Skip to content

Latest commit

 

History

History

teleport

README.md

Agent Check: Teleport

Overview

This integration monitors the health and performance of Teleport through the Datadog Agent. Enable this integration to:

  • Quickly understand the operational status of your Teleport cluster, including the Auth, Proxy, SSH, database, and Kubernetes services.
  • Query and audit user sessions that connect to Kubernetes and database services to identify rogue or compromised users in your organization.
  • Cluster logs into patterns for faster investigation of abnormal infrastructure access, such as a high number of failed logins or attempts to access as many resources as possible in a short period of time.

Setup

Follow the instructions below to install and configure this check for an Agent running on a host. For containerized environments, see the Autodiscovery Integration Templates for guidance on applying these instructions.

Installation

The Teleport integration is included in the Datadog Agent package. No additional installation is needed on your server.

Prerequisites

The Teleport check gathers Teleport's metrics and performance data using two distinct endpoints:

  • The Health endpoint provides the overall health status of your Teleport instance.
  • The OpenMetrics endpoint extracts metrics on the Teleport instance and the various services operating within that instance.

These endpoints aren't activated by default. To enable the diagnostic HTTP endpoints in your Teleport instance, please refer to the public Teleport documentation.

Configuration

Metric collection

  1. Edit the teleport.d/conf.yaml file, in the conf.d/ folder at the root of your Agent's configuration directory to start collecting your teleport performance data. See the sample teleport.d/conf.yaml for all available configuration options.

  2. Restart the Agent.

Log collection

  1. Collecting logs is disabled by default in the Datadog Agent, enable it in your datadog.yaml file:

    logs_enabled: true

  2. Edit the logs section of your teleport.d/conf.yaml file to start collecting your Teleport logs:

    logs:
  - type: file
    path: /var/log/teleport/teleport.log
    source: teleport
    service: teleport-service
    log_processing_rules:
      - type: multi_line
      name: logs_start_with_date
      pattern: \d{4}\-(0?[1-9]|1[012])\-(0?[1-9]|[12][0-9]|3[01])

  3. Restart the Agent.

Validation

Run the Agent's status subcommand and look for teleport under the Checks section.

Data Collected

Metrics

See metadata.csv for a list of metrics provided by this integration.

Events

The Teleport integration does not include any events.

Service Checks

The Teleport integration does not include any service checks.

Further reading

Additional helpful documentation, links, and articles:

Troubleshooting

Need help? Contact Datadog support.