mirror of
https://github.com/Unleash/unleash.git
synced 2024-10-18 20:09:08 +02:00
3edca3efe8
## About the changes Prometheus metrics should not be exposed to the public. Added a note about this to inform people that internal endpoints should be dropped on external access. ## Discussion points https://unleash-community.slack.com/archives/CGP2MCHPF/p1666688295670459 ## Commits * [docs]: Update Prometheus docs with security info * Apply suggestions from code review Co-authored-by: Thomas Heartman <thomas@getunleash.ai> * Add info about Prometheus security Co-authored-by: Thomas Heartman <thomas@getunleash.ai>
27 lines
1.3 KiB
Markdown
27 lines
1.3 KiB
Markdown
---
|
|
id: internal
|
|
title: /internal-backstage/prometheus
|
|
---
|
|
|
|
# Internal Backstage API
|
|
|
|
`GET http://unleash.host.com/internal-backstage/prometheus`
|
|
|
|
Unleash uses Prometheus internally to collect metrics. By default, the metrics are available at `/internal-backstage/prometheus`. You can disable this endpoint by setting the `serverMetrics` option to `false`.
|
|
|
|
Note that it's not recommended to expose Prometheus metrics to the public as of the [Prometheus pentest-report](https://prometheus.io/assets/downloads/2018-06-11--cure53_security_audit.pdf) issue PRM-01-002. Thus, if you want to keep metrics enabled, you should block all external access to `/internal-backstage/*` on the network layer to keep your instance secure.
|
|
|
|
[Read more about Prometheus](https://prometheus.io/)
|
|
|
|
## Annotations {#annotations}
|
|
|
|
Unleash will automatically count all updates for all toggles under the metric name `feature_toggle_update_total`, and the toggle name is will be set as a label value. This information can be used to create annotations in grafana for everytime a feature toggle is changed.
|
|
|
|
You can use this query in grafana to achieve this:
|
|
|
|
```
|
|
delta(feature_toggle_update_total{toggle="Demo"}[1m]) != bool 0
|
|
```
|
|
|
|
Another useful counter is the `feature_toggle_usage_total` which will give you the numbers for how many times a feature toggle has been evaluated to `active` or not.
|