Prometheus

Integrate open-appsec with Prometheus to collect and monitor key metrics related to WAF performance and behavior.

Configuration

Prerequisites

  • Access to a SaaS tenant on my.openappsec.io

  • An open-appsec Agent connected to a centrally managed Profile

    • If you don't have an agent see instructions on how to get started here.

    • If the agent is running as a container, ensure Prometheus port 7465 is open.

  • Prometheus Server

Instructions:

  1. In the Web UI, go to the Profiles page

  2. Click the profile assigned to your agent and switch to Advanced tab

  3. Under Advanced Settings, add:

    • Key: prometheus

    • Value: true

  4. Click Enforce Policy to apply changes

  1. Add a Job in your Prometheus Server configure the agent IP and Port, see example:

scrape_configs:
  - job_name: 'openappsec'
    static_configs:
      - targets: ['<agent-ip>:7465']

Supported Parameters

Display Name
Type
Description

nano_service_restarts_counter

LastReportedValue

watchdog process restart counter

total_requests_counter

Counter

total requests

unique_sources_counter

Counter

sources

requests_blocked_by_force_and_exception_counter

Counter

override: force exception and force block

requests_blocked_by_waf_counter

Counter

WAF blocked requests

requests_blocked_by_open_api_counter

Counter

API blocked requests

requests_blocked_by_bot_protection_counter

Counter

bot protection blocked requests

requests_threat_level_info_and_no_threat_counter

Counter

requests identified as info threat + none threat

requests_threat_level_low_counter

Counter

request identified as low threat

requests_threat_level_medium_counter

Counter

request identified as medium threat

requests_threat_level_high_counter

Average

request identified as high threat

post_requests_counter

Counter

post requests

get_requests_counter

Counter

get requests

put_requests_counter

Counter

put requests

patch_requests_counter

Counter

patch requests

delete_requests_counter

Counter

delete requests

other_requests_counter

Counter

other requests

2xx_status_code_responses_counter

Counter

response 2xx

4xx_status_code_responses_counter

Counter

response 4xx

5xx_status_code_responses_counter

Counter

response 5xx

requests_time_latency_average

Average

average latency

sql_injection_attacks_type_counter

Counter

SQL Injection

vulnerability_scanning_attacks_type_counter

Counter

Vulnerability Scanning

path_traversal_attacks_type_counter

Counter

Path Traversal

ldap_injection_attacks_type_counter

Counter

LDAP Injection

evasion_techniques_attacks_type_counter

Counter

Evasion Techniques

remote_code_execution_attacks_type_counter

Counter

Remote Code Execution

xml_extern_entity_attacks_type_counter

Counter

XML External Entity

cross_site_scripting_attacks_type_counter

Counter

Cross Site Scripting

general_attacks_type_counter

Counter

General

all_assets_counter

LastReportedValue

number of protected assets

prevent_action_matches_counter

Counter

prevent engine matches

detect_action_matches_counter

Counter

detect engine matches

ignore_action_matches_counter

Counter

ignore engine matches

cpu_usage_percentage_max

Max

Max CPU usage

cpu_usage_percentage_average

Average

Average CPU usage

cpu_usage_percentage_last_value

LastReportedValue

last CPU usage reported

service_virtual_memory_size_kb_max

Max

max service virtual memory size

service_virtual_memory_size_kb_min

Min

min service virtual memory size

service_virtual_memory_size_kb_average

Average

average service virtual memory size

service_physical_memory_size_kb_max

Max

max service RSS memory size

service_physical_memory_size_kb_min

Min

min service RSS memory size

service_physical_memory_size_kb_average

Average

average service RSS memory size

general_total_used_memory_max

Max

max general total memory size

general_total_used_memory_min

Min

min general total memory size

general_total_used_memory_average

Average

average general total memory size

Last updated

Was this helpful?