.kubernetes.client_got_conn_duration_seconds.bucket,count,,second,,Teleport Kubernetes Service Latency distribution of time to dial to the upstream server - using reversetunnel or direct dialer.,0,teleport,, +teleport.kubernetes.client_got_conn_duration_seconds.count,count,,second,,Teleport Kubernetes Service Latency distribution of time to dial to the upstream server - using reversetunnel or direct dialer.,0,teleport,, +teleport.kubernetes.client_got_conn_duration_seconds.sum,count,,second,,Teleport Kubernetes Service Latency distribution of time to dial to the upstream server - using reversetunnel or direct dialer.,0,teleport,, +teleport.kubernetes.client_in_flight_requests,gauge,,,,Teleport Kubernetes Service In-flight requests waiting for the upstream response.,0,teleport,, +teleport.kubernetes.client_request_duration_seconds.bucket,count,,second,,Teleport Kubernetes Service Latency distribution of the upstream request time.,0,teleport,, +teleport.kubernetes.client_request_duration_seconds.count,count,,second,,Teleport Kubernetes Service Latency distribution of the upstream request time.,0,teleport,, +teleport.kubernetes.client_request_duration_seconds.sum,count,,second,,Teleport Kubernetes Service Latency distribution of the upstream request time.,0,teleport,, +teleport.kubernetes.client_requests,count,,,,"Teleport Kubernetes Service Total number of requests sent to the upstream teleport proxy, kube_service or Kubernetes Cluster servers.",0,teleport,, +teleport.kubernetes.client_tls_duration_seconds.bucket,count,,second,,Teleport Kubernetes Service Latency distribution of TLS handshakes.,0,teleport,, +teleport.kubernetes.client_tls_duration_seconds.count,count,,second,,Teleport Kubernetes Service Latency distribution of TLS handshakes.,0,teleport,, +teleport.kubernetes.client_tls_duration_seconds.sum,count,,second,,Teleport Kubernetes Service Latency distribution of TLS handshakes.,0,teleport,, +teleport.kubernetes.server_api_requests,count,,,,,0,teleport,, +teleport.kubernetes.server_exec_in_flight_sessions,gauge,,,,,0,teleport,, +teleport.kubernetes.server_exec_sessions,count,,,,,0,teleport,, +teleport.kubernetes.server_in_flight_requests,gauge,,,,In-flight requests currently handled by the server.,0,teleport,, +teleport.kubernetes.server_join_in_flight_sessions,gauge,,,,,0,teleport,, +teleport.kubernetes.server_join_sessions,count,,,,,0,teleport,, +teleport.kubernetes.server_portforward_in_flight_sessions,gauge,,,,,0,teleport,, +teleport.kubernetes.server_portforward_sessions,count,,,,,0,teleport,, +teleport.kubernetes.server_request_duration_seconds.bucket,count,,second,,,0,teleport,, +teleport.kubernetes.server_request_duration_seconds.count,count,,second,,,0,teleport,, +teleport.kubernetes.server_request_duration_seconds.sum,count,,second,,,0,teleport,, +teleport.kubernetes.server_response_size_bytes.bucket,count,,byte,,,0,teleport,, +teleport.kubernetes.server_response_size_bytes.count,count,,byte,,,0,teleport,, +teleport.kubernetes.server_response_size_bytes.sum,count,,byte,,,0,teleport,, +teleport.prom.http_metric_handler_requests,count,,,,Total number of scrapes by HTTP status code.,0,teleport,, +teleport.prom.http_metric_handler_requests_in_flight,gauge,,,,Current number of scrapes being served.,0,teleport,, +teleport.proxy.connection_limit_exceeded,count,,,,Number of times the proxy connection limit was exceeded,0,teleport,, +teleport.proxy.failed_connect_to_node_attempts,count,,,,Number of failed SSH connection attempts to a node. Use with `teleport_connect_to_node_attempts_total` to get the failure rate.,0,teleport,, +teleport.proxy.failed_login_attempts,count,,,,Number of times there was a failed login,0,teleport,, +teleport.proxy.grpc_client_handled,count,,,,"Total number of RPCs completed on the client, regardless of success or failure.",0,teleport,, +teleport.proxy.grpc_client_msg_received,count,,,,Total number of RPC stream messages received on the client.,0,teleport,, +teleport.proxy.grpc_client_msg_sent,count,,,,Total number of gRPC stream messages sent by the client.,0,teleport,, +teleport.proxy.grpc_client_started,count,,,,Total number of RPCs started on the client.,0,teleport,, +teleport.proxy.missing_ssh_tunnels,gauge,,,,Number of missing SSH tunnels,0,teleport,, +teleport.proxy.peer_client_dial_error,count,,,,Total number of errors encountered dialling peer Proxy Service instances.,0,teleport,, +teleport.proxy.peer_client_message_received_size.bucket,count,,,,Size of messages received by the client.,0,teleport,, +teleport.proxy.peer_client_message_received_size.count,count,,,,Size of messages received by the client.,0,teleport,, +teleport.proxy.peer_client_message_received_size.sum,count,,,,Size of messages received by the client.,0,teleport,, +teleport.proxy.peer_client_message_sent_size.bucket,count,,,,Size of messages sent by the client.,0,teleport,, +teleport.proxy.peer_client_message_sent_size.count,count,,,,Size of messages sent by the client.,0,teleport,, +teleport.proxy.peer_client_message_sent_size.sum,count,,,,Size of messages sent by the client.,0,teleport,, +teleport.proxy.peer_client_rpc,gauge,,,,Number of current client RPC requests.,0,teleport,, +teleport.proxy.peer_client_rpc_duration_seconds.bucket,count,,second,,Duration in seconds of RPCs sent by the client.,0,teleport,, +teleport.proxy.peer_client_rpc_duration_seconds.count,count,,second,,Duration in seconds of RPCs sent by the client.,0,teleport,, +teleport.proxy.peer_client_rpc_duration_seconds.sum,count,,second,,Duration in seconds of RPCs sent by the client.,0,teleport,, +teleport.proxy.peer_server_connections,gauge,,,,Number of currently opened connection to proxy Proxy Service instances.,0,teleport,, +teleport.proxy.peer_server_message_received_size.bucket,count,,,,Size of messages received by the server.,0,teleport,, +teleport.proxy.peer_server_message_received_size.count,count,,,,Size of messages received by the server.,0,teleport,, +teleport.proxy.peer_server_message_received_size.sum,count,,,,Size of messages received by the server.,0,teleport,, +teleport.proxy.peer_server_message_sent_size.bucket,count,,,,Size of messages sent by the server.,0,teleport,, +teleport.proxy.peer_server_message_sent_size.count,count,,,,Size of messages sent by the server.,0,teleport,, +teleport.proxy.peer_server_message_sent_size.sum,count,,,,Size of messages sent by the server.,0,teleport,, +teleport.proxy.peer_server_rpc,gauge,,,,Number of current server RPC requests.,0,teleport,, +teleport.proxy.peer_server_rpc_duration_seconds.bucket,count,,second,,Duration in seconds of RPCs sent by the server.,0,teleport,, +teleport.proxy.peer_server_rpc_duration_seconds.count,count,,second,,Duration in seconds of RPCs sent by the server.,0,teleport,, +teleport.proxy.peer_server_rpc_duration_seconds.sum,count,,second,,Duration in seconds of RPCs sent by the server.,0,teleport,, +teleport.proxy.remote_clusters,gauge,,,,Number of inbound connections from leaf clusters.,0,teleport,, +teleport.proxy.ssh_sessions_total,gauge,,,,Number of active sessions through this proxy,0,teleport,, +teleport.proxy.teleport_connect_to_node_attempts,count,,,,Number of SSH connection attempts to a node. Use with `failed_connect_to_node_attempts_total` to get the failure rate.,0,teleport,, +teleport.proxy.teleport_proxy_db_active_connections_total,gauge,,,,Number of currently active connections to DB service from Proxy service.,0,teleport,, +teleport.proxy.teleport_proxy_db_attempted_servers_total.bucket,count,,,,Number of servers processed during connection attempt to the DB service from Proxy service.,0,teleport,, +teleport.proxy.teleport_proxy_db_attempted_servers_total.count,count,,,,Number of servers processed during connection attempt to the DB service from Proxy service.,0,teleport,, +teleport.proxy.teleport_proxy_db_attempted_servers_total.sum,count,,,,Number of servers processed during connection attempt to the DB service from Proxy service.,0,teleport,, +teleport.proxy.teleport_proxy_db_connection_dial_attempts,count,,,,Number of dial attempts from Proxy to DB service made.,0,teleport,, +teleport.proxy.teleport_proxy_db_connection_dial_failures,count,,,,Number of failed dial attempts from Proxy to DB service made.,0,teleport,, +teleport.proxy.teleport_proxy_db_connection_setup_time_seconds.bucket,count,,second,,Time to establish connection to DB service from Proxy service.,0,teleport,, +teleport.proxy.teleport_proxy_db_connection_setup_time_seconds.count,count,,second,,Time to establish connection to DB service from Proxy service.,0,teleport,, +teleport.proxy.teleport_proxy_db_connection_setup_time_seconds.sum,count,,second,,Time to establish connection to DB service from Proxy service.,0,teleport,, +teleport.proxy.teleport_proxy_db_connection_tls_config_time_seconds.bucket,count,,second,,Time to fetch TLS configuration for the connection to DB service from Proxy service.,0,teleport,, +teleport.proxy.teleport_proxy_db_connection_tls_config_time_seconds.count,count,,second,,Time to fetch TLS configuration for the connection to DB service from Proxy service.,0,teleport,, +teleport.proxy.teleport_proxy_db_connection_tls_config_time_seconds.sum,count,,second,,Time to fetch TLS configuration for the connection to DB service from Proxy service.,0,teleport,, +teleport.proxy.teleport_reverse_tunnels_connected,gauge,,,,Number of reverse SSH tunnels connected to the Teleport Proxy Service by Teleport instances.,0,teleport,, +teleport.proxy.trusted_clusters,gauge,,,,Number of outbound connections to leaf clusters.,0,teleport,, +teleport.ssh.user_max_concurrent_sessions_hit,count,,,,Number of times a user exceeded their max concurrent ssh connections,0,teleport,, \ No newline at end of file diff --git a/teleport/pyproject.toml b/teleport/pyproject.toml new file mode 100644 index 0000000000000..38b162f52c627 --- /dev/null +++ b/teleport/pyproject.toml @@ -0,0 +1,60 @@ +[build-system] +requires = [ + "hatchling>=0.13.0", +] +build-backend = "hatchling.build" + +[project] +name = "datadog-teleport" +description = "The Teleport check" +readme = "README.md" +license = "BSD-3-Clause" +requires-python = ">=3.9" +keywords = [ + "datadog", + "datadog agent", + "datadog check", + "teleport", +] +authors = [ + { name = "Datadog", email = "packages@datadoghq.com" }, +] +classifiers = [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Intended Audience :: System Administrators", + "License :: OSI Approved :: BSD License", + "Private :: Do Not Upload", + "Programming Language :: Python :: 3.11", + "Topic :: System :: Monitoring", +] +dependencies = [ + "datadog-checks-base>=32.6.0", +] +dynamic = [ + "version", +] + +[project.optional-dependencies] +deps = [] + +[project.urls] +Source = "https://github.com/DataDog/integrations-core" + +[tool.hatch.version] +path = "datadog_checks/teleport/__about__.py" + +[tool.hatch.build.targets.sdist] +include = [ + "/datadog_checks", + "/tests", + "/manifest.json", +] + +[tool.hatch.build.targets.wheel] +include = [ + "/datadog_checks/teleport", +] +dev-mode-dirs = [ + ".", +] diff --git a/teleport/tests/__init__.py b/teleport/tests/__init__.py new file mode 100644 index 0000000000000..9103122bf028d --- /dev/null +++ b/teleport/tests/__init__.py @@ -0,0 +1,3 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) diff --git a/teleport/tests/common.py b/teleport/tests/common.py new file mode 100644 index 0000000000000..878e212723c11 --- /dev/null +++ b/teleport/tests/common.py @@ -0,0 +1,257 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + + +INSTANCE = {"teleport_url": "http://127.0.0.1", "diag_port": "3000"} + +BAD_HOSTNAME_INSTANCE = {"teleport_url": "https://invalid-hostname"} + +COMMON_METRICS = [ + "common.process_state", + "common.certificate_mismatch.count", + "common.rx.count", + "common.server_interactive_sessions_total", + "common.teleport_build_info", + "common.teleport_cache_events.count", + "common.teleport_cache_stale_events.count", + "common.tx.count", +] + +PROXY_METRICS = [ + "proxy.failed_connect_to_node_attempts.count", + "proxy.failed_login_attempts.count", + "proxy.grpc_client_started.count", + "proxy.grpc_client_handled.count", + "proxy.grpc_client_msg_received.count", + "proxy.grpc_client_msg_sent.count", + "proxy.connection_limit_exceeded.count", + "proxy.peer_client_dial_error.count", + "proxy.peer_server_connections", + "proxy.peer_client_rpc", + "proxy.peer_client_rpc.count", + "proxy.peer_client_rpc_duration_seconds.bucket", + "proxy.peer_client_rpc_duration_seconds.count", + "proxy.peer_client_rpc_duration_seconds.sum", + "proxy.peer_client_message_sent_size.bucket", + "proxy.peer_client_message_sent_size.count", + "proxy.peer_client_message_sent_size.sum", + "proxy.peer_client_message_received_size.bucket", + "proxy.peer_client_message_received_size.count", + "proxy.peer_client_message_received_size.sum", + "proxy.peer_server_rpc", + "proxy.peer_server_rpc_duration_seconds.bucket", + "proxy.peer_server_rpc_duration_seconds.count", + "proxy.peer_server_rpc_duration_seconds.sum", + "proxy.peer_server_message_sent_size.bucket", + "proxy.peer_server_message_sent_size.count", + "proxy.peer_server_message_sent_size.sum", + "proxy.peer_server_message_received_size.bucket", + "proxy.peer_server_message_received_size.count", + "proxy.peer_server_message_received_size.sum", + "proxy.ssh_sessions_total", + "proxy.missing_ssh_tunnels", + "proxy.remote_clusters", + "proxy.teleport_connect_to_node_attempts.count", + "proxy.teleport_reverse_tunnels_connected", + "proxy.trusted_clusters", + "proxy.teleport_proxy_db_connection_setup_time_seconds.bucket", + "proxy.teleport_proxy_db_connection_setup_time_seconds.count", + "proxy.teleport_proxy_db_connection_setup_time_seconds.sum", + "proxy.teleport_proxy_db_connection_dial_attempts.count", + "proxy.teleport_proxy_db_connection_dial_failures.count", + "proxy.teleport_proxy_db_attempted_servers_total.bucket", + "proxy.teleport_proxy_db_attempted_servers_total.count", + "proxy.teleport_proxy_db_attempted_servers_total.sum", + "proxy.teleport_proxy_db_connection_tls_config_time_seconds.bucket", + "proxy.teleport_proxy_db_connection_tls_config_time_seconds.count", + "proxy.teleport_proxy_db_connection_tls_config_time_seconds.sum", + "proxy.teleport_proxy_db_active_connections_total", +] + + +AUTH_METRICS = [ + "auth.generate_requests_throttled.count", + "auth.generate_requests.count", + "auth.generate_seconds.bucket", + "auth.generate_seconds.count", + "auth.generate_seconds.sum", + "auth.grpc_server_handled.count", + "auth.grpc_server_msg_received.count", + "auth.grpc_server_msg_sent.count", + "auth.grpc_server_started.count", + "auth.cluster_name_not_found.count", + "auth.user_login.count", + "auth.migrations", +] + + +AUTH_AUDIT_LOG_METRICS = [ + "auth.audit_log.failed_disk_monitoring.count", + "auth.audit_log.failed_emit_events.count", + "auth.audit_log.emit_events.count", + "auth.audit_log.parquetlog_batch_processing_seconds.bucket", + "auth.audit_log.parquetlog_batch_processing_seconds.count", + "auth.audit_log.parquetlog_batch_processing_seconds.sum", + "auth.audit_log.parquetlog_s3_flush_seconds.bucket", + "auth.audit_log.parquetlog_s3_flush_seconds.count", + "auth.audit_log.parquetlog_s3_flush_seconds.sum", + "auth.audit_log.parquetlog_delete_events_seconds.bucket", + "auth.audit_log.parquetlog_delete_events_seconds.count", + "auth.audit_log.parquetlog_delete_events_seconds.sum", + "auth.audit_log.parquetlog_batch_size.bucket", + "auth.audit_log.parquetlog_batch_size.count", + "auth.audit_log.parquetlog_batch_size.sum", + "auth.audit_log.parquetlog_batch_count.count", + "auth.audit_log.parquetlog_errors_from_collect_count.count", +] + +AUTH_BACKEND_S3_METRICS = [ + "auth.backend.s3_requests.count", + "auth.backend.s3_requests_seconds.bucket", + "auth.backend.s3_requests_seconds.count", + "auth.backend.s3_requests_seconds.sum", +] + +AUTH_BACKEND_CACHE_METRICS = [ + "auth.cache.backend_batch_read_requests.count", + "auth.cache.backend_batch_read_seconds.bucket", + "auth.cache.backend_batch_read_seconds.count", + "auth.cache.backend_batch_read_seconds.sum", + "auth.cache.backend_batch_write_requests.count", + "auth.cache.backend_batch_write_seconds.bucket", + "auth.cache.backend_batch_write_seconds.count", + "auth.cache.backend_batch_write_seconds.sum", + "auth.cache.backend_read_requests.count", + "auth.cache.backend_read_seconds.bucket", + "auth.cache.backend_read_seconds.count", + "auth.cache.backend_read_seconds.sum", + "auth.cache.backend_requests.count", + "auth.cache.backend_write_requests.count", + "auth.cache.backend_write_seconds.bucket", + "auth.cache.backend_write_seconds.count", + "auth.cache.backend_write_seconds.sum", + "auth.cache.watcher_event_sizes.count", + "auth.cache.watcher_event_sizes.sum", + "auth.cache.watcher_events.bucket", + "auth.cache.watcher_events.count", + "auth.cache.watcher_events.sum", +] + +AUTH_BACKEND_DYNAMO_METRICS = [ + "auth.backend.dynamo_requests.count", + "auth.backend.dynamo_requests_seconds.bucket", + "auth.backend.dynamo_requests_seconds.count", + "auth.backend.dynamo_requests_seconds.sum", +] + +AUTH_BACKEND_FIRESTORE_METRICS = [ + "auth.backend.firestore_events_backend_batch_read_requests.count", + "auth.backend.firestore_events_backend_batch_read_seconds.bucket", + "auth.backend.firestore_events_backend_batch_read_seconds.count", + "auth.backend.firestore_events_backend_batch_read_seconds.sum", + "auth.backend.firestore_events_backend_batch_write_requests.count", + "auth.backend.firestore_events_backend_batch_write_seconds.bucket", + "auth.backend.firestore_events_backend_batch_write_seconds.count", + "auth.backend.firestore_events_backend_batch_write_seconds.sum", + "auth.backend.firestore_events_backend_write_requests.count", + "auth.backend.firestore_events_backend_write_seconds.bucket", + "auth.backend.firestore_events_backend_write_seconds.count", + "auth.backend.firestore_events_backend_write_seconds.sum", +] + +AUTH_BACKEND_GCP_GCS_METRICS = [ + "auth.backend.gcs_event_storage_downloads_seconds.bucket", + "auth.backend.gcs_event_storage_downloads_seconds.count", + "auth.backend.gcs_event_storage_downloads_seconds.sum", + "auth.backend.gcs_event_storage_downloads.count", + "auth.backend.gcs_event_storage_uploads_seconds.bucket", + "auth.backend.gcs_event_storage_uploads_seconds.count", + "auth.backend.gcs_event_storage_uploads_seconds.sum", + "auth.backend.gcs_event_storage_uploads.count", +] + +AUTH_BACKEND_ETCD_METRICS = [ + "auth.backend.etcd_backend_batch_read_requests.count", + "auth.backend.etcd_backend_batch_read_seconds.bucket", + "auth.backend.etcd_backend_batch_read_seconds.count", + "auth.backend.etcd_backend_batch_read_seconds.sum", + "auth.backend.etcd_backend_read_requests.count", + "auth.backend.etcd_backend_read_seconds.bucket", + "auth.backend.etcd_backend_read_seconds.count", + "auth.backend.etcd_backend_read_seconds.sum", + "auth.backend.etcd_backend_tx_requests.count", + "auth.backend.etcd_backend_tx_seconds.bucket", + "auth.backend.etcd_backend_tx_seconds.count", + "auth.backend.etcd_backend_tx_seconds.sum", + "auth.backend.etcd_backend_write_requests.count", + "auth.backend.etcd_backend_write_seconds.bucket", + "auth.backend.etcd_backend_write_seconds.count", + "auth.backend.etcd_backend_write_seconds.sum", + "auth.backend.etcd_teleport_etcd_events.count", + "auth.backend.etcd_teleport_etcd_event_backpressure.count", +] + +SSH_METRICS = [ + "ssh.user_max_concurrent_sessions_hit.count", +] + +KUBERNETES_METRICS = [ + "kubernetes.client_in_flight_requests", + "kubernetes.client_requests.count", + "kubernetes.client_tls_duration_seconds.bucket", + "kubernetes.client_tls_duration_seconds.count", + "kubernetes.client_tls_duration_seconds.sum", + "kubernetes.client_got_conn_duration_seconds.bucket", + "kubernetes.client_got_conn_duration_seconds.count", + "kubernetes.client_got_conn_duration_seconds.sum", + "kubernetes.client_first_byte_response_duration_seconds.bucket", + "kubernetes.client_first_byte_response_duration_seconds.count", + "kubernetes.client_first_byte_response_duration_seconds.sum", + "kubernetes.client_request_duration_seconds.bucket", + "kubernetes.client_request_duration_seconds.count", + "kubernetes.client_request_duration_seconds.sum", + "kubernetes.server_in_flight_requests", + "kubernetes.server_api_requests.count", + "kubernetes.server_request_duration_seconds.bucket", + "kubernetes.server_request_duration_seconds.count", + "kubernetes.server_request_duration_seconds.sum", + "kubernetes.server_response_size_bytes.bucket", + "kubernetes.server_response_size_bytes.count", + "kubernetes.server_response_size_bytes.sum", + "kubernetes.server_exec_in_flight_sessions", + "kubernetes.server_exec_sessions.count", + "kubernetes.server_portforward_in_flight_sessions", + "kubernetes.server_portforward_sessions.count", + "kubernetes.server_join_in_flight_sessions", + "kubernetes.server_join_sessions.count", +] + +DATABASE_METRICS = [ + "db.messages_from_client.count", + "db.messages_from_server.count", + "db.method_call_count.count", + "db.method_call_latency_seconds.bucket", + "db.method_call_latency_seconds.count", + "db.method_call_latency_seconds.sum", + "db.initialized_connections.count", + "db.active_connections_total", + "db.connection_durations_seconds.bucket", + "db.connection_durations_seconds.count", + "db.connection_durations_seconds.sum", + "db.connection_setup_time_seconds.bucket", + "db.connection_setup_time_seconds.count", + "db.connection_setup_time_seconds.sum", + "db.errors.count", +] + +BPF_METRICS = [ + "bpf.lost_command_events.count", + "bpf.lost_disk_events.count", + "bpf.lost_network_events.count", +] + +PROMETHEUS_METRICS = [ + "prom.http_metric_handler_requests_in_flight", + "prom.http_metric_handler_requests.count", +] diff --git a/teleport/tests/conftest.py b/teleport/tests/conftest.py new file mode 100644 index 0000000000000..7fa3ab5f8b076 --- /dev/null +++ b/teleport/tests/conftest.py @@ -0,0 +1,27 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) +import os + +import pytest + +from datadog_checks.dev import docker_run, get_here + +from .common import INSTANCE + + +@pytest.fixture(scope='session') +def dd_environment(): + compose_file = os.path.join(get_here(), 'docker', 'docker-compose.yaml') + with docker_run(compose_file, sleep=5): + yield INSTANCE + + +@pytest.fixture +def instance(): + return INSTANCE + + +@pytest.fixture +def metrics_path(): + return os.path.join(get_here(), "fixtures", "metrics.txt") diff --git a/teleport/tests/docker/docker-compose.yaml b/teleport/tests/docker/docker-compose.yaml new file mode 100644 index 0000000000000..6956aa04df3e5 --- /dev/null +++ b/teleport/tests/docker/docker-compose.yaml @@ -0,0 +1,11 @@ +services: + teleport: + image: public.ecr.aws/gravitational/teleport:14.3 + ports: + - 3000:3000 + - 3080:3080 + - 3025:3025 + - 443:443 + volumes: + - ./etc/teleport:/etc/teleport + command: --diag-addr=0.0.0.0:3000 diff --git a/teleport/tests/docker/etc/teleport/teleport.yaml b/teleport/tests/docker/etc/teleport/teleport.yaml new file mode 100644 index 0000000000000..6d26275a55dde --- /dev/null +++ b/teleport/tests/docker/etc/teleport/teleport.yaml @@ -0,0 +1,34 @@ +# +# A Sample Teleport configuration file. +# +# Things to update: +# 1. license.pem: Retrieve a license from your Teleport account https://teleport.sh +# if you are an Enterprise customer. +# +version: v3 +teleport: + nodename: teleport-nodename + data_dir: /var/lib/teleport + log: + output: stderr + severity: INFO + format: + output: text + ca_pin: "" + diag_addr: "" +auth_service: + enabled: "yes" + listen_addr: 0.0.0.0:3025 + proxy_listener_mode: multiplex +ssh_service: + enabled: "yes" + commands: + - name: hostname + command: [hostname] + period: 1m0s +proxy_service: + enabled: "yes" + https_keypairs: [] + https_keypairs_reload_interval: 0s + acme: {} + diff --git a/teleport/tests/fixtures/metrics.txt b/teleport/tests/fixtures/metrics.txt new file mode 100644 index 0000000000000..f98d2a5fd0a72 --- /dev/null +++ b/teleport/tests/fixtures/metrics.txt @@ -0,0 +1,1574 @@ +# HELP certificate_mismatch_total Number of times there was a certificate mismatch +# TYPE certificate_mismatch_total counter +certificate_mismatch_total 0 +# HELP audit_failed_disk_monitoring Number of times disk monitoring failed. +# TYPE audit_failed_disk_monitoring counter +audit_failed_disk_monitoring 0 +# HELP audit_failed_emit_events Number of times emitting audit event failed. +# TYPE audit_failed_emit_events counter +audit_failed_emit_events 0 +# HELP audit_percentage_disk_space_used Percentage disk space used. +# TYPE audit_percentage_disk_space_used gauge +audit_percentage_disk_space_used 0 +# HELP audit_server_open_files Number of open audit files +# TYPE audit_server_open_files gauge +audit_server_open_files 0 +# HELP auth_generate_requests Number of current generate requests for server keys +# TYPE auth_generate_requests gauge +auth_generate_requests 0 +# HELP auth_generate_requests_throttled_total Number of throttled requests to generate new server keys +# TYPE auth_generate_requests_throttled_total counter +auth_generate_requests_throttled_total 0 +# HELP auth_generate_requests_total Number of requests to generate new server keys +# TYPE auth_generate_requests_total counter +auth_generate_requests_total 4 +# HELP auth_generate_seconds Latency for generate requests for server keys +# TYPE auth_generate_seconds histogram +auth_generate_seconds_bucket{le="0.001"} 0 +auth_generate_seconds_bucket{le="0.002"} 0 +auth_generate_seconds_bucket{le="0.004"} 1 +auth_generate_seconds_bucket{le="0.008"} 4 +auth_generate_seconds_bucket{le="0.016"} 4 +auth_generate_seconds_bucket{le="0.032"} 4 +auth_generate_seconds_bucket{le="0.064"} 4 +auth_generate_seconds_bucket{le="0.128"} 4 +auth_generate_seconds_bucket{le="0.256"} 4 +auth_generate_seconds_bucket{le="0.512"} 4 +auth_generate_seconds_bucket{le="1.024"} 4 +auth_generate_seconds_bucket{le="2.048"} 4 +auth_generate_seconds_bucket{le="4.096"} 4 +auth_generate_seconds_bucket{le="8.192"} 4 +auth_generate_seconds_bucket{le="16.384"} 4 +auth_generate_seconds_bucket{le="32.768"} 4 +auth_generate_seconds_bucket{le="+Inf"} 4 +auth_generate_seconds_sum 0.016478917 +auth_generate_seconds_count 4 +# HELP backend_batch_read_requests_total Number of read requests to the backend +# TYPE backend_batch_read_requests_total counter +backend_batch_read_requests_total{component="backend"} 56 +backend_batch_read_requests_total{component="cache"} 73 +# HELP backend_batch_read_seconds Latency for batch read operations +# TYPE backend_batch_read_seconds histogram +backend_batch_read_seconds_bucket{component="backend",le="0.001"} 51 +backend_batch_read_seconds_bucket{component="backend",le="0.002"} 55 +backend_batch_read_seconds_bucket{component="backend",le="0.004"} 56 +backend_batch_read_seconds_bucket{component="backend",le="0.008"} 56 +backend_batch_read_seconds_bucket{component="backend",le="0.016"} 56 +backend_batch_read_seconds_bucket{component="backend",le="0.032"} 56 +backend_batch_read_seconds_bucket{component="backend",le="0.064"} 56 +backend_batch_read_seconds_bucket{component="backend",le="0.128"} 56 +backend_batch_read_seconds_bucket{component="backend",le="0.256"} 56 +backend_batch_read_seconds_bucket{component="backend",le="0.512"} 56 +backend_batch_read_seconds_bucket{component="backend",le="1.024"} 56 +backend_batch_read_seconds_bucket{component="backend",le="2.048"} 56 +backend_batch_read_seconds_bucket{component="backend",le="4.096"} 56 +backend_batch_read_seconds_bucket{component="backend",le="8.192"} 56 +backend_batch_read_seconds_bucket{component="backend",le="16.384"} 56 +backend_batch_read_seconds_bucket{component="backend",le="32.768"} 56 +backend_batch_read_seconds_bucket{component="backend",le="+Inf"} 56 +backend_batch_read_seconds_sum{component="backend"} 0.015345246000000003 +backend_batch_read_seconds_count{component="backend"} 56 +backend_batch_read_seconds_bucket{component="cache",le="0.001"} 73 +backend_batch_read_seconds_bucket{component="cache",le="0.002"} 73 +backend_batch_read_seconds_bucket{component="cache",le="0.004"} 73 +backend_batch_read_seconds_bucket{component="cache",le="0.008"} 73 +backend_batch_read_seconds_bucket{component="cache",le="0.016"} 73 +backend_batch_read_seconds_bucket{component="cache",le="0.032"} 73 +backend_batch_read_seconds_bucket{component="cache",le="0.064"} 73 +backend_batch_read_seconds_bucket{component="cache",le="0.128"} 73 +backend_batch_read_seconds_bucket{component="cache",le="0.256"} 73 +backend_batch_read_seconds_bucket{component="cache",le="0.512"} 73 +backend_batch_read_seconds_bucket{component="cache",le="1.024"} 73 +backend_batch_read_seconds_bucket{component="cache",le="2.048"} 73 +backend_batch_read_seconds_bucket{component="cache",le="4.096"} 73 +backend_batch_read_seconds_bucket{component="cache",le="8.192"} 73 +backend_batch_read_seconds_bucket{component="cache",le="16.384"} 73 +backend_batch_read_seconds_bucket{component="cache",le="32.768"} 73 +backend_batch_read_seconds_bucket{component="cache",le="+Inf"} 73 +backend_batch_read_seconds_sum{component="cache"} 0.000294537 +backend_batch_read_seconds_count{component="cache"} 73 +# HELP backend_batch_write_requests_total Number of batch write requests to the backend +# TYPE backend_batch_write_requests_total counter +backend_batch_write_requests_total{component="cache"} 93 +# HELP backend_batch_write_seconds Latency for backend batch write operations +# TYPE backend_batch_write_seconds histogram +backend_batch_write_seconds_bucket{component="cache",le="0.001"} 93 +backend_batch_write_seconds_bucket{component="cache",le="0.002"} 93 +backend_batch_write_seconds_bucket{component="cache",le="0.004"} 93 +backend_batch_write_seconds_bucket{component="cache",le="0.008"} 93 +backend_batch_write_seconds_bucket{component="cache",le="0.016"} 93 +backend_batch_write_seconds_bucket{component="cache",le="0.032"} 93 +backend_batch_write_seconds_bucket{component="cache",le="0.064"} 93 +backend_batch_write_seconds_bucket{component="cache",le="0.128"} 93 +backend_batch_write_seconds_bucket{component="cache",le="0.256"} 93 +backend_batch_write_seconds_bucket{component="cache",le="0.512"} 93 +backend_batch_write_seconds_bucket{component="cache",le="1.024"} 93 +backend_batch_write_seconds_bucket{component="cache",le="2.048"} 93 +backend_batch_write_seconds_bucket{component="cache",le="4.096"} 93 +backend_batch_write_seconds_bucket{component="cache",le="8.192"} 93 +backend_batch_write_seconds_bucket{component="cache",le="16.384"} 93 +backend_batch_write_seconds_bucket{component="cache",le="32.768"} 93 +backend_batch_write_seconds_bucket{component="cache",le="+Inf"} 93 +backend_batch_write_seconds_sum{component="cache"} 2.996099999999998e-05 +backend_batch_write_seconds_count{component="cache"} 93 +# HELP backend_read_requests_total Number of read requests to the backend +# TYPE backend_read_requests_total counter +backend_read_requests_total{component="backend"} 43 +backend_read_requests_total{component="cache"} 237 +# HELP backend_read_seconds Latency for read operations +# TYPE backend_read_seconds histogram +backend_read_seconds_bucket{component="backend",le="0.001"} 35 +backend_read_seconds_bucket{component="backend",le="0.002"} 41 +backend_read_seconds_bucket{component="backend",le="0.004"} 43 +backend_read_seconds_bucket{component="backend",le="0.008"} 43 +backend_read_seconds_bucket{component="backend",le="0.016"} 43 +backend_read_seconds_bucket{component="backend",le="0.032"} 43 +backend_read_seconds_bucket{component="backend",le="0.064"} 43 +backend_read_seconds_bucket{component="backend",le="0.128"} 43 +backend_read_seconds_bucket{component="backend",le="0.256"} 