Grafana dashboards for metric and log visualization

Airlock Microgateway offers several preconfigured Helm-based Grafana dashboard templates that can be enabled and individually disabled in the Microgateway Operator Helm chart.
Dashboard metric data is obtained using Prometheus metrics and logs are aggregated using Grafana Loki in combination with a suitable log agent (e.g. Grafana Promtail or similar).

The Operator Helm chart also includes options for dashboardLabel and folderAnnotation that can be configured to allow the Grafana sidecar to find and identify the ConfigMaps that contain the dashboards in this article. These settings must match the configuration of the Grafana sidecar.

Requirements

  • All dashboards require Grafana to be installed and running with the sidecar.dashboards.enabled=true flag. This lets Grafana automatically add/update and delete Airlock Microgateway Dashboards.
  • Metric dashboards require Prometheus to be installed and running in addition to Grafana.
  • Log Dashboards require Grafana Loki to be installed and running in addition to Grafana

Metrics dashboards

Airlock Microgateway Overview

This dashboard contains statistics and status information on the installed Airlock Microgateway components. It provides an overview of license status, protected pods, processed requests, and latency as perceived by downstream clients.

Dashboard - Overview

Airlock Microgateway License

The dashboard provides detailed license information and estimated usage over the last 30 days per license ID for licenses assigned to a Microgateway Operator.

Dashboard - License

Airlock Microgateway Threats Block Metrics

The dashboard shows more detailed statistics on how Airlock Microgateway protects your applications. Processed requests and corresponding block rates can be displayed per Microgateway Operator installation and application namespace, including Block Type and Subtype.

Dashboard - BlockMetrics

Airlock Microgateway Threats LogOnly Metrics

The dashboard shows metrics for threats logged in threatHandlingMode: LogOnly. The temporal distribution and the breakdown by Block Type and Subtype are visualized. See also the related Airlock Microgateway Threat LogOnly Logs dashboard below.

Dashboard -Threats LogOnly Metrics

Log dashboards

Airlock Microgateway Threats Block Logs

The dashboard lists detailed log information for the requests blocked in threatHandlingMode: Block. Filtering on the dashboard and table level enables a detailed analysis of the denied requests. For details, see CR DenyRules reference documentation.

Threats Block Logs

Airlock Microgateway Threat LogOnly Logs

The dashboard lists detailed log information for requests with threats logged in threatHandlingMode: LogOnly to analyze the impact of deny rules on an application running in production. This allows for identifying false positives and configuring exceptions without disturbing productive traffic. For details, see CR DenyRules reference documentation.

Threat LogOnly Logs

Airlock Microgateway Header Rewrites Logs

The dashboard lists detailed log information for header rewrites to analyze their impact on an application. To enable Header Rewrites Logs, set the operationalMode to Integration. For details, see CR HeaderRewrites reference documentation.

Header Rewrite Logs