diff --git a/docs/pages/setup/reference/metrics.mdx b/docs/pages/setup/reference/metrics.mdx index bf8af9d749b81..786c054ab1552 100644 --- a/docs/pages/setup/reference/metrics.mdx +++ b/docs/pages/setup/reference/metrics.mdx @@ -132,10 +132,11 @@ Teleport Cloud does not expose monitoring endpoints for the Auth Service and Pro | Name | Type | Component | Description | | - | - | - | - | -| `failed_connect_to_node_attempts_total` | counter | Teleport Proxy | Number of times a user failed connecting to a Node. | +| `failed_connect_to_node_attempts_total` | counter | Teleport Proxy | Number of failed SSH connection attempts to a node. Use with `teleport_connect_to_node_attempts_total` to get the failure rate. | | `failed_login_attempts_total` | counter | Teleport Proxy | Number of failed `tsh login` or `tsh ssh` logins. | | `proxy_connection_limit_exceeded_total` | counter | Teleport Proxy | Number of connections that exceeded the proxy connection limit. | | `proxy_missing_ssh_tunnels` | gauge | Teleport Proxy | Number of missing SSH tunnels. Used to debug if nodes have discovered all proxies. | +| `teleport_connect_to_node_attempts_total` | counter | Teleport Proxy | Number of SSH connection attempts to a node. Use with `failed_connect_to_node_attempts_total` to get the failure rate. | | `teleport_reverse_tunnels_connected` | gauge | Teleport Proxy | Number of reverse SSH tunnels connected to the Teleport Proxy Service by Teleport instances. | ## Teleport Nodes diff --git a/lib/srv/regular/proxy.go b/lib/srv/regular/proxy.go index 662d64504ab3b..75313bc9b8e74 100644 --- a/lib/srv/regular/proxy.go +++ b/lib/srv/regular/proxy.go @@ -55,11 +55,19 @@ var ( // failedConnectingToNode counts failed attempts to connect to a node failedConnectingToNode = prometheus.NewCounter( prometheus.CounterOpts{ Name: teleport.MetricFailedConnectToNodeAttempts, - Help: "Number of failed attempts to connect to a node", + Help: "Number of failed SSH connection attempts to a node. Use with `teleport_connect_to_node_attempts_total` to get the failure rate.", }, ) - prometheusCollectors = []prometheus.Collector{proxiedSessions, failedConnectingToNode} + connectingToNode = prometheus.NewCounter( + prometheus.CounterOpts{ + Namespace: teleport.MetricNamespace, + Name: teleport.MetricConnectToNodeAttempts, + Help: "Number of SSH connection attempts to a node. Use with `failed_connect_to_node_attempts_total` to get the failure rate.", + }, + ) + + prometheusCollectors = []prometheus.Collector{proxiedSessions, failedConnectingToNode, connectingToNode} ) // proxySubsys implements an SSH subsystem for proxying listening sockets from @@ -405,6 +413,7 @@ func (t *proxySubsys) proxyToHost( AddrNetwork: "tcp", Addr: serverAddr, } + connectingToNode.Inc() conn, err := site.Dial(reversetunnel.DialParams{ From: remoteAddr, To: toAddr, diff --git a/metrics.go b/metrics.go index 49ed320c614a5..71e5a8dda0602 100644 --- a/metrics.go +++ b/metrics.go @@ -49,6 +49,9 @@ const ( // MetricFailedLoginAttempts counts failed login attempts MetricFailedLoginAttempts = "failed_login_attempts_total" + // MetricConnectToNodeAttempts counts ssh attempts + MetricConnectToNodeAttempts = "connect_to_node_attempts_total" + // MetricFailedConnectToNodeAttempts counts failed ssh attempts MetricFailedConnectToNodeAttempts = "failed_connect_to_node_attempts_total"