Extend the platform,
empower your team.
Monitor your identity management tool with this prometheus-based extension
ExtensionKeycloak is an open source software product to allow single sign-on with identity and access management aimed at modern applications and services. Keycloak supports various protocols such as OpenID, OAuth version 2.0 and SAML and provides features such as user management, two-factor authentication, permissions and roles management and creating token services.
Monitor the different aspects for you Keycloak installation, including JVM statistics such as memory and CPU, user experience through the amount of user actions and errors and resource management such as token usage metrics.
Click on Add to environment to get started.
The extension can run on either an ActiveGate or a OneAgent. From an ActiveGate, there needs to be connectivty between the ActiveGate and the Keycloak prometheus endpoint (/metrics
). If running on a OneAgent, the endpoint has to be a local endpoint of the host (e.g. localhost:9090/metrics
).
Below is a complete list of the feature sets provided in this version. To ensure a good fit for your needs, individual feature sets can be activated and deactivated by your administrator during configuration.
Metric name | Metric key | Description | Unit |
---|---|---|---|
JVM unloaded classes | jvm_classes_unloaded_total.count | The total number of classes that have been unloaded since the JVM has started execution | Count |
JVM loaded classes | jvm_classes_loaded_total.count | The total number of classes that have been loaded since the JVM has started execution | Count |
JVM loaded classes | jvm_classes_loaded | The number of classes that are currently loaded in the JVM | Count |
Metric name | Metric key | Description | Unit |
---|---|---|---|
Resident memory | process_resident_memory_bytes | Resident memory size in bytes. | Byte |
Max open file descriptors | process_max_fds | Maximum number of open file descriptors. | Count |
Open file descriptors | process_open_fds | Number of open file descriptors. | Count |
Virtual memory | process_virtual_memory_bytes | Virtual memory size in bytes. | Byte |
CPU time | process_cpu_seconds_total.count | Total user and system CPU time spent in seconds. | Second |
Uptime | process_start_time_seconds | Start time of the process since unix epoch in seconds. | Second |
Metric name | Metric key | Description | Unit |
---|---|---|---|
Response count | keycloak_response_total.count | Total number of responses | Count |
Error responses | keycloak_response_errors.count | Total number of error responses | Count |
Metric name | Metric key | Description | Unit |
---|---|---|---|
Code to token count | keycloak_code_to_tokens.count | Total number of successful code to token | Count |
Code to token errors | keycloak_code_to_tokens_errors.count | Total number of failed code to token | Count |
Token refreshes | keycloak_refresh_tokens.count | Total number of successful token refreshes | Count |
Token refreshes errors | keycloak_refresh_tokens_errors.count | Total number of failed token refreshes | Count |
Metric name | Metric key | Description | Unit |
---|---|---|---|
JVM buffer pool capacity | jvm_buffer_pool_capacity_bytes | Bytes capacity of a given JVM buffer pool. | Byte |
JVM buffer pool used buffers | jvm_buffer_pool_used_buffers | Used buffers of a given JVM buffer pool. | Count |
JVM buffer pool used | jvm_buffer_pool_used_bytes | Used bytes of a given JVM buffer pool. | Byte |
Metric name | Metric key | Description | Unit |
---|---|---|---|
Total successful client logins | keycloak_client_logins.count | - | Count |
Failed client login attempts | keycloak_failed_client_login_attempts.count | - | Count |
Login attempts | keycloak_login_attempts.count | Total number of login attempts | Count |
Registration errors | keycloak_registrations_errors.count | Total errors on registrations | Count |
