Monitoring¶
rescaled WAF exposes a configurable Prometheus metrics endpoint you can scrape.
Based on these metrics you can either build your own Grafana dashboards or use one of the pre-built dashboards that are provided by rescaled.
Configuration¶
In order to enable the Prometheus metrics endpoint, the approrpiate feature flag needs to be enabled.
features:
# Prometheus metrics endpoint. When enabled, serves metrics on the
# health server (same port as /healthz).
metrics:
enabled: false
# Path for the metrics endpoint.
path: "/metrics"
The metrics server re-uses the same HTTP server that is being used to expose the health endpoint, just with a different path.
Exposed Metrics¶
| Metric | Description |
|---|---|
rescaled_waf_request_processing_duration_seconds |
Per-stream processing time for each request in buckets. |
rescaled_waf_requests_total |
Requests by outcome. |
rescaled_waf_response_status_total |
HTTP status codes from terminal responses. |
rescaled_waf_policy_evaluations_total |
Total policy evaluations. |
rescaled_waf_policy_rule_matches_total |
Every rule match (terminal and non-terminal). |
rescaled_waf_weight_accumulated_total |
Total WEIGH points accumulated. |
rescaled_waf_hit_score_accumulated_total |
Total HIT points accumulated. |
rescaled_waf_challenges_issued_total |
Challenge pages served. |
rescaled_waf_challenges_verified_total |
Verification attempts by result. |
rescaled_waf_ip_blocks_total |
New IP blocks triggered. |
rescaled_waf_geoip_lookups_total |
GeoIP lookups by result. |
rescaled_waf_asn_lookups_total |
ASN lookups by result. |
rescaled_waf_build_info |
Build version info. |
rescaled_waf_policy_rules_compiled |
Number of compiled policy rules. |
rescaled_waf_ip_blocked_current |
Current number of dynamically blocked IPs. |