43 +backend_read_seconds_bucket{component="backend",le="0.512"} 43 +backend_read_seconds_bucket{component="backend",le="1.024"} 43 +backend_read_seconds_bucket{component="backend",le="2.048"} 43 +backend_read_seconds_bucket{component="backend",le="4.096"} 43 +backend_read_seconds_bucket{component="backend",le="8.192"} 43 +backend_read_seconds_bucket{component="backend",le="16.384"} 43 +backend_read_seconds_bucket{component="backend",le="32.768"} 43 +backend_read_seconds_bucket{component="backend",le="+Inf"} 43 +backend_read_seconds_sum{component="backend"} 0.023900751 +backend_read_seconds_count{component="backend"} 43 +backend_read_seconds_bucket{component="cache",le="0.001"} 237 +backend_read_seconds_bucket{component="cache",le="0.002"} 237 +backend_read_seconds_bucket{component="cache",le="0.004"} 237 +backend_read_seconds_bucket{component="cache",le="0.008"} 237 +backend_read_seconds_bucket{component="cache",le="0.016"} 237 +backend_read_seconds_bucket{component="cache",le="0.032"} 237 +backend_read_seconds_bucket{component="cache",le="0.064"} 237 +backend_read_seconds_bucket{component="cache",le="0.128"} 237 +backend_read_seconds_bucket{component="cache",le="0.256"} 237 +backend_read_seconds_bucket{component="cache",le="0.512"} 237 +backend_read_seconds_bucket{component="cache",le="1.024"} 237 +backend_read_seconds_bucket{component="cache",le="2.048"} 237 +backend_read_seconds_bucket{component="cache",le="4.096"} 237 +backend_read_seconds_bucket{component="cache",le="8.192"} 237 +backend_read_seconds_bucket{component="cache",le="16.384"} 237 +backend_read_seconds_bucket{component="cache",le="32.768"} 237 +backend_read_seconds_bucket{component="cache",le="+Inf"} 237 +backend_read_seconds_sum{component="cache"} 0.001213918999999999 +backend_read_seconds_count{component="cache"} 237 +# HELP backend_requests Number of requests to the backend (reads, writes, and keepalives) +# TYPE backend_requests counter +backend_requests{component="backend",range="false",req=".locks"} 4 +backend_requests{component="backend",range="false",req="/authentication/preference"} 4 +backend_requests{component="backend",range="false",req="/authorities/db"} 4 +backend_requests{component="backend",range="false",req="/authorities/host"} 10 +backend_requests{component="backend",range="false",req="/authorities/jwt"} 3 +backend_requests{component="backend",range="false",req="/authorities/oidc_idp"} 3 +backend_requests{component="backend",range="false",req="/authorities/openssh"} 3 +backend_requests{component="backend",range="false",req="/authorities/saml_idp"} 3 +backend_requests{component="backend",range="false",req="/authorities/user"} 3 +backend_requests{component="backend",range="false",req="/authservers"} 1 +backend_requests{component="backend",range="false",req="/cluster-alerts"} 3 +backend_requests{component="backend",range="false",req="/cluster_configuration/audit"} 2 +backend_requests{component="backend",range="false",req="/cluster_configuration/name"} 5 +backend_requests{component="backend",range="false",req="/cluster_configuration/networking"} 3 +backend_requests{component="backend",range="false",req="/cluster_configuration/session_recording"} 3 +backend_requests{component="backend",range="false",req="/cluster_configuration/static_tokens"} 2 +backend_requests{component="backend",range="false",req="/cluster_configuration/ui"} 1 +backend_requests{component="backend",range="false",req="/external_audit_storage"} 1 +backend_requests{component="backend",range="false",req="/migrations"} 3 +backend_requests{component="backend",range="false",req="/namespaces/default"} 1 +backend_requests{component="backend",range="false",req="/nodes/default"} 2 +backend_requests{component="backend",range="false",req="/proxies"} 1 +backend_requests{component="backend",range="false",req="/restrictions"} 1 +backend_requests{component="backend",range="false",req="/roles/access"} 1 +backend_requests{component="backend",range="false",req="/roles/auditor"} 1 +backend_requests{component="backend",range="false",req="/roles/editor"} 1 +backend_requests{component="backend",range="true",req="/access_list"} 1 +backend_requests{component="backend",range="true",req="/access_list_member"} 1 +backend_requests{component="backend",range="true",req="/access_list_review"} 1 +backend_requests{component="backend",range="true",req="/access_requests"} 1 +backend_requests{component="backend",range="true",req="/appServers/default"} 1 +backend_requests{component="backend",range="true",req="/applications"} 1 +backend_requests{component="backend",range="true",req="/apps/sessions"} 2 +backend_requests{component="backend",range="true",req="/authorities/db"} 1 +backend_requests{component="backend",range="true",req="/authorities/host"} 2 +backend_requests{component="backend",range="true",req="/authorities/jwt"} 1 +backend_requests{component="backend",range="true",req="/authorities/oidc_idp"} 1 +backend_requests{component="backend",range="true",req="/authorities/openssh"} 1 +backend_requests{component="backend",range="true",req="/authorities/saml_idp"} 1 +backend_requests{component="backend",range="true",req="/authorities/user"} 1 +backend_requests{component="backend",range="true",req="/authservers"} 1 +backend_requests{component="backend",range="true",req="/cluster_configuration/scripts"} 1 +backend_requests{component="backend",range="true",req="/databaseServers/default"} 1 +backend_requests{component="backend",range="true",req="/databaseService"} 1 +backend_requests{component="backend",range="true",req="/db"} 1 +backend_requests{component="backend",range="true",req="/discovery_config"} 1 +backend_requests{component="backend",range="true",req="/headless_authentication"} 1 +backend_requests{component="backend",range="true",req="/integrations"} 1 +backend_requests{component="backend",range="true",req="/kubeServers"} 1 +backend_requests{component="backend",range="true",req="/kubernetes"} 1 +backend_requests{component="backend",range="true",req="/locks"} 2 +backend_requests{component="backend",range="true",req="/namespaces"} 1 +backend_requests{component="backend",range="true",req="/nodes/default"} 1 +backend_requests{component="backend",range="true",req="/okta_assignment"} 1 +backend_requests{component="backend",range="true",req="/okta_import_rule"} 1 +backend_requests{component="backend",range="true",req="/proxies"} 1 +backend_requests{component="backend",range="true",req="/remoteClusters"} 2 +backend_requests{component="backend",range="true",req="/reverseTunnels"} 1 +backend_requests{component="backend",range="true",req="/roles"} 1 +backend_requests{component="backend",range="true",req="/saml_idp/sessions"} 2 +backend_requests{component="backend",range="true",req="/saml_idp_service_provider"} 1 +backend_requests{component="backend",range="true",req="/snowflake/sessions"} 2 +backend_requests{component="backend",range="true",req="/tokens"} 1 +backend_requests{component="backend",range="true",req="/trustedclusters"} 1 +backend_requests{component="backend",range="true",req="/tunnelConnections"} 1 +backend_requests{component="backend",range="true",req="/user_group"} 1 +backend_requests{component="backend",range="true",req="/user_login_state"} 1 +backend_requests{component="backend",range="true",req="/web/sessions"} 2 +backend_requests{component="backend",range="true",req="/web/tokens"} 2 +backend_requests{component="backend",range="true",req="/web/users"} 3 +backend_requests{component="backend",range="true",req="/windowsDesktop"} 1 +backend_requests{component="backend",range="true",req="/windowsDesktopServices"} 1 +backend_requests{component="cache",range="false",req="/authentication/preference"} 86 +backend_requests{component="cache",range="false",req="/authorities/db"} 6 +backend_requests{component="cache",range="false",req="/authorities/host"} 19 +backend_requests{component="cache",range="false",req="/authorities/jwt"} 6 +backend_requests{component="cache",range="false",req="/authorities/oidc_idp"} 6 +backend_requests{component="cache",range="false",req="/authorities/openssh"} 6 +backend_requests{component="cache",range="false",req="/authorities/saml_idp"} 6 +backend_requests{component="cache",range="false",req="/authorities/user"} 14 +backend_requests{component="cache",range="false",req="/authservers"} 2 +backend_requests{component="cache",range="false",req="/cluster_configuration/audit"} 8 +backend_requests{component="cache",range="false",req="/cluster_configuration/name"} 27 +backend_requests{component="cache",range="false",req="/cluster_configuration/networking"} 11 +backend_requests{component="cache",range="false",req="/cluster_configuration/scripts"} 2 +backend_requests{component="cache",range="false",req="/cluster_configuration/session_recording"} 85 +backend_requests{component="cache",range="false",req="/cluster_configuration/static_tokens"} 2 +backend_requests{component="cache",range="false",req="/cluster_configuration/ui"} 3 +backend_requests{component="cache",range="false",req="/namespaces/default"} 7 +backend_requests{component="cache",range="false",req="/nodes/default"} 4 +backend_requests{component="cache",range="false",req="/proxies"} 2 +backend_requests{component="cache",range="false",req="/restrictions"} 3 +backend_requests{component="cache",range="false",req="/roles/access"} 6 +backend_requests{component="cache",range="false",req="/roles/auditor"} 6 +backend_requests{component="cache",range="false",req="/roles/editor"} 6 +backend_requests{component="cache",range="true",req="/access_list"} 1 +backend_requests{component="cache",range="true",req="/access_list_member"} 1 +backend_requests{component="cache",range="true",req="/access_list_review"} 1 +backend_requests{component="cache",range="true",req="/access_requests"} 1 +backend_requests{component="cache",range="true",req="/appServers/default"} 4 +backend_requests{component="cache",range="true",req="/applications"} 3 +backend_requests{component="cache",range="true",req="/apps/sessions"} 2 +backend_requests{component="cache",range="true",req="/authorities/db"} 6 +backend_requests{component="cache",range="true",req="/authorities/host"} 6 +backend_requests{component="cache",range="true",req="/authorities/jwt"} 5 +backend_requests{component="cache",range="true",req="/authorities/oidc_idp"} 5 +backend_requests{component="cache",range="true",req="/authorities/openssh"} 6 +backend_requests{component="cache",range="true",req="/authorities/saml_idp"} 5 +backend_requests{component="cache",range="true",req="/authorities/user"} 6 +backend_requests{component="cache",range="true",req="/authservers"} 3 +backend_requests{component="cache",range="true",req="/cluster_configuration/scripts"} 3 +backend_requests{component="cache",range="true",req="/databaseServers/default"} 4 +backend_requests{component="cache",range="true",req="/databaseService"} 3 +backend_requests{component="cache",range="true",req="/db"} 3 +backend_requests{component="cache",range="true",req="/discovery_config"} 1 +backend_requests{component="cache",range="true",req="/integrations"} 3 +backend_requests{component="cache",range="true",req="/kubeServers"} 5 +backend_requests{component="cache",range="true",req="/kubernetes"} 3 +backend_requests{component="cache",range="true",req="/locks"} 3 +backend_requests{component="cache",range="true",req="/namespaces"} 5 +backend_requests{component="cache",range="true",req="/nodes/default"} 6 +backend_requests{component="cache",range="true",req="/okta_assignment"} 1 +backend_requests{component="cache",range="true",req="/okta_import_rule"} 1 +backend_requests{component="cache",range="true",req="/proxies"} 8 +backend_requests{component="cache",range="true",req="/remoteClusters"} 4 +backend_requests{component="cache",range="true",req="/reverseTunnels"} 6 +backend_requests{component="cache",range="true",req="/roles"} 6 +backend_requests{component="cache",range="true",req="/saml_idp/sessions"} 2 +backend_requests{component="cache",range="true",req="/saml_idp_service_provider"} 4 +backend_requests{component="cache",range="true",req="/security_report/audit_query"} 2 +backend_requests{component="cache",range="true",req="/security_report/report"} 6 +backend_requests{component="cache",range="true",req="/security_report/state"} 4 +backend_requests{component="cache",range="true",req="/snowflake/sessions"} 2 +backend_requests{component="cache",range="true",req="/tokens"} 1 +backend_requests{component="cache",range="true",req="/tunnelConnections"} 6 +backend_requests{component="cache",range="true",req="/user_group"} 3 +backend_requests{component="cache",range="true",req="/user_login_state"} 1 +backend_requests{component="cache",range="true",req="/web/sessions"} 2 +backend_requests{component="cache",range="true",req="/web/tokens"} 2 +backend_requests{component="cache",range="true",req="/web/users"} 3 +backend_requests{component="cache",range="true",req="/windowsDesktop"} 5 +backend_requests{component="cache",range="true",req="/windowsDesktopServices"} 3 +# HELP backend_watcher_queues_total Watcher queue sizes +# TYPE backend_watcher_queues_total gauge +backend_watcher_queues_total{component="auth:cache"} 0 +# HELP backend_watchers_total Number of active backend watchers +# TYPE backend_watchers_total gauge +backend_watchers_total{component="backend"} 4 +# HELP backend_write_requests_total Number of write requests to the backend +# TYPE backend_write_requests_total counter +backend_write_requests_total{component="backend"} 26 +backend_write_requests_total{component="cache"} 86 +# HELP backend_write_seconds Latency for backend write operations +# TYPE backend_write_seconds histogram +backend_write_seconds_bucket{component="backend",le="0.001"} 1 +backend_write_seconds_bucket{component="backend",le="0.002"} 10 +backend_write_seconds_bucket{component="backend",le="0.004"} 16 +backend_write_seconds_bucket{component="backend",le="0.008"} 22 +backend_write_seconds_bucket{component="backend",le="0.016"} 26 +backend_write_seconds_bucket{component="backend",le="0.032"} 26 +backend_write_seconds_bucket{component="backend",le="0.064"} 26 +backend_write_seconds_bucket{component="backend",le="0.128"} 26 +backend_write_seconds_bucket{component="backend",le="0.256"} 26 +backend_write_seconds_bucket{component="backend",le="0.512"} 26 +backend_write_seconds_bucket{component="backend",le="1.024"} 26 +backend_write_seconds_bucket{component="backend",le="2.048"} 26 +backend_write_seconds_bucket{component="backend",le="4.096"} 26 +backend_write_seconds_bucket{component="backend",le="8.192"} 26 +backend_write_seconds_bucket{component="backend",le="16.384"} 26 +backend_write_seconds_bucket{component="backend",le="32.768"} 26 +backend_write_seconds_bucket{component="backend",le="+Inf"} 26 +backend_write_seconds_sum{component="backend"} 0.098229207 +backend_write_seconds_count{component="backend"} 26 +backend_write_seconds_bucket{component="cache",le="0.001"} 86 +backend_write_seconds_bucket{component="cache",le="0.002"} 86 +backend_write_seconds_bucket{component="cache",le="0.004"} 86 +backend_write_seconds_bucket{component="cache",le="0.008"} 86 +backend_write_seconds_bucket{component="cache",le="0.016"} 86 +backend_write_seconds_bucket{component="cache",le="0.032"} 86 +backend_write_seconds_bucket{component="cache",le="0.064"} 86 +backend_write_seconds_bucket{component="cache",le="0.128"} 86 +backend_write_seconds_bucket{component="cache",le="0.256"} 86 +backend_write_seconds_bucket{component="cache",le="0.512"} 86 +backend_write_seconds_bucket{component="cache",le="1.024"} 86 +backend_write_seconds_bucket{component="cache",le="2.048"} 86 +backend_write_seconds_bucket{component="cache",le="4.096"} 86 +backend_write_seconds_bucket{component="cache",le="8.192"} 86 +backend_write_seconds_bucket{component="cache",le="16.384"} 86 +backend_write_seconds_bucket{component="cache",le="32.768"} 86 +backend_write_seconds_bucket{component="cache",le="+Inf"} 