Total registered users | keycloak_registrations.count | - | Count |
Keycloak User Event LOGOUT | keycloak_user_event_LOGOUT.count | - | Count |
Keycloak User Event LOGOUT ERROR | keycloak_user_event_LOGOUT_ERROR.count | - | Count |
KeyCloak Admin event DELETE | keycloak_admin_event_DELETE.count | - | Count |
Keycloak User Event CUSTOM_REQUIRED_ACTION | keycloak_user_event_CUSTOM_REQUIRED_ACTION.count | - | Count |
Failed login attempts | keycloak_failed_login_attempts.count | - | Count |
KeyCloak Admin event UPDATE | keycloak_admin_event_UPDATE.count | - | Count |
KeyCloak Admin event ACTION | keycloak_admin_event_ACTION.count | - | Count |
Successful logins | keycloak_logins.count | Total successful logins | Count |
Keycloak User Event UNREGISTER NODE ERROR | keycloak_user_event_UNREGISTER_NODE_ERROR.count | - | Count |
Keycloak User Event FEDERATED IDENTITY LINK | keycloak_user_event_FEDERATED_IDENTITY_LINK.count | - | Count |
Keycloak User Event REGISTER NODE | keycloak_user_event_REGISTER_NODE.count | - | Count |
Keycloak User Event INVALID SIGNATURE ERROR | keycloak_user_event_INVALID_SIGNATURE_ERROR.count | - | Count |
Keycloak User Event GRANT CONSENT | keycloak_user_event_GRANT_CONSENT.count | - | Count |
Keycloak User Event IDENTITY PROVIDER LOGIN | keycloak_user_event_IDENTITY_PROVIDER_LOGIN.count | - | Count |
Keycloak User Event UPDATE TOTP ERROR | keycloak_user_event_UPDATE_TOTP_ERROR.count | - | Count |
Keycloak User Event OAUTH2 DEVICE CODE TO TOKEN ERROR | keycloak_user_event_OAUTH2_DEVICE_CODE_TO_TOKEN_ERROR.count | - | Count |
Metric name | Metric key | Description | Unit |
---|---|---|---|
- | keycloak_request_duration | - | - |
Metric name | Metric key | Description | Unit |
---|---|---|---|
Deadlocked threads | jvm_threads_deadlocked | Cycles of JVM-threads that are in deadlock waiting to acquire object monitors or ownable synchronizers | Count |
Thread count | jvm_threads_state | Current count of threads by state | Count |
Started threads | jvm_threads_started_total.count | Started thread count of a JVM | Count |
Peak thread | jvm_threads_peak | Peak thread count of a JVM | Count |
Daemon threads | jvm_threads_daemon | Daemon thread count of a JVM | Count |
Deadlocked threads monitor | jvm_threads_deadlocked_monitor | Cycles of JVM-threads that are in deadlock waiting to acquire object monitors | Count |
Thread count | jvm_threads_current | Current thread count of a JVM | Count |
Metric name | Metric key | Description | Unit |
---|---|---|---|
- | jvm_gc_collection_seconds | - | - |
Metric name | Metric key | Description | Unit |
---|---|---|---|
JVM memory used | jvm_memory_bytes_used | Used bytes of a given JVM memory area. | Byte |
JVM initial memory pool | jvm_memory_pool_bytes_init | Initial bytes of a given JVM memory pool. | Byte |
JVM max memory pool | jvm_memory_pool_bytes_max | Max bytes of a given JVM memory pool. | Byte |
JVM max memory | jvm_memory_bytes_max | Max (bytes) of a given JVM memory area. | Byte |
JVM memory pool committed | jvm_memory_pool_bytes_committed | Committed bytes of a given JVM memory pool. | Byte |
JVM initial memory | jvm_memory_bytes_init | Initial bytes of a given JVM memory area. | Byte |
JVM memory pool used | jvm_memory_pool_bytes_used | Used bytes of a given JVM memory pool. | Byte |
JVM memory committed | jvm_memory_bytes_committed | Committed (bytes) of a given JVM memory area. | Byte |
Metric name | Metric key | Description | Unit |
---|---|---|---|
JVM version info | jvm_info | - | Count |
The simplest way to capture all observation signals automatically and in context
Automatically and intelligently monitor, analyze, and optimize your application server and all applications deployed anywhere in your stack.
Route traffic, monitor clouds and remote technologies & run Synthetic monitors
Version for initial release. It contains: