Metric label values truncated when using OpenMetrics endpoint
Daan van Gorkum
daan.vangorkum at vusam.com
Thu Aug 27 05:04:20 EEST 2020
Hi Jeff,
Thanks again for your insights. I understand that a lot of features are pending and it's totally fine, we're just very eager to use all these features.
Reagarding the logging of failed attempts I did try to configure this in these two metrics:
metric auth_client_userdb_lookup_finished {
event_name = auth_client_userdb_lookup_finished
group_by = service local_ip remote_ip user
}
metric auth_client_passdb_lookup_finished {
event_name = auth_client_passdb_lookup_finished
group_by = service local_ip remote_ip user
}
In both our testing and production environment these are not increasing and stay at 0:
$ sudo curl 0:9166/metrics -s | grep -E 'dovecot_auth_client_(user|pass)db_lookup_finished'
# HELP dovecot_auth_client_userdb_lookup_finished_count Total number
# TYPE dovecot_auth_client_userdb_lookup_finished_count counter
dovecot_auth_client_userdb_lookup_finished_count 0 1598493762018
# HELP dovecot_auth_client_userdb_lookup_finished_duration_usecs_sum Duration
# TYPE dovecot_auth_client_userdb_lookup_finished_duration_usecs_sum counter
dovecot_auth_client_userdb_lookup_finished_duration_usecs_sum 0 1598493762018
# HELP dovecot_auth_client_passdb_lookup_finished_count Total number
# TYPE dovecot_auth_client_passdb_lookup_finished_count counter
dovecot_auth_client_passdb_lookup_finished_count 0 1598493762018
# HELP dovecot_auth_client_passdb_lookup_finished_duration_usecs_sum Duration
# TYPE dovecot_auth_client_passdb_lookup_finished_duration_usecs_sum counter
dovecot_auth_client_passdb_lookup_finished_duration_usecs_sum 0 1598493762018
I will try to gather some more information and post it later. Let me know if you think there might be something up with the way we configure them.
Daan
________________________________
From: Josef 'Jeff' Sipek <jeff.sipek at open-xchange.com>
Sent: 26 August 2020 23:02
To: Daan van Gorkum <daan.vangorkum at vusam.com>
Cc: Dovecot Mailing List <dovecot at dovecot.org>
Subject: Re: Metric label values truncated when using OpenMetrics endpoint
On Tue, Aug 25, 2020 at 01:08:06 +0000, Daan van Gorkum wrote:
> Hi Jeff,
>
> Thanks for your reply!
>
> Regarding grouping by remote address, I understand and for now I'll keep a
> close eye. Maybe it's an option to group by /24 for ipv4 and /64 for IPv6?
Hrm, interesting idea. But the answer is: no, there isn't a way. The
simplest way to implement something like this would be to add a new
aggregating function. So one could do something like:
remote_ip:netmask4:24
remote_ip:netmask6:64
To get /24 and /64, respectively.
I'll throw this idea on the ever growing pile of things that can be worked
on :) Obviously, I can't make any promisses about this ever getting done.
> We currently do that based on the logs but the OpenMetrics endpoint seem a
> lot easier.
Aggregating based on a subnet definitely makes sense.
> A slight hijack of the original question: but I tried to log only IP
> addresses (+ result) of failed login attempts but it seems I cannot find a
> metric that would contain that information. Am I looking in the wrong
> direction? The auth_userdb_request_finished and
> auth_passdb_request_finished stats work as intended but they do not
> contain any information about the connecting client.
I haven't played with these events, but at least based on the docs [1],
auth_client_userdb_lookup_finished and auth_client_passdb_lookup_finished
events seem to have the remote_ip field as well as an error string on
failure. Does that give you the info you need?
Jeff.
[1] https://doc.dovecot.org/admin_manual/list_of_events/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20200827/fa30d69b/attachment.html>
More information about the dovecot
mailing list