I have AM configured and added a bunch of custom metrics which are reporting fine to prometheus, but one metric I am trying to find is how to report by client (oauth / oidc) login events. I have the oauth_grant_total which has the client type for the oauth client, but not the client name. Does anyone have a prometheus query to get usage by oauth / application client from prometheus…or a metric to add that can report this?
Thanks
Nick
I don’t think of the monitoring solution as being so fine grained as to expose metrics based on named client.
I think of an audit solution to perform such tasks. Therefore metrics exposed by way of a reporting tool, targeting the audit logs; as opposed to a monitoring tool.
Nonetheless, you are correct, an extension of the monitoring class would be necessary. I’ll have a look at the options here.
Ok, if is not tracked in the OOTB oauth grant metrics, maybe we can look at the token modification scripts. Is there a way to report metrics in javascript you know of? Idea would be, for each scope issued, can have a metric document the scope then report on that given I have custom scopes for each client.
Nick
Are you aware that the monitoring framework exposes metrics that are maintained in the operating memory of AM? That there is no parsing of logs. Therefore, are you certain you want to store such verbose data in the operating memory of the jvm hosting AM??
Let alone the fact that such useful data can be exposed in the audit logs. Truly, the best way to report such metrics is by your “reporting” implementation targeting the Audit framework.