86 +backend_write_seconds_sum{component="cache"} 0.00015979300000000006 +backend_write_seconds_count{component="cache"} 86 +# HELP bpf_lost_restricted_events Number of lost restricted events. +# TYPE bpf_lost_restricted_events counter +bpf_lost_restricted_events 0 +# HELP cluster_name_not_found_total Number of times a cluster name was not found +# TYPE cluster_name_not_found_total counter +cluster_name_not_found_total 0 +# HELP failed_connect_to_node_attempts_total Number of failed SSH connection attempts to a node. Use with `teleport_connect_to_node_attempts_total` to get the failure rate. +# TYPE failed_connect_to_node_attempts_total counter +failed_connect_to_node_attempts_total 0 +# HELP failed_login_attempts_total Number of times there was a failed login +# TYPE failed_login_attempts_total counter +failed_login_attempts_total 0 +# HELP go_gc_duration_seconds A summary of the pause duration of garbage collection cycles. +# TYPE go_gc_duration_seconds summary +go_gc_duration_seconds{quantile="0"} 1.6583e-05 +go_gc_duration_seconds{quantile="0.25"} 9.3209e-05 +go_gc_duration_seconds{quantile="0.5"} 0.000145834 +go_gc_duration_seconds{quantile="0.75"} 0.000190625 +go_gc_duration_seconds{quantile="1"} 0.000245708 +go_gc_duration_seconds_sum 0.001096917 +go_gc_duration_seconds_count 8 +# HELP go_goroutines Number of goroutines that currently exist. +# TYPE go_goroutines gauge +go_goroutines 143 +# HELP go_info Information about the Go environment. +# TYPE go_info gauge +go_info{version="go1.21.6"} 1 +# HELP go_memstats_alloc_bytes Number of bytes allocated and still in use. +# TYPE go_memstats_alloc_bytes gauge +go_memstats_alloc_bytes 4.7696184e+07 +# HELP go_memstats_alloc_bytes_total Total number of bytes allocated, even if freed. +# TYPE go_memstats_alloc_bytes_total counter +go_memstats_alloc_bytes_total 1.6756536e+08 +# HELP go_memstats_buck_hash_sys_bytes Number of bytes used by the profiling bucket hash table. +# TYPE go_memstats_buck_hash_sys_bytes gauge +go_memstats_buck_hash_sys_bytes 1.489942e+06 +# HELP go_memstats_frees_total Total number of frees. +# TYPE go_memstats_frees_total counter +go_memstats_frees_total 507162 +# HELP go_memstats_gc_sys_bytes Number of bytes used for garbage collection system metadata. +# TYPE go_memstats_gc_sys_bytes gauge +go_memstats_gc_sys_bytes 6.377168e+06 +# HELP go_memstats_heap_alloc_bytes Number of heap bytes allocated and still in use. +# TYPE go_memstats_heap_alloc_bytes gauge +go_memstats_heap_alloc_bytes 4.7696184e+07 +# HELP go_memstats_heap_idle_bytes Number of heap bytes waiting to be used. +# TYPE go_memstats_heap_idle_bytes gauge +go_memstats_heap_idle_bytes 2.1594112e+07 +# HELP go_memstats_heap_inuse_bytes Number of heap bytes that are in use. +# TYPE go_memstats_heap_inuse_bytes gauge +go_memstats_heap_inuse_bytes 5.6262656e+07 +# HELP go_memstats_heap_objects Number of allocated objects. +# TYPE go_memstats_heap_objects gauge +go_memstats_heap_objects 121624 +# HELP go_memstats_heap_released_bytes Number of heap bytes released to OS. +# TYPE go_memstats_heap_released_bytes gauge +go_memstats_heap_released_bytes 2.842624e+06 +# HELP go_memstats_heap_sys_bytes Number of heap bytes obtained from system. +# TYPE go_memstats_heap_sys_bytes gauge +go_memstats_heap_sys_bytes 7.7856768e+07 +# HELP go_memstats_last_gc_time_seconds Number of seconds since 1970 of last garbage collection. +# TYPE go_memstats_last_gc_time_seconds gauge +go_memstats_last_gc_time_seconds 1.709038395328938e+09 +# HELP go_memstats_lookups_total Total number of pointer lookups. +# TYPE go_memstats_lookups_total counter +go_memstats_lookups_total 0 +# HELP go_memstats_mallocs_total Total number of mallocs. +# TYPE go_memstats_mallocs_total counter +go_memstats_mallocs_total 628786 +# HELP go_memstats_mcache_inuse_bytes Number of bytes in use by mcache structures. +# TYPE go_memstats_mcache_inuse_bytes gauge +go_memstats_mcache_inuse_bytes 6000 +# HELP go_memstats_mcache_sys_bytes Number of bytes used for mcache structures obtained from system. +# TYPE go_memstats_mcache_sys_bytes gauge +go_memstats_mcache_sys_bytes 15600 +# HELP go_memstats_mspan_inuse_bytes Number of bytes in use by mspan structures. +# TYPE go_memstats_mspan_inuse_bytes gauge +go_memstats_mspan_inuse_bytes 666792 +# HELP go_memstats_mspan_sys_bytes Number of bytes used for mspan structures obtained from system. +# TYPE go_memstats_mspan_sys_bytes gauge +go_memstats_mspan_sys_bytes 977760 +# HELP go_memstats_next_gc_bytes Number of heap bytes when next garbage collection will take place. +# TYPE go_memstats_next_gc_bytes gauge +go_memstats_next_gc_bytes 6.6114568e+07 +# HELP go_memstats_other_sys_bytes Number of bytes used for other system allocations. +# TYPE go_memstats_other_sys_bytes gauge +go_memstats_other_sys_bytes 1.486306e+06 +# HELP go_memstats_stack_inuse_bytes Number of bytes in use by the stack allocator. +# TYPE go_memstats_stack_inuse_bytes gauge +go_memstats_stack_inuse_bytes 1.835008e+06 +# HELP go_memstats_stack_sys_bytes Number of bytes obtained from system for stack allocator. +# TYPE go_memstats_stack_sys_bytes gauge +go_memstats_stack_sys_bytes 1.835008e+06 +# HELP go_memstats_sys_bytes Number of bytes obtained from system. +# TYPE go_memstats_sys_bytes gauge +go_memstats_sys_bytes 9.0038552e+07 +# HELP go_threads Number of OS threads created. +# TYPE go_threads gauge +go_threads 12 +# HELP grpc_client_started_total Total number of RPCs started on the client. +# TYPE grpc_client_started_total counter +grpc_client_started_total 1 +# HELP grpc_client_handled_total Total number of RPCs completed on the client, regardless of success or failure. +# TYPE grpc_client_handled_total counter +grpc_client_handled_total 1 +# HELP grpc_client_msg_received_total Total number of RPC stream messages received on the client. +# TYPE grpc_client_msg_received_total counter +grpc_client_msg_received_total 1 +# HELP grpc_client_msg_sent_total Total number of gRPC stream messages sent by the client. +# TYPE grpc_client_msg_sent_total counter +grpc_client_msg_sent_total 1 +# HELP grpc_server_handled_total Total number of RPCs completed on the server, regardless of success or failure. +# TYPE grpc_server_handled_total counter +grpc_server_handled_total{grpc_code="NotFound",grpc_method="GetNetworkRestrictions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="NotFound",grpc_method="GetUIConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetApps",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetAuthPreference",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetCertAuthorities",grpc_service="teleport.trust.v1.TrustService",grpc_type="unary",server="teleport-auth"} 14 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetCertAuthority",grpc_service="teleport.trust.v1.TrustService",grpc_type="unary",server="teleport-auth"} 3 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetClusterAuditConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetClusterNetworkingConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetDatabases",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetDomainName",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetInstallers",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetKubernetesClusters",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetLocks",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetRoles",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetSessionRecordingConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetSnowflakeSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetUsers",grpc_service="proto.AuthService",grpc_type="server_stream",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetWebSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetWebTokens",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetWindowsDesktopServices",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="GetWindowsDesktops",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="ListAppSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="ListIntegrations",grpc_service="teleport.integration.v1.IntegrationService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="ListResources",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 5 +grpc_server_handled_total{grpc_code="OK",grpc_method="ListSAMLIdPServiceProviders",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="ListSAMLIdPSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="ListUserGroups",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_handled_total{grpc_code="OK",grpc_method="Ping",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 4 +# HELP grpc_server_msg_received_total Total number of RPC stream messages received on the server. +# TYPE grpc_server_msg_received_total counter +grpc_server_msg_received_total{grpc_method="GetApps",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="GetAuthPreference",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_msg_received_total{grpc_method="GetCertAuthorities",grpc_service="teleport.trust.v1.TrustService",grpc_type="unary",server="teleport-auth"} 14 +grpc_server_msg_received_total{grpc_method="GetCertAuthority",grpc_service="teleport.trust.v1.TrustService",grpc_type="unary",server="teleport-auth"} 3 +grpc_server_msg_received_total{grpc_method="GetClusterAuditConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_msg_received_total{grpc_method="GetClusterNetworkingConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_msg_received_total{grpc_method="GetDatabases",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="GetDomainName",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="GetInstallers",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="GetKubernetesClusters",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="GetLocks",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_msg_received_total{grpc_method="GetNetworkRestrictions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="GetRoles",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_msg_received_total{grpc_method="GetSessionRecordingConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_msg_received_total{grpc_method="GetSnowflakeSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="GetUIConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="GetUsers",grpc_service="proto.AuthService",grpc_type="server_stream",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="GetWebSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="GetWebTokens",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="GetWindowsDesktopServices",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="GetWindowsDesktops",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="ListAppSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="ListIntegrations",grpc_service="teleport.integration.v1.IntegrationService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="ListResources",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 5 +grpc_server_msg_received_total{grpc_method="ListSAMLIdPServiceProviders",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="ListSAMLIdPSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="ListUserGroups",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_received_total{grpc_method="Ping",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 4 +grpc_server_msg_received_total{grpc_method="WatchEvents",grpc_service="proto.AuthService",grpc_type="server_stream",server="teleport-auth"} 4 +# HELP grpc_server_msg_sent_total Total number of gRPC stream messages sent by the server. +# TYPE grpc_server_msg_sent_total counter +grpc_server_msg_sent_total{grpc_method="GetApps",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="GetAuthPreference",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_msg_sent_total{grpc_method="GetCertAuthorities",grpc_service="teleport.trust.v1.TrustService",grpc_type="unary",server="teleport-auth"} 14 +grpc_server_msg_sent_total{grpc_method="GetCertAuthority",grpc_service="teleport.trust.v1.TrustService",grpc_type="unary",server="teleport-auth"} 3 +grpc_server_msg_sent_total{grpc_method="GetClusterAuditConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_msg_sent_total{grpc_method="GetClusterNetworkingConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_msg_sent_total{grpc_method="GetDatabases",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="GetDomainName",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="GetInstallers",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="GetKubernetesClusters",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="GetLocks",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_msg_sent_total{grpc_method="GetNetworkRestrictions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="GetRoles",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_msg_sent_total{grpc_method="GetSessionRecordingConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_msg_sent_total{grpc_method="GetSnowflakeSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="GetUIConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="GetWebSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="GetWebTokens",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="GetWindowsDesktopServices",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="GetWindowsDesktops",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="ListAppSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="ListIntegrations",grpc_service="teleport.integration.v1.IntegrationService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="ListResources",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 5 +grpc_server_msg_sent_total{grpc_method="ListSAMLIdPServiceProviders",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="ListSAMLIdPSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="ListUserGroups",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_msg_sent_total{grpc_method="Ping",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 4 +grpc_server_msg_sent_total{grpc_method="WatchEvents",grpc_service="proto.AuthService",grpc_type="server_stream",server="teleport-auth"} 35 +# HELP grpc_server_started_total Total number of RPCs started on the server. +# TYPE grpc_server_started_total counter +grpc_server_started_total{grpc_method="GetApps",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="GetAuthPreference",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_started_total{grpc_method="GetCertAuthorities",grpc_service="teleport.trust.v1.TrustService",grpc_type="unary",server="teleport-auth"} 14 +grpc_server_started_total{grpc_method="GetCertAuthority",grpc_service="teleport.trust.v1.TrustService",grpc_type="unary",server="teleport-auth"} 3 +grpc_server_started_total{grpc_method="GetClusterAuditConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_started_total{grpc_method="GetClusterNetworkingConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_started_total{grpc_method="GetDatabases",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="GetDomainName",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="GetInstallers",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="GetKubernetesClusters",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="GetLocks",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_started_total{grpc_method="GetNetworkRestrictions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="GetRoles",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_started_total{grpc_method="GetSessionRecordingConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 2 +grpc_server_started_total{grpc_method="GetSnowflakeSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="GetUIConfig",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="GetUsers",grpc_service="proto.AuthService",grpc_type="server_stream",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="GetWebSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="GetWebTokens",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="GetWindowsDesktopServices",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="GetWindowsDesktops",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="ListAppSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="ListIntegrations",grpc_service="teleport.integration.v1.IntegrationService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="ListResources",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 5 +grpc_server_started_total{grpc_method="ListSAMLIdPServiceProviders",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="ListSAMLIdPSessions",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="ListUserGroups",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 1 +grpc_server_started_total{grpc_method="Ping",grpc_service="proto.AuthService",grpc_type="unary",server="teleport-auth"} 4 +grpc_server_started_total{grpc_method="WatchEvents",grpc_service="proto.AuthService",grpc_type="server_stream",server="teleport-auth"} 4 +# HELP heartbeat_connections_received_total Number of times auth received a heartbeat connection +# TYPE heartbeat_connections_received_total counter +heartbeat_connections_received_total 0 +# HELP heartbeats_missed_total Number of heartbeats missed by auth server +# TYPE heartbeats_missed_total gauge +heartbeats_missed_total 0 +# HELP process_cpu_seconds_total Total user and system CPU time spent in seconds. +# TYPE process_cpu_seconds_total counter +process_cpu_seconds_total 4.8 +# HELP process_max_fds Maximum number of open file descriptors. +# TYPE process_max_fds gauge +process_max_fds 1.048576e+06 +# HELP process_open_fds Number of open file descriptors. +# TYPE process_open_fds gauge +process_open_fds 20 +# HELP process_resident_memory_bytes Resident memory size in bytes. +# TYPE process_resident_memory_bytes gauge +process_resident_memory_bytes 1.893376e+08 +# HELP process_start_time_seconds Start time of the process since unix epoch in seconds. +# TYPE process_start_time_seconds gauge +process_start_time_seconds 1.70903839127e+09 +# HELP process_state State of the teleport process: 0 - ok, 1 - recovering, 2 - degraded, 3 - starting +# TYPE process_state gauge +process_state 0 +# HELP process_virtual_memory_bytes Virtual memory size in bytes. +# TYPE process_virtual_memory_bytes gauge +process_virtual_memory_bytes 2.325594112e+09 +# HELP process_virtual_memory_max_bytes Maximum amount of virtual memory available in bytes. +# TYPE process_virtual_memory_max_bytes gauge +process_virtual_memory_max_bytes 1.8446744073709552e+19 +# HELP promhttp_metric_handler_requests_in_flight Current number of scrapes being served. +# TYPE promhttp_metric_handler_requests_in_flight gauge +promhttp_metric_handler_requests_in_flight 1 +# HELP promhttp_metric_handler_requests_total Total number of scrapes by HTTP status code. +# TYPE promhttp_metric_handler_requests_total counter +promhttp_metric_handler_requests_total{code="200"} 3 +promhttp_metric_handler_requests_total{code="500"} 0 +promhttp_metric_handler_requests_total{code="503"} 0 +# HELP proxy_connection_limit_exceeded_total Number of times the proxy connection limit was exceeded +# TYPE proxy_connection_limit_exceeded_total counter +proxy_connection_limit_exceeded_total 0 +# HELP proxy_peer_client_dial_error_total Total number of errors encountered dialling peer Proxy Service instances. +# TYPE proxy_peer_client_dial_error_total counter +proxy_peer_client_dial_error_total 5 +# HELP proxy_peer_server_connections Number of currently opened connection to proxy Proxy Service instances. +# TYPE proxy_peer_server_connections gauge +proxy_peer_server_connections 10 +# HELP proxy_peer_client_rpc Number of current client RPC requests. +# TYPE proxy_peer_client_rpc gauge +proxy_peer_client_rpc 3 +# HELP proxy_peer_client_rpc_total Total number of client RPC requests. +# TYPE proxy_peer_client_rpc_total counter +proxy_peer_client_rpc_total 20 +# HELP proxy_peer_client_rpc_duration_seconds Duration in seconds of RPCs sent by the client. +# TYPE proxy_peer_client_rpc_duration_seconds histogram +proxy_peer_client_rpc_duration_seconds_bucket{le="0.005"} 30 +proxy_peer_client_rpc_duration_seconds_bucket{le="0.01"} 40 +proxy_peer_client_rpc_duration_seconds_bucket{le="0.025"} 50 +proxy_peer_client_rpc_duration_seconds_bucket{le="0.05"} 60 +proxy_peer_client_rpc_duration_seconds_bucket{le="0.1"} 70 +proxy_peer_client_rpc_duration_seconds_bucket{le="0.25"} 80 +proxy_peer_client_rpc_duration_seconds_bucket{le="0.5"} 90 +proxy_peer_client_rpc_duration_seconds_bucket{le="1"} 100 +proxy_peer_client_rpc_duration_seconds_count 450 +proxy_peer_client_rpc_duration_seconds_sum 150.5 +# HELP proxy_peer_client_message_sent_size Size of messages sent by the client. +# TYPE proxy_peer_client_message_sent_size histogram +proxy_peer_client_message_sent_size_bucket{le="100"} 30 +proxy_peer_client_message_sent_size_bucket{le="500"} 40 +proxy_peer_client_message_sent_size_bucket{le="1000"} 50 +proxy_peer_client_message_sent_size_bucket{le="5000"} 60 +proxy_peer_client_message_sent_size_bucket{le="10000"} 70 +proxy_peer_client_message_sent_size_bucket{le="50000"} 80 +proxy_peer_client_message_sent_size_bucket{le="100000"} 90 +proxy_peer_client_message_sent_size_bucket{le="500000"} 100 +proxy_peer_client_message_sent_size_count 450 +proxy_peer_client_message_sent_size_sum 150.5 +# HELP proxy_peer_client_message_received_size Size of messages received by the client. +# TYPE proxy_peer_client_message_received_size histogram +proxy_peer_client_message_received_size_bucket{le="100"} 20 +proxy_peer_client_message_received_size_bucket{le="500"} 30 +proxy_peer_client_message_received_size_bucket{le="1000"} 40 +proxy_peer_client_message_received_size_bucket{le="5000"} 50 +proxy_peer_client_message_received_size_bucket{le="10000"} 60 +proxy_peer_client_message_received_size_bucket{le="50000"} 70 +proxy_peer_client_message_received_size_bucket{le="100000"} 80 +proxy_peer_client_message_received_size_bucket{le="500000"} 90 +proxy_peer_client_message_received_size_bucket{le="1000000"} 100 +proxy_peer_client_message_received_size_count 300 +proxy_peer_client_message_received_size_sum 100.5 + +# HELP proxy_peer_server_connections Number of currently opened connection to peer Proxy Service clients. +# TYPE proxy_peer_server_connections gauge +proxy_peer_server_connections 12 +# HELP proxy_peer_server_rpc Number of current server RPC requests. +# TYPE proxy_peer_server_rpc gauge +proxy_peer_server_rpc 4 +# HELP proxy_peer_server_rpc_total Total number of server RPC requests. +# TYPE proxy_peer_server_rpc_total counter +proxy_peer_server_rpc_total 30 +# HELP proxy_peer_server_rpc_duration_seconds Duration in seconds of RPCs sent by the server. +# TYPE proxy_peer_server_rpc_duration_seconds histogram +proxy_peer_server_rpc_duration_seconds_bucket{le="0.005"} 25 +proxy_peer_server_rpc_duration_seconds_bucket{le="0.01"} 35 +proxy_peer_server_rpc_duration_seconds_bucket{le="0.025"} 45 +proxy_peer_server_rpc_duration_seconds_bucket{le="0.05"} 55 +proxy_peer_server_rpc_duration_seconds_bucket{le="0.1"} 65 +proxy_peer_server_rpc_duration_seconds_bucket{le="0.25"} 75 +proxy_peer_server_rpc_duration_seconds_bucket{le="0.5"} 85 +proxy_peer_server_rpc_duration_seconds_bucket{le="1"} 95 +proxy_peer_server_rpc_duration_seconds_count 400 +proxy_peer_server_rpc_duration_seconds_sum 130.2 + +# HELP proxy_peer_server_message_sent_size Size of messages sent by the server. +# TYPE proxy_peer_server_message_sent_size histogram +proxy_peer_server_message_sent_size_bucket{le="100"} 25 +proxy_peer_server_message_sent_size_bucket{le="500"} 35 +proxy_peer_server_message_sent_size_bucket{le="1000"} 45 +proxy_peer_server_message_sent_size_bucket{le="5000"} 55 +proxy_peer_server_message_sent_size_bucket{le="10000"} 65 +proxy_peer_server_message_sent_size_bucket{le="50000"} 75 +proxy_peer_server_message_sent_size_bucket{le="100000"} 85 +proxy_peer_server_message_sent_size_bucket{le="500000"} 95 +proxy_peer_server_message_sent_size_bucket{le="1000000"} 105 +proxy_peer_server_message_sent_size_count 400 +proxy_peer_server_message_sent_size_sum 130.2 +# HELP proxy_peer_server_message_received_size Size of messages received by the server. +# TYPE proxy_peer_server_message_received_size histogram +proxy_peer_server_message_received_size_bucket{le="100"} 15 +proxy_peer_server_message_received_size_bucket{le="500"} 25 +proxy_peer_server_message_received_size_bucket{le="1000"} 35 +proxy_peer_server_message_received_size_bucket{le="5000"} 45 +proxy_peer_server_message_received_size_bucket{le="10000"} 55 +proxy_peer_server_message_received_size_bucket{le="50000"} 65 +proxy_peer_server_message_received_size_bucket{le="100000"} 75 +proxy_peer_server_message_received_size_bucket{le="500000"} 85 +proxy_peer_server_message_received_size_bucket{le="1000000"} 95 +proxy_peer_server_message_received_size_count 350 +proxy_peer_server_message_received_size_sum 120.6 +# HELP proxy_missing_ssh_tunnels Number of missing SSH tunnels +# TYPE proxy_missing_ssh_tunnels gauge +proxy_missing_ssh_tunnels 0 +# HELP remote_clusters Number of inbound connections from leaf clusters. +# TYPE remote_clusters gauge +remote_clusters 10 +# HELP proxy_ssh_sessions_total Number of active sessions through this proxy +# TYPE proxy_ssh_sessions_total gauge +proxy_ssh_sessions_total 0 +# HELP rx Number of bytes received. +# TYPE rx counter +rx 0 +# HELP server_interactive_sessions_total Number of active sessions to this host +# TYPE server_interactive_sessions_total gauge +server_interactive_sessions_total 0 +# HELP teleport_audit_emit_events Number of audit events emitted +# TYPE teleport_audit_emit_events counter +teleport_audit_emit_events 0 +# HELP teleport_audit_emitted_event_sizes Size of single events emitted +# TYPE teleport_audit_emitted_event_sizes histogram +teleport_audit_emitted_event_sizes_bucket{le="64"} 0 +teleport_audit_emitted_event_sizes_bucket{le="203.18733465192952"} 0 +teleport_audit_emitted_event_sizes_bucket{le="645.079577546175"} 0 +teleport_audit_emitted_event_sizes_bucket{le="2047.9999999999995"} 0 +teleport_audit_emitted_event_sizes_bucket{le="6501.994708861743"} 0 +teleport_audit_emitted_event_sizes_bucket{le="20642.54648147759"} 0 +teleport_audit_emitted_event_sizes_bucket{le="65535.99999999996"} 0 +teleport_audit_emitted_event_sizes_bucket{le="208063.8306835757"} 0 +teleport_audit_emitted_event_sizes_bucket{le="660561.4874072828"} 0 +teleport_audit_emitted_event_sizes_bucket{le="2.0971519999999984e+06"} 0 +teleport_audit_emitted_event_sizes_bucket{le="6.658042581874422e+06"} 0 +teleport_audit_emitted_event_sizes_bucket{le="2.1137967597033046e+07"} 0 +teleport_audit_emitted_event_sizes_bucket{le="6.710886399999993e+07"} 0 +teleport_audit_emitted_event_sizes_bucket{le="2.130573626199814e+08"} 0 +teleport_audit_emitted_event_sizes_bucket{le="6.764149631050572e+08"} 0 +teleport_audit_emitted_event_sizes_bucket{le="2.1474836479999971e+09"} 0 +teleport_audit_emitted_event_sizes_bucket{le="+Inf"} 0 +teleport_audit_emitted_event_sizes_sum 0 +teleport_audit_emitted_event_sizes_count 0 +# HELP teleport_audit_queried_trimmed_events Number of events that were trimmed before being returned from a query +# TYPE teleport_audit_queried_trimmed_events counter +teleport_audit_queried_trimmed_events 0 +# HELP teleport_audit_stored_trimmed_events Number of events that were trimmed before being stored +# TYPE teleport_audit_stored_trimmed_events counter +teleport_audit_stored_trimmed_events 0 +# HELP teleport_build_info Provides build information of Teleport including gitref (git describe --long --tags), Go version, and Teleport version. The value of this gauge will always be 1. +# TYPE teleport_build_info gauge +teleport_build_info{gitref="v14.3.3-0-g542fbb0",goversion="go1.21.6",version="14.3.3"} 1 +# HELP teleport_cache_events Number of events received by a Teleport service cache. Teleport's Auth Service, Proxy Service, and other services cache incoming events related to their service. +# TYPE teleport_cache_events counter +teleport_cache_events{cache_component="auth"} 21 +teleport_cache_events{cache_component="node"} 11 +teleport_cache_events{cache_component="proxy"} 20 +# HELP teleport_cache_stale_events Number of stale events received by a Teleport service cache. A high percentage of stale events can indicate a degraded backend. +# TYPE teleport_cache_stale_events counter +teleport_cache_stale_events {cache_component="auth"} 1 +teleport_cache_stale_events {cache_component="node"} 2 +teleport_cache_stale_events {cache_component="proxy"} 3 + +# HELP teleport_connect_to_node_attempts_total Number of SSH connection attempts to a node. Use with `failed_connect_to_node_attempts_total` to get the failure rate. +# TYPE teleport_connect_to_node_attempts_total counter +teleport_connect_to_node_attempts_total 0 +# HELP teleport_reverse_tunnels_connected Number of reverse SSH tunnels connected to the Teleport Proxy Service by Teleport instances. +# TYPE teleport_reverse_tunnels_connected gauge +teleport_reverse_tunnels_connected 10 + +# HELP trusted_clusters Number of outbound connections to leaf clusters. +# TYPE trusted_clusters gauge +trusted_clusters 5 +# HELP teleport_proxy_db_connection_setup_time_seconds Time to establish connection to DB service from Proxy service. +# TYPE teleport_proxy_db_connection_setup_time_seconds histogram +teleport_proxy_db_connection_setup_time_seconds_bucket{le="0.005"} 15 +teleport_proxy_db_connection_setup_time_seconds_bucket{le="0.01"} 25 +teleport_proxy_db_connection_setup_time_seconds_bucket{le="0.025"} 35 +teleport_proxy_db_connection_setup_time_seconds_bucket{le="0.05"} 45 +teleport_proxy_db_connection_setup_time_seconds_bucket{le="0.1"} 55 +teleport_proxy_db_connection_setup_time_seconds_bucket{le="0.25"} 65 +teleport_proxy_db_connection_setup_time_seconds_bucket{le="0.5"} 75 +teleport_proxy_db_connection_setup_time_seconds_bucket{le="1"} 85 +teleport_proxy_db_connection_setup_time_seconds_count 300 +teleport_proxy_db_connection_setup_time_seconds_sum 100.2 + +# HELP teleport_proxy_db_connection_dial_attempts_total Number of dial attempts from Proxy to DB service made. +# TYPE teleport_proxy_db_connection_dial_attempts_total counter +teleport_proxy_db_connection_dial_attempts_total 50 + +# HELP teleport_proxy_db_connection_dial_failures_total Number of failed dial attempts from Proxy to DB service made. +# TYPE teleport_proxy_db_connection_dial_failures_total counter +teleport_proxy_db_connection_dial_failures_total 10 + +# HELP teleport_proxy_db_attempted_servers_total Number of servers processed during connection attempt to the DB service from Proxy service. +# TYPE teleport_proxy_db_attempted_servers_total histogram +teleport_proxy_db_attempted_servers_total_bucket{le="2"} 20 +teleport_proxy_db_attempted_servers_total_bucket{le="5"} 30 +teleport_proxy_db_attempted_servers_total_bucket{le="10"} 40 +teleport_proxy_db_attempted_servers_total_bucket{le="20"} 50 +teleport_proxy_db_attempted_servers_total_bucket{le="50"} 60 +teleport_proxy_db_attempted_servers_total_bucket{le="100"} 70 +teleport_proxy_db_attempted_servers_total_bucket{le="200"} 80 +teleport_proxy_db_attempted_servers_total_bucket{le="500"} 90 +teleport_proxy_db_attempted_servers_total_count 280 +teleport_proxy_db_attempted_servers_total_sum 90.6 + +# HELP teleport_proxy_db_connection_tls_config_time_seconds Time to fetch TLS configuration for the connection to DB service from Proxy service. +# TYPE teleport_proxy_db_connection_tls_config_time_seconds histogram +teleport_proxy_db_connection_tls_config_time_seconds_bucket{le="0.1"} 10 +teleport_proxy_db_connection_tls_config_time_seconds_bucket{le="0.25"} 20 +teleport_proxy_db_connection_tls_config_time_seconds_bucket{le="0.5"} 