Name | Description |
---|---|
certusine_up | A gauge that produces a constant value of 1 for as long as the certusine client is running. |
certusine_dns_challenge_failures | A counter that is incremented every time a DNS challenge fails during certificate renewal. |
certusine_signing_failures | A counter that is incremented every time certificate signing fails during certificate renewal. |
certusine_renewal_failures | A counter that is incremented every time certificate renewal completely fails. This is an important metric for error monitoring; any non-zero value for this metric should be considered a problem. |
certusine_renewal_successes | A counter that is incremented every time certificate renewal completely succeeds. This is an important metric for error monitoring; if this metric remains continually at zero, this should likely be considered a problem. |
certusine_certificates_stored | A counter that is incremented every time certificates are stored. The package redundantly stores certificates many times, so this metric will be incremented frequently. |
certusine_certificates_store_failures | A counter that is incremented every time certificates fail to be stored. If this metric is trending upwards, it may mean that certificates are not being distributed to systems that depend upon them. |
certusine_certificate_time_remaining | A gauge that displays the age of all the certificates that are currently in the certificate store. Certificates can be distinguished by their domain and certificate name labels/attributes. This is an important metric for alerting. |
certusine_certificate_expiration_threshold | A gauge that displays the configured expiration threshold in seconds. This is useful when combined with the certusine_certificate_time_remaining metric for alerting. |
rate(certusine_renewal_failures_total[30m]) > bool 0
certusine_certificate_time_remaining{} < 252000
max(certusine_certificate_time_remaining{}) < bool max(certusine_certificate_expiration_threshold{})
Name | Description |
---|---|
certusine.type | CSEventCertificateDNSChallengeFailed |
certusine.domain | The domain containing the certificate that failed. |
certusine.certificate | The name of the certificate that failed. |
Name | Description |
---|---|
certusine.type | CSEventCertificateRenewalFailed |
certusine.domain | The domain containing the certificate that failed. |
certusine.certificate | The name of the certificate that failed. |
Name | Description |
---|---|
certusine.type | CSEventCertificateRenewalSucceeded |
certusine.domain | The domain that succeeded. |
certusine.certificate | The name of the certificate that was renewed. |
Name | Description |
---|---|
certusine.type | CSEventCertificateSigningFailed |
certusine.domain | The domain containing the certificate that failed. |
certusine.certificate | The name of the certificate that failed. |
Name | Description |
---|---|
certusine.type | CSEventCertificateStored |
certusine.domain | The domain containing the certificate that was stored. |
certusine.certificate | The name of the certificate that was stored. |
certusine.target | The name of the output to which the certificate was stored. |
Name | Description |
---|---|
certusine.type | CSEventCertificateStoreFailed |
certusine.domain | The domain containing the certificate that could not be stored. |
certusine.certificate | The name of the certificate that could not be stored. |
certusine.target | The name of the output to which the certificate could not be stored. |
count(rate({level="ERROR"} | json | attributes_certusine_type=`CSEventCertificateRenewalFailed`[30m])) > bool 0