|
5 | 5 | [](https://quay.io/repository/webdevops/azure-keyvault-exporter) |
6 | 6 | [](https://artifacthub.io/packages/search?repo=azure-keyvault-exporter) |
7 | 7 |
|
8 | | -Prometheus exporter for Azure Keyvaults which exports general information and dates (created, updated, notBefore, expiry) for secrets, keys and certificates. |
| 8 | +Prometheus exporter for Azure KeyVaults which exports general information and dates (created, updated, notBefore, expiry) for secrets, keys and certificates. |
9 | 9 |
|
10 | 10 | ## Configuration |
11 | 11 |
|
12 | | -Normally no configuration is needed but can be customized using environment variables. |
13 | | - |
14 | 12 | ``` |
15 | 13 | Usage: |
16 | 14 | azure-keyvault-exporter [OPTIONS] |
17 | 15 |
|
18 | 16 | Application Options: |
19 | 17 | --log.debug debug mode [$LOG_DEBUG] |
20 | | - --log.trace trace mode [$LOG_TRACE] |
| 18 | + --log.devel development mode [$LOG_DEVEL] |
21 | 19 | --log.json Switch log output to json format [$LOG_JSON] |
22 | 20 | --azure.environment= Azure environment name (default: AZUREPUBLICCLOUD) [$AZURE_ENVIRONMENT] |
23 | 21 | --azure.subscription= Azure subscription ID (space delimiter) [$AZURE_SUBSCRIPTION_ID] |
24 | | - --azure.resourcegroup= Azure ResourceGroup [$AZURE_RESOURCEGROUP] |
25 | 22 | --azure.resource-tag= Azure Resource tags (space delimiter) (default: owner) [$AZURE_RESOURCE_TAG] |
| 23 | + --keyvault.filter= Filter KeyVaults via ResourceGraph kusto filter, query: 'resource | ${filter} | project id' [$KEYVAULT_FILTER] |
| 24 | + --cache.path= Cache path (to folder, file://path... or azblob://storageaccount.blob.core.windows.net/containername) |
| 25 | + [$CACHE_PATH] |
26 | 26 | --scrape.time= Default scrape time (time.duration) (default: 5m) [$SCRAPE_TIME] |
27 | 27 | --scrape.concurrency= Defines who many Keyvaults can be scraped at the same time (default: 10) [$SCRAPE_CONCURRENCY] |
28 | 28 | --server.bind= Server address (default: :8080) [$SERVER_BIND] |
@@ -53,44 +53,13 @@ for Azure API authentication (using ENV vars) see following documentations: |
53 | 53 |
|
54 | 54 | ### ResourceTags handling |
55 | 55 |
|
56 | | -Tag can be dynamically added to metrics and processed though filters |
57 | | - |
58 | | -format is: `tagname?filter1` or `tagname?filter1&filter2` |
59 | | - |
60 | | -| Tag filter | Description | |
61 | | -|------------|-----------------------------| |
62 | | -| `toLower` | Lowercasing Azure tag value | |
63 | | -| `toUpper` | Uppercasing Azure tag value | |
| 56 | +see [armclient tagmanager documentation](https://github.com/webdevops/go-common/blob/main/azuresdk/README.md#tag-manager) |
64 | 57 |
|
65 | 58 | ### AzureTracing metrics |
66 | 59 |
|
67 | | -(with 22.2.0 and later) |
68 | | - |
69 | | -Azuretracing metrics collects latency and latency from azure-sdk-for-go and creates metrics and is controllable using |
70 | | -environment variables (eg. setting buckets, disabling metrics or disable autoreset). |
71 | | - |
72 | | -| Metric | Description | |
73 | | -|------------------------------------------|----------------------------------------------------------------------------------------| |
74 | | -| `azurerm_api_ratelimit` | Azure ratelimit metrics (only on /metrics, resets after query due to limited validity) | |
75 | | -| `azurerm_api_request_*` | Azure request count and latency as histogram | |
76 | | - |
77 | | -#### Settings |
| 60 | +see [armclient tracing documentation](https://github.com/webdevops/go-common/blob/main/azuresdk/README.md#azuretracing-metrics) |
78 | 61 |
|
79 | | -| Environment variable | Example | Description | |
80 | | -|------------------------------------------|------------------------------------|----------------------------------------------------------------| |
81 | | -| `METRIC_AZURERM_API_REQUEST_BUCKETS` | `1, 2.5, 5, 10, 30, 60, 90, 120` | Sets buckets for `azurerm_api_request` histogram metric | |
82 | | -| `METRIC_AZURERM_API_REQUEST_ENABLE` | `false` | Enables/disables `azurerm_api_request_*` metric | |
83 | | -| `METRIC_AZURERM_API_REQUEST_LABELS` | `apiEndpoint, method, statusCode` | Controls labels of `azurerm_api_request_*` metric | |
84 | | -| `METRIC_AZURERM_API_RATELIMIT_ENABLE` | `false` | Enables/disables `azurerm_api_ratelimit` metric | |
85 | | -| `METRIC_AZURERM_API_RATELIMIT_AUTORESET` | `false` | Enables/disables `azurerm_api_ratelimit` autoreset after fetch | |
| 62 | +### Caching |
86 | 63 |
|
| 64 | +see [prometheus collector cache documentation](https://github.com/webdevops/go-common/blob/main/prometheus/README.md#caching) |
87 | 65 |
|
88 | | -| `azurerm_api_request` label | Status | Description | |
89 | | -|-----------------------------|--------------------|----------------------------------------------------------------------------------------------------------| |
90 | | -| `apiEndpoint` | enabled by default | hostname of endpoint (max 3 parts) | |
91 | | -| `routingRegion` | enabled by default | detected region for API call, either routing region from Azure Management API or Azure resource location | |
92 | | -| `subscriptionID` | enabled by default | detected subscriptionID | |
93 | | -| `tenantID` | enabled by default | detected tenantID (extracted from jwt auth token) | |
94 | | -| `resourceProvider` | enabled by default | detected Azure Management API provider | |
95 | | -| `method` | enabled by default | HTTP method | |
96 | | -| `statusCode` | enabled by default | HTTP status code | |
0 commit comments