30 +teleport_proxy_db_connection_tls_config_time_seconds_bucket{le="1"} 40 +teleport_proxy_db_connection_tls_config_time_seconds_bucket{le="2.5"} 50 +teleport_proxy_db_connection_tls_config_time_seconds_bucket{le="5"} 60 +teleport_proxy_db_connection_tls_config_time_seconds_bucket{le="10"} 70 +teleport_proxy_db_connection_tls_config_time_seconds_bucket{le="25"} 80 +teleport_proxy_db_connection_tls_config_time_seconds_bucket{le="50"} 90 +teleport_proxy_db_connection_tls_config_time_seconds_bucket{le="100"} 100 +teleport_proxy_db_connection_tls_config_time_seconds_count 350 +teleport_proxy_db_connection_tls_config_time_seconds_sum 120.8 + +# HELP teleport_proxy_db_active_connections_total Number of currently active connections to DB service from Proxy service. +# TYPE teleport_proxy_db_active_connections_total gauge +teleport_proxy_db_active_connections_total 25 + + + +# HELP teleport_enrolled_in_upgrades Number of instances enrolled in automatic upgrades +# TYPE teleport_enrolled_in_upgrades gauge +teleport_enrolled_in_upgrades 0 +# HELP teleport_incomplete_session_uploads_total Number of sessions not yet uploaded to auth +# TYPE teleport_incomplete_session_uploads_total gauge +teleport_incomplete_session_uploads_total 0 +# HELP teleport_kubernetes_server_in_flight_requests In-flight requests currently handled by the server. +# TYPE teleport_kubernetes_server_in_flight_requests gauge +teleport_kubernetes_server_in_flight_requests{component="kube_proxy"} 0 +# HELP teleport_migrations Migrations tracks for each migration if it is active (1) or not (0). +# TYPE teleport_migrations gauge +teleport_migrations{migration="remote_clusters"} 0 +# HELP teleport_services Teleport services currently enabled and running +# TYPE teleport_services gauge +teleport_services{service_name="auth_service"} 1 +teleport_services{service_name="proxy_service"} 1 +teleport_services{service_name="ssh_service"} 1 +# HELP teleport_total_instances Total teleport instances +# TYPE teleport_total_instances gauge +teleport_total_instances 0 +# HELP tx Number of bytes transmitted. +# TYPE tx counter +tx 0 +# HELP user_login_total Number of times there was a user login +# TYPE user_login_total counter +user_login_total 0 +# HELP user_max_concurrent_sessions_hit_total Number of times a user exceeded their max concurrent ssh connections +# TYPE user_max_concurrent_sessions_hit_total counter +user_max_concurrent_sessions_hit_total 0 +# HELP watcher_event_sizes Overall size of events emitted +# TYPE watcher_event_sizes histogram +watcher_event_sizes_bucket{le="0"} 0 +watcher_event_sizes_bucket{le="100"} 6 +watcher_event_sizes_bucket{le="200"} 14 +watcher_event_sizes_bucket{le="300"} 19 +watcher_event_sizes_bucket{le="400"} 19 +watcher_event_sizes_bucket{le="500"} 20 +watcher_event_sizes_bucket{le="600"} 24 +watcher_event_sizes_bucket{le="700"} 24 +watcher_event_sizes_bucket{le="800"} 27 +watcher_event_sizes_bucket{le="900"} 27 +watcher_event_sizes_bucket{le="1000"} 27 +watcher_event_sizes_bucket{le="1100"} 27 +watcher_event_sizes_bucket{le="1200"} 27 +watcher_event_sizes_bucket{le="1300"} 27 +watcher_event_sizes_bucket{le="1400"} 27 +watcher_event_sizes_bucket{le="1500"} 29 +watcher_event_sizes_bucket{le="1600"} 29 +watcher_event_sizes_bucket{le="1700"} 29 +watcher_event_sizes_bucket{le="1800"} 29 +watcher_event_sizes_bucket{le="1900"} 33 +watcher_event_sizes_bucket{le="+Inf"} 35 +watcher_event_sizes_sum 22723 +watcher_event_sizes_count 35 +# HELP watcher_events Per resources size of events emitted +# TYPE watcher_events histogram +watcher_events_bucket{resource="/auth_server",le="0"} 0 +watcher_events_bucket{resource="/auth_server",le="200"} 0 +watcher_events_bucket{resource="/auth_server",le="400"} 1 +watcher_events_bucket{resource="/auth_server",le="600"} 1 +watcher_events_bucket{resource="/auth_server",le="800"} 1 +watcher_events_bucket{resource="/auth_server",le="+Inf"} 1 +watcher_events_sum{resource="/auth_server"} 212 +watcher_events_count{resource="/auth_server"} 1 +watcher_events_bucket{resource="/cert_authority/db",le="0"} 0 +watcher_events_bucket{resource="/cert_authority/db",le="200"} 0 +watcher_events_bucket{resource="/cert_authority/db",le="400"} 0 +watcher_events_bucket{resource="/cert_authority/db",le="600"} 0 +watcher_events_bucket{resource="/cert_authority/db",le="800"} 0 +watcher_events_bucket{resource="/cert_authority/db",le="+Inf"} 1 +watcher_events_sum{resource="/cert_authority/db"} 1420 +watcher_events_count{resource="/cert_authority/db"} 1 +watcher_events_bucket{resource="/cert_authority/host",le="0"} 0 +watcher_events_bucket{resource="/cert_authority/host",le="200"} 0 +watcher_events_bucket{resource="/cert_authority/host",le="400"} 0 +watcher_events_bucket{resource="/cert_authority/host",le="600"} 0 +watcher_events_bucket{resource="/cert_authority/host",le="800"} 0 +watcher_events_bucket{resource="/cert_authority/host",le="+Inf"} 2 +watcher_events_sum{resource="/cert_authority/host"} 3630 +watcher_events_count{resource="/cert_authority/host"} 2 +watcher_events_bucket{resource="/cert_authority/jwt",le="0"} 0 +watcher_events_bucket{resource="/cert_authority/jwt",le="200"} 0 +watcher_events_bucket{resource="/cert_authority/jwt",le="400"} 0 +watcher_events_bucket{resource="/cert_authority/jwt",le="600"} 1 +watcher_events_bucket{resource="/cert_authority/jwt",le="800"} 1 +watcher_events_bucket{resource="/cert_authority/jwt",le="+Inf"} 1 +watcher_events_sum{resource="/cert_authority/jwt"} 534 +watcher_events_count{resource="/cert_authority/jwt"} 1 +watcher_events_bucket{resource="/cert_authority/oidc_idp",le="0"} 0 +watcher_events_bucket{resource="/cert_authority/oidc_idp",le="200"} 0 +watcher_events_bucket{resource="/cert_authority/oidc_idp",le="400"} 0 +watcher_events_bucket{resource="/cert_authority/oidc_idp",le="600"} 1 +watcher_events_bucket{resource="/cert_authority/oidc_idp",le="800"} 1 +watcher_events_bucket{resource="/cert_authority/oidc_idp",le="+Inf"} 1 +watcher_events_sum{resource="/cert_authority/oidc_idp"} 544 +watcher_events_count{resource="/cert_authority/oidc_idp"} 1 +watcher_events_bucket{resource="/cert_authority/openssh",le="0"} 0 +watcher_events_bucket{resource="/cert_authority/openssh",le="200"} 0 +watcher_events_bucket{resource="/cert_authority/openssh",le="400"} 0 +watcher_events_bucket{resource="/cert_authority/openssh",le="600"} 1 +watcher_events_bucket{resource="/cert_authority/openssh",le="800"} 1 +watcher_events_bucket{resource="/cert_authority/openssh",le="+Inf"} 1 +watcher_events_sum{resource="/cert_authority/openssh"} 497 +watcher_events_count{resource="/cert_authority/openssh"} 1 +watcher_events_bucket{resource="/cert_authority/saml_idp",le="0"} 0 +watcher_events_bucket{resource="/cert_authority/saml_idp",le="200"} 0 +watcher_events_bucket{resource="/cert_authority/saml_idp",le="400"} 0 +watcher_events_bucket{resource="/cert_authority/saml_idp",le="600"} 0 +watcher_events_bucket{resource="/cert_authority/saml_idp",le="800"} 0 +watcher_events_bucket{resource="/cert_authority/saml_idp",le="+Inf"} 1 +watcher_events_sum{resource="/cert_authority/saml_idp"} 1436 +watcher_events_count{resource="/cert_authority/saml_idp"} 1 +watcher_events_bucket{resource="/cert_authority/user",le="0"} 0 +watcher_events_bucket{resource="/cert_authority/user",le="200"} 0 +watcher_events_bucket{resource="/cert_authority/user",le="400"} 0 +watcher_events_bucket{resource="/cert_authority/user",le="600"} 0 +watcher_events_bucket{resource="/cert_authority/user",le="800"} 0 +watcher_events_bucket{resource="/cert_authority/user",le="+Inf"} 2 +watcher_events_sum{resource="/cert_authority/user"} 3622 +watcher_events_count{resource="/cert_authority/user"} 2 +watcher_events_bucket{resource="/cluster_audit_config",le="0"} 0 +watcher_events_bucket{resource="/cluster_audit_config",le="200"} 2 +watcher_events_bucket{resource="/cluster_audit_config",le="400"} 2 +watcher_events_bucket{resource="/cluster_audit_config",le="600"} 2 +watcher_events_bucket{resource="/cluster_audit_config",le="800"} 2 +watcher_events_bucket{resource="/cluster_audit_config",le="+Inf"} 2 +watcher_events_sum{resource="/cluster_audit_config"} 156 +watcher_events_count{resource="/cluster_audit_config"} 2 +watcher_events_bucket{resource="/cluster_auth_preference",le="0"} 0 +watcher_events_bucket{resource="/cluster_auth_preference",le="200"} 2 +watcher_events_bucket{resource="/cluster_auth_preference",le="400"} 2 +watcher_events_bucket{resource="/cluster_auth_preference",le="600"} 2 +watcher_events_bucket{resource="/cluster_auth_preference",le="800"} 2 +watcher_events_bucket{resource="/cluster_auth_preference",le="+Inf"} 2 +watcher_events_sum{resource="/cluster_auth_preference"} 342 +watcher_events_count{resource="/cluster_auth_preference"} 2 +watcher_events_bucket{resource="/cluster_name",le="0"} 0 +watcher_events_bucket{resource="/cluster_name",le="200"} 2 +watcher_events_bucket{resource="/cluster_name",le="400"} 2 +watcher_events_bucket{resource="/cluster_name",le="600"} 2 +watcher_events_bucket{resource="/cluster_name",le="800"} 2 +watcher_events_bucket{resource="/cluster_name",le="+Inf"} 2 +watcher_events_sum{resource="/cluster_name"} 232 +watcher_events_count{resource="/cluster_name"} 2 +watcher_events_bucket{resource="/cluster_networking_config",le="0"} 0 +watcher_events_bucket{resource="/cluster_networking_config",le="200"} 2 +watcher_events_bucket{resource="/cluster_networking_config",le="400"} 2 +watcher_events_bucket{resource="/cluster_networking_config",le="600"} 2 +watcher_events_bucket{resource="/cluster_networking_config",le="800"} 2 +watcher_events_bucket{resource="/cluster_networking_config",le="+Inf"} 2 +watcher_events_sum{resource="/cluster_networking_config"} 280 +watcher_events_count{resource="/cluster_networking_config"} 2 +watcher_events_bucket{resource="/namespace",le="0"} 0 +watcher_events_bucket{resource="/namespace",le="200"} 2 +watcher_events_bucket{resource="/namespace",le="400"} 2 +watcher_events_bucket{resource="/namespace",le="600"} 2 +watcher_events_bucket{resource="/namespace",le="800"} 2 +watcher_events_bucket{resource="/namespace",le="+Inf"} 2 +watcher_events_sum{resource="/namespace"} 102 +watcher_events_count{resource="/namespace"} 2 +watcher_events_bucket{resource="/node/teleport",le="0"} 0 +watcher_events_bucket{resource="/node/teleport",le="200"} 0 +watcher_events_bucket{resource="/node/teleport",le="400"} 2 +watcher_events_bucket{resource="/node/teleport",le="600"} 2 +watcher_events_bucket{resource="/node/teleport",le="800"} 2 +watcher_events_bucket{resource="/node/teleport",le="+Inf"} 2 +watcher_events_sum{resource="/node/teleport"} 481 +watcher_events_count{resource="/node/teleport"} 2 +watcher_events_bucket{resource="/proxy",le="0"} 0 +watcher_events_bucket{resource="/proxy",le="200"} 0 +watcher_events_bucket{resource="/proxy",le="400"} 1 +watcher_events_bucket{resource="/proxy",le="600"} 1 +watcher_events_bucket{resource="/proxy",le="800"} 1 +watcher_events_bucket{resource="/proxy",le="+Inf"} 1 +watcher_events_sum{resource="/proxy"} 202 +watcher_events_count{resource="/proxy"} 1 +watcher_events_bucket{resource="/role",le="0"} 0 +watcher_events_bucket{resource="/role",le="200"} 0 +watcher_events_bucket{resource="/role",le="400"} 0 +watcher_events_bucket{resource="/role",le="600"} 2 +watcher_events_bucket{resource="/role",le="800"} 4 +watcher_events_bucket{resource="/role",le="+Inf"} 6 +watcher_events_sum{resource="/role"} 7586 +watcher_events_count{resource="/role"} 6 +watcher_events_bucket{resource="/session_recording_config",le="0"} 0 +watcher_events_bucket{resource="/session_recording_config",le="200"} 2 +watcher_events_bucket{resource="/session_recording_config",le="400"} 2 +watcher_events_bucket{resource="/session_recording_config",le="600"} 2 +watcher_events_bucket{resource="/session_recording_config",le="800"} 2 +watcher_events_bucket{resource="/session_recording_config",le="+Inf"} 2 +watcher_events_sum{resource="/session_recording_config"} 254 +watcher_events_count{resource="/session_recording_config"} 2 +watcher_events_bucket{resource="/watch_status",le="0"} 0 +watcher_events_bucket{resource="/watch_status",le="200"} 2 +watcher_events_bucket{resource="/watch_status",le="400"} 3 +watcher_events_bucket{resource="/watch_status",le="600"} 3 +watcher_events_bucket{resource="/watch_status",le="800"} 4 +watcher_events_bucket{resource="/watch_status",le="+Inf"} 4 +watcher_events_sum{resource="/watch_status"} 1193 +watcher_events_count{resource="/watch_status"} 4 + +# HELP audit_failed_disk_monitoring Number of times disk monitoring failed. +# TYPE audit_failed_disk_monitoring counter +audit_failed_disk_monitoring 14 + +# HELP audit_failed_emit_events Number of times emitting audit events failed. +# TYPE audit_failed_emit_events counter +audit_failed_emit_events 7 + +# HELP audit_percentage_disk_space_used Percentage of disk space used. +# TYPE audit_percentage_disk_space_used gauge +audit_percentage_disk_space_used 65.3 + +# HELP audit_server_open_files Number of open audit files. +# TYPE audit_server_open_files gauge +audit_server_open_files 30 + +# HELP auth_generate_requests_throttled_total Number of throttled requests to generate new server keys. +# TYPE auth_generate_requests_throttled_total counter +auth_generate_requests_throttled_total 20 + +# HELP auth_generate_requests_total Number of requests to generate new server keys. +# TYPE auth_generate_requests_total counter +auth_generate_requests_total 90 + +# HELP auth_generate_requests Number of current generate requests. +# TYPE auth_generate_requests gauge +auth_generate_requests 15 + +# HELP auth_generate_seconds Latency for generate requests. +# TYPE auth_generate_seconds histogram +auth_generate_seconds_bucket{le="0.005"} 0 +auth_generate_seconds_bucket{le="0.01"} 1 +auth_generate_seconds_bucket{le="0.025"} 3 +auth_generate_seconds_bucket{le="0.05"} 5 +auth_generate_seconds_bucket{le="0.075"} 7 +auth_generate_seconds_bucket{le="0.1"} 8 +auth_generate_seconds_bucket{le="0.25"} 10 +auth_generate_seconds_bucket{le="0.5"} 14 +auth_generate_seconds_bucket{le="0.75"} 20 +auth_generate_seconds_bucket{le="1"} 25 +auth_generate_seconds_bucket{le="+Inf"} 30 +auth_generate_seconds_sum 33.0 +auth_generate_seconds_count 30 + +# TYPE teleport_audit_emit_events counter +teleport_audit_emit_events_total 0 + +# TYPE teleport_audit_parquetlog_batch_processing_seconds histogram +teleport_audit_parquetlog_batch_processing_seconds_bucket{le="0.005"} 0 +teleport_audit_parquetlog_batch_processing_seconds_bucket{le="0.01"} 0 +teleport_audit_parquetlog_batch_processing_seconds_bucket{le="0.025"} 0 +teleport_audit_parquetlog_batch_processing_seconds_bucket{le="0.05"} 0 +teleport_audit_parquetlog_batch_processing_seconds_bucket{le="0.1"} 0 +teleport_audit_parquetlog_batch_processing_seconds_bucket{le="0.25"} 0 +teleport_audit_parquetlog_batch_processing_seconds_bucket{le="0.5"} 0 +teleport_audit_parquetlog_batch_processing_seconds_bucket{le="1"} 0 +teleport_audit_parquetlog_batch_processing_seconds_bucket{le="2.5"} 0 +teleport_audit_parquetlog_batch_processing_seconds_bucket{le="5"} 0 +teleport_audit_parquetlog_batch_processing_seconds_bucket{le="10"} 0 +teleport_audit_parquetlog_batch_processing_seconds_bucket{le="+Inf"} 0 +teleport_audit_parquetlog_batch_processing_seconds_sum 0 +teleport_audit_parquetlog_batch_processing_seconds_count 0 + +# TYPE teleport_audit_parquetlog_s3_flush_seconds histogram +teleport_audit_parquetlog_s3_flush_seconds_bucket{le="0.005"} 0 +teleport_audit_parquetlog_s3_flush_seconds_bucket{le="0.01"} 0 +teleport_audit_parquetlog_s3_flush_seconds_bucket{le="0.025"} 0 +teleport_audit_parquetlog_s3_flush_seconds_bucket{le="0.05"} 0 +teleport_audit_parquetlog_s3_flush_seconds_bucket{le="0.1"} 0 +teleport_audit_parquetlog_s3_flush_seconds_bucket{le="0.25"} 0 +teleport_audit_parquetlog_s3_flush_seconds_bucket{le="0.5"} 