Configuring Prometheus Exporter PRO for Confluence
All examples in this article are applied to Confluence. But the same can be applied to Jira and Bitbucket.
Configuring Prometheus Exporter Metric Collector
Prometheus Exporter gathers some metrics by a schedule job which means that you will have up to date values for such metrics only if the job has been performed. For other metrics you always get up to date values. You can find information which metrics are gathered by the schedule job here.
By default the run interval for the job equals to 2 minutes. You can change it if you go to cog wheel → General Configuration → Prometheus Exporter → General:
Enter the required period in the Metric Collector Job Interval (minutes) input field and push the Save button.
Also you can see the exposed metrics if you click on the here link. The here link is unavailable if you chose the Basic Auth (Bearer) authentication type.
Also in the screen above you can see the Last Execution time of the schedule job.
Request Settings
By default Prometheus Exporter collects duration of web requests (duration includes spent time of a web request on the server side. It does not include the time spent on the client and network connection) This metric is called confluence_request_duration_on_path (jira_request_duration_on_path for Jira, bitbucket_request_duration_on_path for Bitbucket)
It is a histogram metric. Each metric has a label which provides the path, which were executed.
For example:
confluence_request_duration_on_path_sum{path="/rest",} 11.873832757
It shows how long all requests to the /rest path took.
By default all urls are cut to the first level. For example, let's say you called the following url : http://localhost:8090/rest/api/space. The first path which contains the domain and the port of the server will be cut. Also if the url contains the context it will be also cut. In the result we have the following url: /rest/api/space. Now only the first level will be taken which is /rest and set as the label for the metric. If you do not need the default behaviour you can unclick the "Collect duration for default urls" checkbox. As the result the confluence_request_duration_on_path metric will not be collected.
Now suppose that you want to collect information only for certain rest calls. For example, for /rest/api/space. In this case you can enter this line into the "Add url to collect metrics" field, push the Add button and then the Save button.
Now if you execute the /rest/api/space rest endpoint you will be able to see metrics on the request:
confluence_request_duration_on_path_sum{path="/rest/api/space",} 0.01212779
You can also provide the asterisk sign as a wildcard. For example,
/pages/createpage.action?*spaceKey* /pages/createpage.action?*spaceKey=d*
The asterisk sign can represent any number of characters (including zero). If you specified a "co*" it would use "co", "coca-cola", "cone" and anything that starts with “co”. "n*l" could be null, nutritional, nonparallel, and anything that starts with an n and ends with an l.
If multiple added urls satisfy the current web request url then the added url with most characters will be chosen as the label for the confluence_request_duration_on_path metric.
For example, in the example above, if both added urls (/pages/createpage.action?*spaceKey*, /pages/createpage.action?*spaceKey=d*) satisfy the current web request url (/pages/createpage.action?spaceKey=ds) then the /pages/createpage.action?*spaceKey=d* will be chosen (37 characters against 35 characters) as the label for the confluence_request_duration_on_path metric.
Securing Prometheus Exporter
To secure Prometheus Exporter you need to go to cog wheel → General Configuration → Prometheus Exporter → Security
But default no authentication is chosen for Prometheus Exporter which means that your metrics can be pulled by any user.
If you want to secure your Prometheus Exporter then you have two options: URL token and Basic Auth (Bearer)
URL Token
To secure Prometheus Exporter by URL token you should choose the URL Token option in the Authentication Type select field:
The Token input field will be automatically generated but if you wish to regenerate the token you can click on the Generate link button.
The URL Token Authentication means that the token will be sent in the URL in your browser.
Your prometheus.yml file should look like this:
- job_name: 'confluence' scheme: https # change to http if you don't have https metrics_path: '/<your_confluence_context_path>/plugins/servlet/prometheus/metrics' params: token: ['bhELVroDYjRAtZCGEJPBElj00Sk6aP2Pn6O'] static_configs: - targets: ['myhost:1990'] # Confluence host and port you serve
Basic Auth (Bearer)
To secure Prometheus Exporter by Basic Auth (Bearer) you should choose the Basic Auth (Bearer) option in the Authentication Type select field:
For this authentication type the token will be sent in the Authorization header of the request.
You should configure the prometheus.yml file for the Basic Auth (Bearer) like this:
- job_name: 'confluence' scheme: https #change to http if don't you have https metrics_path: '/<your_confluence_context_path>/plugins/servlet/prometheus/metrics' bearer_token: 'bhELVroDYjRAtZCGEJPBElj00Sk6aP2Pn6O' static_configs: - targets: ['myhost:1990']
Token Expiration
If you chose the URL Token or Basic Auth (Bearer) type authentication then you can set your token to be expired.
Go to cog wheel → General Configuration → Prometheus Exporter → Security and click on the Expire Token checkbox:
By default the token will expire in 30 days but you can change this period by changing the value of the input filed below the Expire Token checkbox.