Skip to content

Old manual

You are reading the reference manual of an older release. Read the current manual »

Metrics

ContainerSSH contains a Prometheus-compatible metrics server which can be enabled using the following configuration:

metrics:
  enable: true # Defaults to false
  listen: "0.0.0.0:9100" # Set the listen address here
  path: "/metrics" # Defaults to /metrics

You can configure Prometheus to grab the following metrics:

containerssh_auth_server_failures
Number of failed requests to the authentication server since start.
containerssh_auth_success
Number of successful authentications since start. Contains labels for authtype (password or pubkey) and country (see below).
containerssh_auth_failures
Number of failed authentications since start. Contains labels for authtype (password or pubkey) and country (see below).
containerssh_config_server_failures
Number of failed requests to the configuration server since start.
containerssh_ssh_connections
Number of SSH connections since start. Contains a label for country (see below).
containerssh_ssh_handshake_successful
Number of successful SSH handshakes since start. Contains a label for country (see below).
containerssh_ssh_handshake_failed
Number of failed SSH handshakes since start. Contains a label for country (see below).
containerssh_ssh_current_connections
Number of currently open SSH connections. Contains a label for country (see below).

Country identification

Country identification works using GeoIP2 or GeoLite2 from MaxMind. This database needs to be provided to ContainerSSH externally due to licensing concerns.

The default path for the GeoIP database is /var/lib/GeoIP/GeoIP2-Country.mmdb, but you can change that using the following configuration snippet:

geoip:
  maxmind-geoip2-file: '/var/lib/GeoIP/GeoIP2-Country.mmdb'