0 +teleport_audit_parquetlog_s3_flush_seconds_bucket{le="1"} 0 +teleport_audit_parquetlog_s3_flush_seconds_bucket{le="2.5"} 0 +teleport_audit_parquetlog_s3_flush_seconds_bucket{le="5"} 0 +teleport_audit_parquetlog_s3_flush_seconds_bucket{le="10"} 0 +teleport_audit_parquetlog_s3_flush_seconds_bucket{le="+Inf"} 0 +teleport_audit_parquetlog_s3_flush_seconds_sum 0 +teleport_audit_parquetlog_s3_flush_seconds_count 0 + +# TYPE teleport_audit_parquetlog_delete_events_seconds histogram +teleport_audit_parquetlog_delete_events_seconds_bucket{le="0.005"} 0 +teleport_audit_parquetlog_delete_events_seconds_bucket{le="0.01"} 0 +teleport_audit_parquetlog_delete_events_seconds_bucket{le="0.025"} 0 +teleport_audit_parquetlog_delete_events_seconds_bucket{le="0.05"} 0 +teleport_audit_parquetlog_delete_events_seconds_bucket{le="0.1"} 0 +teleport_audit_parquetlog_delete_events_seconds_bucket{le="0.25"} 0 +teleport_audit_parquetlog_delete_events_seconds_bucket{le="0.5"} 0 +teleport_audit_parquetlog_delete_events_seconds_bucket{le="1"} 0 +teleport_audit_parquetlog_delete_events_seconds_bucket{le="2.5"} 0 +teleport_audit_parquetlog_delete_events_seconds_bucket{le="5"} 0 +teleport_audit_parquetlog_delete_events_seconds_bucket{le="10"} 0 +teleport_audit_parquetlog_delete_events_seconds_bucket{le="+Inf"} 0 +teleport_audit_parquetlog_delete_events_seconds_sum 0 +teleport_audit_parquetlog_delete_events_seconds_count 0 + +# TYPE teleport_audit_parquetlog_batch_size histogram +teleport_audit_parquetlog_batch_size_bucket{le="500"} 0 +teleport_audit_parquetlog_batch_size_bucket{le="1000"} 0 +teleport_audit_parquetlog_batch_size_bucket{le="1500"} 0 +teleport_audit_parquetlog_batch_size_bucket{le="2000"} 0 +teleport_audit_parquetlog_batch_size_bucket{le="2500"} 0 +teleport_audit_parquetlog_batch_size_bucket{le="3000"} 0 +teleport_audit_parquetlog_batch_size_bucket{le="3500"} 0 +teleport_audit_parquetlog_batch_size_bucket{le="4000"} 0 +teleport_audit_parquetlog_batch_size_bucket{le="4500"} 0 +teleport_audit_parquetlog_batch_size_bucket{le="5000"} 0 +teleport_audit_parquetlog_batch_size_bucket{le="+Inf"} 0 +teleport_audit_parquetlog_batch_size_sum 0 +teleport_audit_parquetlog_batch_size_count 0 + +# TYPE teleport_audit_parquetlog_batch_count counter +teleport_audit_parquetlog_batch_count 0 + +# TYPE teleport_audit_parquetlog_last_processed_timestamp gauge +teleport_audit_parquetlog_last_processed_timestamp 0 + +# TYPE teleport_audit_parquetlog_age_oldest_processed_message gauge +teleport_audit_parquetlog_age_oldest_processed_message 0 + +# TYPE teleport_audit_parquetlog_errors_from_collect_count counter +teleport_audit_parquetlog_errors_from_collect_count 0 + +# TYPE teleport_connected_resources gauge +teleport_connected_resources 0 + +# TYPE teleport_registered_servers gauge +teleport_registered_servers 0 + +# TYPE teleport_registered_servers_by_install_methods gauge +teleport_registered_servers_by_install_methods 0 + +# TYPE user_login_total counter +user_login_total 0 + +# TYPE teleport_migrations gauge +teleport_migrations 0 + +# HELP s3_requests_total Total number of requests to the S3 API. +# TYPE s3_requests_total counter +s3_requests_total 4000 + +# HELP s3_requests Total number of requests to the S3 API grouped by result. +# TYPE s3_requests counter +s3_requests{result="success"} 3200 +s3_requests{result="failure"} 800 + +# TYPE s3_requests_seconds histogram +s3_requests_seconds_bucket{le="0.005"} 0 +s3_requests_seconds_bucket{le="0.01"} 0 +s3_requests_seconds_bucket{le="0.025"} 0 +s3_requests_seconds_bucket{le="0.05"} 0 +s3_requests_seconds_bucket{le="0.1"} 0 +s3_requests_seconds_bucket{le="0.25"} 0 +s3_requests_seconds_bucket{le="0.5"} 0 +s3_requests_seconds_bucket{le="1"} 0 +s3_requests_seconds_bucket{le="2.5"} 0 +s3_requests_seconds_bucket{le="5"} 0 +s3_requests_seconds_bucket{le="10"} 0 +s3_requests_seconds_bucket{le="+Inf"} 0 +s3_requests_seconds_sum 0 +s3_requests_seconds_count 0 + + +# HELP dynamo_requests_total Total number of requests to the DYNAMO API. +# TYPE dynamo_requests_total counter +dynamo_requests_total 4000 + +# HELP dynamo_requests Total number of requests to the DYNAMO API grouped by result. +# TYPE dynamo_requests counter +dynamo_requests{result="success"} 3200 +dynamo_requests{result="failure"} 800 + +# TYPE dynamo_requests_seconds histogram +dynamo_requests_seconds_bucket{le="0.005"} 0 +dynamo_requests_seconds_bucket{le="0.01"} 0 +dynamo_requests_seconds_bucket{le="0.025"} 0 +dynamo_requests_seconds_bucket{le="0.05"} 0 +dynamo_requests_seconds_bucket{le="0.1"} 0 +dynamo_requests_seconds_bucket{le="0.25"} 0 +dynamo_requests_seconds_bucket{le="0.5"} 0 +dynamo_requests_seconds_bucket{le="1"} 0 +dynamo_requests_seconds_bucket{le="2.5"} 0 +dynamo_requests_seconds_bucket{le="5"} 0 +dynamo_requests_seconds_bucket{le="10"} 0 +dynamo_requests_seconds_bucket{le="+Inf"} 0 +dynamo_requests_seconds_sum 0 +dynamo_requests_seconds_count 0 + + +# HELP firestore_events_backend_batch_read_requests Number of batch read requests to Cloud Firestore events. +# TYPE firestore_events_backend_batch_read_requests counter +firestore_events_backend_batch_read_requests 150 + +# HELP firestore_events_backend_batch_read_seconds Latency for Cloud Firestore events batch read operations. +# TYPE firestore_events_backend_batch_read_seconds histogram +firestore_events_backend_batch_read_seconds_bucket{le="0.005"} 250 +firestore_events_backend_batch_read_seconds_bucket{le="0.01"} 500 +firestore_events_backend_batch_read_seconds_bucket{le="0.025"} 750 +firestore_events_backend_batch_read_seconds_bucket{le="0.05"} 1000 +firestore_events_backend_batch_read_seconds_bucket{le="0.075"} 1200 +firestore_events_backend_batch_read_seconds_bucket{le="0.1"} 1500 +firestore_events_backend_batch_read_seconds_bucket{le="0.25"} 2000 +firestore_events_backend_batch_read_seconds_bucket{le="0.5"} 2500 +firestore_events_backend_batch_read_seconds_bucket{le="0.75"} 2750 +firestore_events_backend_batch_read_seconds_bucket{le="1"} 3000 +firestore_events_backend_batch_read_seconds_bucket{le="+Inf"} 3200 +firestore_events_backend_batch_read_seconds_count 3200 +firestore_events_backend_batch_read_seconds_sum 800 + +# HELP firestore_events_backend_batch_write_requests Number of batch write requests to Cloud Firestore events. +# TYPE firestore_events_backend_batch_write_requests counter +firestore_events_backend_batch_write_requests 4800 + +# HELP firestore_events_backend_batch_write_seconds Latency for Cloud Firestore events batch write operations. +# TYPE firestore_events_backend_batch_write_seconds histogram +firestore_events_backend_batch_write_seconds_bucket{le="0.005"} 1000 +firestore_events_backend_batch_write_seconds_bucket{le="0.01"} 2000 +firestore_events_backend_batch_write_seconds_bucket{le="0.025"} 3000 +firestore_events_backend_batch_write_seconds_bucket{le="0.05"} 4000 +firestore_events_backend_batch_write_seconds_bucket{le="0.075"} 5000 +firestore_events_backend_batch_write_seconds_bucket{le="0.1"} 6000 +firestore_events_backend_batch_write_seconds_bucket{le="0.25"} 7000 +firestore_events_backend_batch_write_seconds_bucket{le="0.5"} 8000 +firestore_events_backend_batch_write_seconds_bucket{le="0.75"} 9000 +firestore_events_backend_batch_write_seconds_bucket{le="1"} 10000 +firestore_events_backend_batch_write_seconds_bucket{le="+Inf"} 11000 +firestore_events_backend_batch_write_seconds_count 11000 +firestore_events_backend_batch_write_seconds_sum 3500 + +# HELP firestore_events_backend_write_requests Number of write requests to Cloud Firestore events. +# TYPE firestore_events_backend_write_requests counter +firestore_events_backend_write_requests 7500 + +# HELP firestore_events_backend_write_seconds Latency for Cloud Firestore events write operations. +# TYPE firestore_events_backend_write_seconds histogram +firestore_events_backend_write_seconds_bucket{le="0.005"} 1500 +firestore_events_backend_write_seconds_bucket{le="0.01"} 3000 +firestore_events_backend_write_seconds_bucket{le="0.025"} 4500 +firestore_events_backend_write_seconds_bucket{le="0.05"} 6000 +firestore_events_backend_write_seconds_bucket{le="0.075"} 7500 +firestore_events_backend_write_seconds_bucket{le="0.1"} 9000 +firestore_events_backend_write_seconds_bucket{le="0.25"} 10500 +firestore_events_backend_write_seconds_bucket{le="0.5"} 12000 +firestore_events_backend_write_seconds_bucket{le="0.75"} 13500 +firestore_events_backend_write_seconds_bucket{le="1"} 15000 +firestore_events_backend_write_seconds_bucket{le="+Inf"} 16500 +firestore_events_backend_write_seconds_count 16500 +firestore_events_backend_write_seconds_sum 5250 + + +# HELP gcs_event_storage_downloads_seconds Latency for GCS download operations. +# TYPE gcs_event_storage_downloads_seconds histogram +gcs_event_storage_downloads_seconds_bucket{le="0.005"} 100 +gcs_event_storage_downloads_seconds_bucket{le="0.01"} 300 +gcs_event_storage_downloads_seconds_bucket{le="0.025"} 500 +gcs_event_storage_downloads_seconds_bucket{le="0.05"} 700 +gcs_event_storage_downloads_seconds_bucket{le="0.075"} 900 +gcs_event_storage_downloads_seconds_bucket{le="0.1"} 1100 +gcs_event_storage_downloads_seconds_bucket{le="0.25"} 1300 +gcs_event_storage_downloads_seconds_bucket{le="0.5"} 1500 +gcs_event_storage_downloads_seconds_bucket{le="0.75"} 1700 +gcs_event_storage_downloads_seconds_bucket{le="1"} 1900 +gcs_event_storage_downloads_seconds_bucket{le="+Inf"} 2000 +gcs_event_storage_downloads_seconds_count 2000 +gcs_event_storage_downloads_seconds_sum 600 + +# HELP gcs_event_storage_downloads Number of downloads from the GCS backend. +# TYPE gcs_event_storage_downloads counter +gcs_event_storage_downloads 4500 + +# HELP gcs_event_storage_uploads_seconds Latency for GCS upload operations. +# TYPE gcs_event_storage_uploads_seconds histogram +gcs_event_storage_uploads_seconds_bucket{le="0.005"} 200 +gcs_event_storage_uploads_seconds_bucket{le="0.01"} 400 +gcs_event_storage_uploads_seconds_bucket{le="0.025"} 600 +gcs_event_storage_uploads_seconds_bucket{le="0.05"} 800 +gcs_event_storage_uploads_seconds_bucket{le="0.075"} 1000 +gcs_event_storage_uploads_seconds_bucket{le="0.1"} 1200 +gcs_event_storage_uploads_seconds_bucket{le="0.25"} 1400 +gcs_event_storage_uploads_seconds_bucket{le="0.5"} 1600 +gcs_event_storage_uploads_seconds_bucket{le="0.75"} 1800 +gcs_event_storage_uploads_seconds_bucket{le="1"} 2000 +gcs_event_storage_uploads_seconds_bucket{le="+Inf"} 2200 +gcs_event_storage_uploads_seconds_count 2200 +gcs_event_storage_uploads_seconds_sum 700 + +# HELP gcs_event_storage_uploads Number of uploads to the GCS backend. +# TYPE gcs_event_storage_uploads counter +gcs_event_storage_uploads 5000 + + +# HELP etcd_backend_batch_read_requests Number of read requests to the etcd database. +# TYPE etcd_backend_batch_read_requests counter +etcd_backend_batch_read_requests 200 + +# HELP etcd_backend_batch_read_seconds Latency for etcd read operations. +# TYPE etcd_backend_batch_read_seconds histogram +etcd_backend_batch_read_seconds_bucket{le="0.005"} 20 +etcd_backend_batch_read_seconds_bucket{le="0.01"} 40 +etcd_backend_batch_read_seconds_bucket{le="0.025"} 80 +etcd_backend_batch_read_seconds_bucket{le="0.05"} 120 +etcd_backend_batch_read_seconds_bucket{le="0.075"} 150 +etcd_backend_batch_read_seconds_bucket{le="0.1"} 160 +etcd_backend_batch_read_seconds_bucket{le="0.25"} 180 +etcd_backend_batch_read_seconds_bucket{le="0.5"} 190 +etcd_backend_batch_read_seconds_bucket{le="0.75"} 195 +etcd_backend_batch_read_seconds_bucket{le="1"} 200 +etcd_backend_batch_read_seconds_bucket{le="+Inf"} 200 +etcd_backend_batch_read_seconds_sum 400.0 +etcd_backend_batch_read_seconds_count 200 + +# HELP etcd_backend_read_requests Number of read requests to the etcd database. +# TYPE etcd_backend_read_requests counter +etcd_backend_read_requests 1000 + +# HELP etcd_backend_read_seconds Latency for etcd read operations. +# TYPE etcd_backend_read_seconds histogram +etcd_backend_read_seconds_bucket{le="0.005"} 100 +etcd_backend_read_seconds_bucket{le="0.01"} 200 +etcd_backend_read_seconds_bucket{le="0.025"} 400 +etcd_backend_read_seconds_bucket{le="0.05"} 600 +etcd_backend_read_seconds_bucket{le="0.075"} 800 +etcd_backend_read_seconds_bucket{le="0.1"} 900 +etcd_backend_read_seconds_bucket{le="0.25"} 950 +etcd_backend_read_seconds_bucket{le="0.5"} 975 +etcd_backend_read_seconds_bucket{le="0.75"} 990 +etcd_backend_read_seconds_bucket{le="1"} 1000 +etcd_backend_read_seconds_bucket{le="+Inf"} 1000 +etcd_backend_read_seconds_sum 2000.0 +etcd_backend_read_seconds_count 1000 + +# HELP etcd_backend_tx_requests Number of transaction requests to the database. +# TYPE etcd_backend_tx_requests counter +etcd_backend_tx_requests 500 + +# HELP etcd_backend_tx_seconds Latency for etcd transaction operations. +# TYPE etcd_backend_tx_seconds histogram +etcd_backend_tx_seconds_bucket{le="0.005"} 50 +etcd_backend_tx_seconds_bucket{le="0.01"} 100 +etcd_backend_tx_seconds_bucket{le="0.025"} 200 +etcd_backend_tx_seconds_bucket{le="0.05"} 300 +etcd_backend_tx_seconds_bucket{le="0.075"} 400 +etcd_backend_tx_seconds_bucket{le="0.1"} 450 +etcd_backend_tx_seconds_bucket{le="0.25"} 475 +etcd_backend_tx_seconds_bucket{le="0.5"} 490 +etcd_backend_tx_seconds_bucket{le="0.75"} 498 +etcd_backend_tx_seconds_bucket{le="1"} 500 +etcd_backend_tx_seconds_bucket{le="+Inf"} 500 +etcd_backend_tx_seconds_sum 1000.0 +etcd_backend_tx_seconds_count 500 + +# HELP etcd_backend_write_requests Number of write requests to the database. +# TYPE etcd_backend_write_requests counter +etcd_backend_write_requests 1200 + +# HELP etcd_backend_write_seconds Latency for etcd write operations. +# TYPE etcd_backend_write_seconds histogram +etcd_backend_write_seconds_bucket{le="0.005"} 120 +etcd_backend_write_seconds_bucket{le="0.01"} 240 +etcd_backend_write_seconds_bucket{le="0.025"} 480 +etcd_backend_write_seconds_bucket{le="0.05"} 720 +etcd_backend_write_seconds_bucket{le="0.075"} 960 +etcd_backend_write_seconds_bucket{le="0.1"} 1080 +etcd_backend_write_seconds_bucket{le="0.25"} 1140 +etcd_backend_write_seconds_bucket{le="0.5"} 1176 +etcd_backend_write_seconds_bucket{le="0.75"} 1194 +etcd_backend_write_seconds_bucket{le="1"} 1200 +etcd_backend_write_seconds_bucket{le="+Inf"} 1200 +etcd_backend_write_seconds_sum 2400.0 +etcd_backend_write_seconds_count 1200 + +# HELP teleport_etcd_events Total number of etcd events processed. +# TYPE teleport_etcd_events counter +teleport_etcd_events 2000 + +# HELP teleport_etcd_event_backpressure Total number of times event processing encountered backpressure. +# TYPE teleport_etcd_event_backpressure counter +teleport_etcd_event_backpressure 3 + +# TYPE teleport_kubernetes_client_in_flight_requests gauge +# HELP teleport_kubernetes_client_in_flight_requests Teleport Kubernetes Service In-flight requests waiting for the upstream response. +teleport_kubernetes_client_in_flight_requests 0 + +# TYPE teleport_kubernetes_client_requests_total counter +# HELP teleport_kubernetes_client_requests_total Teleport Kubernetes Service Total number of requests sent to the upstream teleport proxy, kube_service or Kubernetes Cluster servers. +teleport_kubernetes_client_requests_total 0 + +# TYPE teleport_kubernetes_client_tls_duration_seconds histogram +# HELP teleport_kubernetes_client_tls_duration_seconds Teleport Kubernetes Service Latency distribution of TLS handshakes. +teleport_kubernetes_client_tls_duration_seconds_bucket{le="0.005"} 0 +teleport_kubernetes_client_tls_duration_seconds_bucket{le="0.01"} 0 +teleport_kubernetes_client_tls_duration_seconds_bucket{le="+Inf"} 0 +teleport_kubernetes_client_tls_duration_seconds_sum 0 +teleport_kubernetes_client_tls_duration_seconds_count 0 + +# TYPE teleport_kubernetes_client_got_conn_duration_seconds histogram +# HELP teleport_kubernetes_client_got_conn_duration_seconds Teleport Kubernetes Service Latency distribution of time to dial