Monitoring Vault
The Vault sensor is automatically deployed and installed after you install the Instana agent.
Supported Versions
Currently supported versions for metrics and configuration data are all above 1.0.0.
Configuration
To enable sensor to gather metrics and configuration data you need to insert valid token in <agent_install_dir>/etc/instana/configuration.yaml
:
com.instana.plugin.vault:
token: '<INSERT_TOKEN_HERE>'
The authentication method for HashiCorp Vault Instana integration uses the Token Auth Method (API). Paths required for token are: /sys/health
and
/sys/metrics
and required capability is read
.
Metrics collection
To view the metrics, select Infrastructure in the sidebar of the Instana User interface, click a specific monitored host, and then you can see a host dashboard with all the collected metrics and monitored processes.
Configuration data
- Process ID
- Version
- Initialized
- Sealed
- Standby
- Performance standby
- Start time
Performance metrics
Metric | Description | Granularity |
---|---|---|
Secrets created count | Number of secrets created | 1 second |
Secrets created duration | The time taken to create secrets | 1 second |
Secrets read count | Number of secrets read | 1 second |
Secrets read duration | The time taken to read secrets | 1 second |
Secrets updated count | Number of secrets updated | 1 second |
Secrets updated duration | The time taken to update secrets | 1 second |
Secrets deleted count | Number of secrets deleted | 1 second |
Secrets deleted duration | The time taken to delete secrets | 1 second |
Tokens created count | Number of tokens created | 1 second |
Tokens created duration | The time taken to create a token | 1 second |
Tokens lookup count | Number of token lookups | 1 second |
Tokens lookup duration | The time taken to lookup a token | 1 second |
Leader failure lost | Duration of time taken by cluster leadership losses which have occurred in a highly available Vault cluster | 1 second |
Leader failure setup failed | Duration of time taken by cluster leadership setup failures which have occurred in a highly available Vault cluster | 1 second |
Audit log request count | Number of all audit log requests across all audit log devices | 1 second |
Audit log request failure | Number of audit log request failures | 1 second |
Audit log request count duration | Duration of time taken by all audit log requests across all audit log devices | 1 second |
Audit log response count | Number of all audit log responses across all audit log devices | 1 second |
Audit log response failure | Number of audit log response failures | 1 second |
Audit log response count duration | Duration of time taken by all audit log responses across all audit log devices | 1 second |
Barrier operation put | Number of PUT operations at the barrier | 1 second |
Barrier operation get | Number of GET operations at the barrier | 1 second |
Barrier operation delete | Number of DELETE operations at the barrier | 1 second |
Barrier operation list | Number of LIST operations at the barrier | 1 second |
Secrets engine error initialize | Number of database secrets engine initialization operation errors across all database secrets engines | 1 second |
Secrets engine error close | Number of database secrets engine close operation errors across all database secrets engines | 1 second |
Secrets engine error create user | Number of user creation operation errors across all database secrets engines | 1 second |
Secrets engine error renew user | Number of user renewal operation errors across all database secrets engines | 1 second |
Secrets engine error revoke user | Number of user revocation operation errors across all database secrets engines | 1 second |
Health signatures
For each sensor, there is a curated knowledgebase of health signatures that are evaluated continuously against the incoming metrics and are used to raise issues or incidents depending on user impact.
Built-in events trigger issues or incidents based on failing health signatures on entities, and custom events trigger issues or incidents based on defined thresholds of any given entity's individual metrics.
For information about built-events for the Vault, see the Built-in events reference.