vault icon indicating copy to clipboard operation
vault copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

[metrics] missing vault.identity.entity.creation

Open bogaertg opened this issue 3 years ago • 1 comments

Describe the bug It seems that vault.identity.entity.creation wasn't exposed on metrics endpoint

To Reproduce Steps to reproduce the behavior:

  1. Run curl https://$VAULT_ADDR/v1/sys/metrics\?format\=prometheus | grep identity_entity
  2. Analyse output
# TYPE vault_identity_entity_active_partial_month gauge
vault_identity_entity_active_partial_month{cluster="vault-cluster-xxxxxx"} 16
# HELP vault_identity_entity_alias_count vault_identity_entity_alias_count
# TYPE vault_identity_entity_alias_count gauge
vault_identity_entity_alias_count{auth_method="gcp",cluster="vault-cluster-xxxx",mount_point="auth/gcp/",namespace="xxxx"} 1
vault_identity_entity_alias_count{auth_method="jwt",cluster="vault-cluster-xxxxx",mount_point="auth/jwt/",namespace="xxxx"} 2
vault_identity_entity_alias_count{auth_method="jwt",cluster="vault-cluster-xxxxx",mount_point="auth/jwt/",namespace="xxxx"} 1
vault_identity_entity_alias_count{auth_method="kubernetes",cluster="vault-cluster-xxxxx",mount_point="auth/kubernetes/",namespace="xxxx"} 1
vault_identity_entity_alias_count{auth_method="kubernetes",cluster="vault-cluster-xxxxx",mount_point="auth/kubernetes/gke-xxxxx/",namespace="xxxx"} 1
vault_identity_entity_alias_count{auth_method="oidc",cluster="vault-cluster-xxxxx",mount_point="auth/oidc/",namespace="xxxxx"} 4
# HELP vault_identity_entity_count vault_identity_entity_count
# TYPE vault_identity_entity_count gauge
vault_identity_entity_count{cluster="vault-cluster-xxxxx",namespace="xxxx"} 0
vault_identity_entity_count{cluster="vault-cluster-xxxxx",namespace="xxxx"} 1
vault_identity_entity_count{cluster="vault-cluster-xxxxx",namespace="xxxx"} 3
vault_identity_entity_count{cluster="vault-cluster-xxxxx",namespace="xxxx"} 0
vault_identity_entity_count{cluster="vault-cluster-xxxxx",namespace="xxxx"} 31
vault_identity_entity_count{cluster="vault-cluster-xxxxx",namespace="xxxx"} 1
  1. There is no vault.identity.entity.creation

Expected behavior Expected entity metrics from documentation

Environment:

  • Vault Server Version (retrieve with vault status): 1.11.0+ent with client counts
  • Vault CLI Version (retrieve with vault version):
  • Server Operating System/Architecture: Vault enterprise on K8s cluster

bogaertg avatar Jul 15 '22 13:07 bogaertg

I can try to take a look into this if that's alright.

teddylear avatar Jul 19 '22 00:07 teddylear

This may be working as expected where typically create / creation matrices are only reported after the events occur and for a limited period - not all the time / constantly.

Hey @bogaertg can you share the (HCL)Vault config file you used?

aphorise avatar Sep 05 '22 00:09 aphorise