to the upstream server - using reversetunnel or direct dialer. +teleport_kubernetes_client_got_conn_duration_seconds_bucket{le="0.005"} 0 +teleport_kubernetes_client_got_conn_duration_seconds_bucket{le="0.01"} 0 +teleport_kubernetes_client_got_conn_duration_seconds_bucket{le="+Inf"} 0 +teleport_kubernetes_client_got_conn_duration_seconds_sum 0 +teleport_kubernetes_client_got_conn_duration_seconds_count 0 + +# TYPE teleport_kubernetes_client_first_byte_response_duration_seconds histogram +# HELP teleport_kubernetes_client_first_byte_response_duration_seconds Teleport Kubernetes Service Latency distribution of time to receive the first response byte from the upstream server. +teleport_kubernetes_client_first_byte_response_duration_seconds_bucket{le="0.005"} 0 +teleport_kubernetes_client_first_byte_response_duration_seconds_bucket{le="0.01"} 0 +teleport_kubernetes_client_first_byte_response_duration_seconds_bucket{le="+Inf"} 0 +teleport_kubernetes_client_first_byte_response_duration_seconds_sum 0 +teleport_kubernetes_client_first_byte_response_duration_seconds_count 0 + +# TYPE teleport_kubernetes_client_request_duration_seconds histogram +# HELP teleport_kubernetes_client_request_duration_seconds Teleport Kubernetes Service Latency distribution of the upstream request time. +teleport_kubernetes_client_request_duration_seconds_bucket{le="0.005"} 0 +teleport_kubernetes_client_request_duration_seconds_bucket{le="0.01"} 0 +teleport_kubernetes_client_request_duration_seconds_bucket{le="+Inf"} 0 +teleport_kubernetes_client_request_duration_seconds_sum 0 +teleport_kubernetes_client_request_duration_seconds_count 0 + +# TYPE teleport_kubernetes_server_in_flight_requests gauge +teleport_kubernetes_server_in_flight_requests{} 5 + +# TYPE teleport_kubernetes_server_api_requests_total counter +teleport_kubernetes_server_api_requests_total{} 142 + +# TYPE teleport_kubernetes_server_request_duration_seconds histogram +teleport_kubernetes_server_request_duration_seconds_bucket{le="0.005"} 0 +teleport_kubernetes_server_request_duration_seconds_bucket{le="0.01"} 1 +teleport_kubernetes_server_request_duration_seconds_bucket{le="0.025"} 3 +teleport_kubernetes_server_request_duration_seconds_bucket{le="0.05"} 8 +teleport_kubernetes_server_request_duration_seconds_bucket{le="0.1"} 15 +teleport_kubernetes_server_request_duration_seconds_bucket{le="0.25"} 24 +teleport_kubernetes_server_request_duration_seconds_bucket{le="0.5"} 30 +teleport_kubernetes_server_request_duration_seconds_bucket{le="1"} 40 +teleport_kubernetes_server_request_duration_seconds_bucket{le="+Inf"} 50 +teleport_kubernetes_server_request_duration_seconds_sum{} 123.45 +teleport_kubernetes_server_request_duration_seconds_count{} 50 + +# TYPE teleport_kubernetes_server_response_size_bytes histogram +teleport_kubernetes_server_response_size_bytes_bucket{le="100"} 5 +teleport_kubernetes_server_response_size_bytes_bucket{le="500"} 15 +teleport_kubernetes_server_response_size_bytes_bucket{le="1000"} 20 +teleport_kubernetes_server_response_size_bytes_bucket{le="5000"} 30 +teleport_kubernetes_server_response_size_bytes_bucket{le="10000"} 40 +teleport_kubernetes_server_response_size_bytes_bucket{le="+Inf"} 50 +teleport_kubernetes_server_response_size_bytes_sum{} 1234500 +teleport_kubernetes_server_response_size_bytes_count{} 50 + +# TYPE teleport_kubernetes_server_exec_in_flight_sessions gauge +teleport_kubernetes_server_exec_in_flight_sessions{} 4 + +# TYPE teleport_kubernetes_server_exec_sessions_total counter +teleport_kubernetes_server_exec_sessions_total{} 89 + +# TYPE teleport_kubernetes_server_portforward_in_flight_sessions gauge +teleport_kubernetes_server_portforward_in_flight_sessions{} 3 + +# TYPE teleport_kubernetes_server_portforward_sessions_total counter +teleport_kubernetes_server_portforward_sessions_total{} 107 + +# TYPE teleport_kubernetes_server_join_in_flight_sessions gauge +teleport_kubernetes_server_join_in_flight_sessions{} 2 + +# TYPE teleport_kubernetes_server_join_sessions_total counter +teleport_kubernetes_server_join_sessions_total{} 76 + +# TYPE teleport_db_messages_from_client_total counter +# HELP teleport_db_messages_from_client_total Number of messages (packets) received from the DB client +teleport_db_messages_from_client_total 10 + +# TYPE teleport_db_messages_from_server_total counter +# HELP teleport_db_messages_from_server_total Number of messages (packets) received from the DB server +teleport_db_messages_from_server_total 5 + +# TYPE teleport_db_method_call_count_total counter +# HELP teleport_db_method_call_count_total Number of times a DB method was called +teleport_db_method_call_count_total 20 + +# TYPE teleport_db_method_call_latency_seconds histogram +# HELP teleport_db_method_call_latency_seconds Call latency for a DB method calls +teleport_db_method_call_latency_seconds_bucket{le="0.005"} 5 +teleport_db_method_call_latency_seconds_bucket{le="0.01"} 10 +teleport_db_method_call_latency_seconds_bucket{le="0.025"} 15 +teleport_db_method_call_latency_seconds_bucket{le="0.05"} 18 +teleport_db_method_call_latency_seconds_bucket{le="0.1"} 20 +teleport_db_method_call_latency_seconds_count 20 +teleport_db_method_call_latency_seconds_sum 0.2 + +# TYPE teleport_db_initialized_connections_total counter +# HELP teleport_db_initialized_connections_total Number of initialized DB connections +teleport_db_initialized_connections_total 3 + +# TYPE teleport_db_active_connections_total gauge +# HELP teleport_db_active_connections_total Number of active DB connections +teleport_db_active_connections_total 2 + +# TYPE teleport_db_connection_durations_seconds histogram +# HELP teleport_db_connection_durations_seconds Duration of DB connection +teleport_db_connection_durations_seconds_bucket{le="1"} 3 +teleport_db_connection_durations_seconds_bucket{le="5"} 6 +teleport_db_connection_durations_seconds_bucket{le="10"} 8 +teleport_db_connection_durations_seconds_bucket{le="+Inf"} 8 +teleport_db_connection_durations_seconds_count 8 +teleport_db_connection_durations_seconds_sum 43 + +# TYPE teleport_db_connection_setup_time_seconds histogram +# HELP teleport_db_connection_setup_time_seconds Initial time to setup DB connection, before any requests are handled +teleport_db_connection_setup_time_seconds_bucket{le="0.01"} 2 +teleport_db_connection_setup_time_seconds_bucket{le="0.1"} 4 +teleport_db_connection_setup_time_seconds_bucket{le="1"} 6 +teleport_db_connection_setup_time_seconds_bucket{le="+Inf"} 6 +teleport_db_connection_setup_time_seconds_count 6 +teleport_db_connection_setup_time_seconds_sum 2.5 + +# TYPE teleport_db_errors_total counter +# HELP teleport_db_errors_total Number of synthetic DB errors sent to the client +teleport_db_errors_total 2 + +# TYPE bpf_lost_command_events counter +bpf_lost_command_events{} 320 + +# TYPE bpf_lost_disk_events counter +bpf_lost_disk_events{} 214 + +# TYPE bpf_lost_network_events counter +bpf_lost_network_events{} 587 \ No newline at end of file diff --git a/teleport/tests/test_auth.py b/teleport/tests/test_auth.py new file mode 100644 index 0000000000000..5e7e8754fa409 --- /dev/null +++ b/teleport/tests/test_auth.py @@ -0,0 +1,108 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +import pytest + +from datadog_checks.teleport import TeleportCheck + +from .common import ( + AUTH_AUDIT_LOG_METRICS, + AUTH_BACKEND_CACHE_METRICS, + AUTH_BACKEND_DYNAMO_METRICS, + AUTH_BACKEND_ETCD_METRICS, + AUTH_BACKEND_FIRESTORE_METRICS, + AUTH_BACKEND_GCP_GCS_METRICS, + AUTH_BACKEND_S3_METRICS, + AUTH_METRICS, +) + +pytestmark = [pytest.mark.unit] + + +def test_auth_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in AUTH_METRICS: + aggregator.assert_metric(f"teleport.{metric}") + aggregator.assert_metric_has_tag(f"teleport.{metric}", "teleport_service:auth") + + +def test_auth_audit_log_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in AUTH_AUDIT_LOG_METRICS: + aggregator.assert_metric(f"teleport.{metric}") + aggregator.assert_metric_has_tag(f"teleport.{metric}", "teleport_service:auth") + + +def test_auth_backend_s3_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in AUTH_BACKEND_S3_METRICS: + aggregator.assert_metric(f"teleport.{metric}") + aggregator.assert_metric_has_tag(f"teleport.{metric}", "teleport_service:auth") + + +def test_auth_backend_cache_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in AUTH_BACKEND_CACHE_METRICS: + aggregator.assert_metric(f"teleport.{metric}") + aggregator.assert_metric_has_tag(f"teleport.{metric}", "teleport_service:auth") + + +def test_auth_backend_dynamo_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in AUTH_BACKEND_DYNAMO_METRICS: + aggregator.assert_metric(f"teleport.{metric}") + aggregator.assert_metric_has_tag(f"teleport.{metric}", "teleport_service:auth") + + +def test_auth_backend_firestore_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in AUTH_BACKEND_FIRESTORE_METRICS: + aggregator.assert_metric(f"teleport.{metric}") + aggregator.assert_metric_has_tag(f"teleport.{metric}", "teleport_service:auth") + + +def test_auth_backend_gcp_gcs_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in AUTH_BACKEND_GCP_GCS_METRICS: + aggregator.assert_metric(f"teleport.{metric}") + aggregator.assert_metric_has_tag(f"teleport.{metric}", "teleport_service:auth") + + +def test_auth_backend_etcd_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in AUTH_BACKEND_ETCD_METRICS: + aggregator.assert_metric(f"teleport.{metric}") + aggregator.assert_metric_has_tag(f"teleport.{metric}", "teleport_service:auth") diff --git a/teleport/tests/test_bpf.py b/teleport/tests/test_bpf.py new file mode 100644 index 0000000000000..590cc08080752 --- /dev/null +++ b/teleport/tests/test_bpf.py @@ -0,0 +1,21 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +import pytest + +from datadog_checks.teleport import TeleportCheck + +from .common import BPF_METRICS + +pytestmark = [pytest.mark.unit] + + +def test_bpf_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in BPF_METRICS: + aggregator.assert_metric(f"teleport.{metric}") diff --git a/teleport/tests/test_common.py b/teleport/tests/test_common.py new file mode 100644 index 0000000000000..cecb28bf5bb77 --- /dev/null +++ b/teleport/tests/test_common.py @@ -0,0 +1,31 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +import pytest + +from datadog_checks.teleport import TeleportCheck + +from .common import BAD_HOSTNAME_INSTANCE, COMMON_METRICS + +pytestmark = [pytest.mark.unit] + + +def test_connect_exception(dd_run_check, aggregator, caplog): + with pytest.raises(Exception, match="Failed to resolve 'invalid-hostname'"): + check = TeleportCheck("teleport", {}, [BAD_HOSTNAME_INSTANCE]) + dd_run_check(check) + + aggregator.assert_metric("teleport.health.up", value=0, count=1, tags=["teleport_status:unreachable"]) + assert "Cannot connect to Teleport HTTP diagnostic health endpoint" in caplog.text + + +def test_common_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in COMMON_METRICS: + aggregator.assert_metric(f"teleport.{metric}") + aggregator.assert_metric_has_tag(f"teleport.{metric}", "teleport_service:teleport") diff --git a/teleport/tests/test_database.py b/teleport/tests/test_database.py new file mode 100644 index 0000000000000..ce5e46c0d75a1 --- /dev/null +++ b/teleport/tests/test_database.py @@ -0,0 +1,22 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +import pytest + +from datadog_checks.teleport import TeleportCheck + +from .common import DATABASE_METRICS + +pytestmark = [pytest.mark.unit] + + +def test_database_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in DATABASE_METRICS: + aggregator.assert_metric(f"teleport.{metric}") + aggregator.assert_metric_has_tag(f"teleport.{metric}", "teleport_service:database") diff --git a/teleport/tests/test_e2e.py b/teleport/tests/test_e2e.py new file mode 100644 index 0000000000000..e515410bea863 --- /dev/null +++ b/teleport/tests/test_e2e.py @@ -0,0 +1,20 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +import pytest + +from .common import COMMON_METRICS, INSTANCE + +pytestmark = pytest.mark.e2e + +CONFIG = { + 'init_config': {}, + 'instances': [INSTANCE], +} + + +def test_teleport_e2e(dd_agent_check): + aggregator = dd_agent_check(CONFIG) + aggregator.assert_metric("teleport.health.up", value=1, count=1, tags=["teleport_status:ok"]) + aggregator.assert_metric(f"teleport.{COMMON_METRICS[0]}") diff --git a/teleport/tests/test_integration.py b/teleport/tests/test_integration.py new file mode 100644 index 0000000000000..76e5ac2b0cda3 --- /dev/null +++ b/teleport/tests/test_integration.py @@ -0,0 +1,24 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +import pytest + +from datadog_checks.teleport import TeleportCheck + +from .common import COMMON_METRICS + +pytestmark = [pytest.mark.integration, pytest.mark.usefixtures("dd_environment")] + + +def test_connect_ok(aggregator, instance, dd_run_check): + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + aggregator.assert_metric("teleport.health.up", value=1, count=1, tags=["teleport_status:ok"]) + + +def test_check_collects_teleport_common_metrics(aggregator, instance, dd_run_check): + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + aggregator.assert_metric(f"teleport.{COMMON_METRICS[0]}") diff --git a/teleport/tests/test_kubernetes.py b/teleport/tests/test_kubernetes.py new file mode 100644 index 0000000000000..545eae94a53fa --- /dev/null +++ b/teleport/tests/test_kubernetes.py @@ -0,0 +1,22 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +import pytest + +from datadog_checks.teleport import TeleportCheck + +from .common import KUBERNETES_METRICS + +pytestmark = [pytest.mark.unit] + + +def test_kubernetes_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in KUBERNETES_METRICS: + aggregator.assert_metric(f"teleport.{metric}") + aggregator.assert_metric_has_tag(f"teleport.{metric}", "teleport_service:kubernetes") diff --git a/teleport/tests/test_prometheus.py b/teleport/tests/test_prometheus.py new file mode 100644 index 0000000000000..4609cd228e342 --- /dev/null +++ b/teleport/tests/test_prometheus.py @@ -0,0 +1,21 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +import pytest + +from datadog_checks.teleport import TeleportCheck + +from .common import PROMETHEUS_METRICS + +pytestmark = [pytest.mark.unit] + + +def test_prometheus_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in PROMETHEUS_METRICS: + aggregator.assert_metric(f"teleport.{metric}") diff --git a/teleport/tests/test_proxy.py b/teleport/tests/test_proxy.py new file mode 100644 index 0000000000000..80487779dd9ff --- /dev/null +++ b/teleport/tests/test_proxy.py @@ -0,0 +1,22 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +import pytest + +from datadog_checks.teleport import TeleportCheck + +from .common import PROXY_METRICS + +pytestmark = [pytest.mark.unit] + + +def test_proxy_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in PROXY_METRICS: + aggregator.assert_metric(f"teleport.{metric}") + aggregator.assert_metric_has_tag(f"teleport.{metric}", "teleport_service:proxy") diff --git a/teleport/tests/test_ssh.py b/teleport/tests/test_ssh.py new file mode 100644 index 0000000000000..246de6060c8c6 --- /dev/null +++ b/teleport/tests/test_ssh.py @@ -0,0 +1,22 @@ +# (C) Datadog, Inc. 2024-present +# All rights reserved +# Licensed under a 3-clause BSD style license (see LICENSE) + +import pytest + +from datadog_checks.teleport import TeleportCheck + +from .common import SSH_METRICS + +pytestmark = [pytest.mark.unit] + + +def test_ssh_teleport_metrics(dd_run_check, aggregator, instance, mock_http_response, metrics_path): + mock_http_response(file_path=metrics_path) + + check = TeleportCheck("teleport", {}, [instance]) + dd_run_check(check) + + for metric in SSH_METRICS: + aggregator.assert_metric(f"teleport.{metric}") + aggregator.assert_metric_has_tag(f"teleport.{metric}", "teleport_service:ssh")