Metrics

Available in AxoSyslog 4.9 and later.

You can use the update_metric function to count the processed messages, and create labeled metric counters based on the fields of the processed messages, similarly to the metrics-probe() parser.

You can configure the name of the counter to update and the labels to add. The name of the counter is an unnamed, mandatory option. Note that the name is automatically prefixed with the syslogng_ string. For example:

update_metric(
    "my_counter_name",
    labels={
        "host": ${HOST},
        "app": ${PROGRAM},
        "id": ${SOURCE}
    }
);

This results in counters like:

syslogng_my_counter_name{app="example-app", host="localhost", source="s_local_1"} 3

update_metric options

increment


Type:	integer or variable
Default:	1

An integer, or an expression that resolves to an integer that defines the increment of the counter. The following example defines a counter called syslogng_input_event_bytes_total, and increases its value with the size of the incoming message (in bytes).

update_metric(
    "input_event_bytes_total",
    labels={
        "host": ${HOST},
        "app": ${PROGRAM},
        "id": ${SOURCE}
    },
    increment=${RAWMSG_SIZE}
);

labels


Type:	dict
Default:	`{}`

The labels used to create separate counters, based on the fields of the messages processed by update_metric. Use the following format:

labels(
    {
      "name-of-label1": "value-of-the-label1",
      ... ,
      "name-of-labelx": "value-of-the-labelx"
    }
)

level


Type:	integer (0-3)
Default:	0

Sets the stats level of the generated metrics.

Note Drivers configured with internal(yes) register their metrics on level 3. That way if you are creating an SCL, you can disable the built-in metrics of the driver, and create metrics manually using update_metric.

metrics_labels

Available in AxoSyslog 4.10 and later.

metrics_labels is a dict-like data type to store metric labels directly. You can use the metrics_labels function to convert key-values to metric labels directly. This is useful when you have multiple update_metric() function calls, because it avoids re-rendering the labels, greatly improves performance.

The stored labels are sorted alphabetically, but note that key collisions are not detected. You can use the dedup_metrics_labels() function to deduplicate labels. However, this takes CPU time, it’s better to avoid inserting keys multiple times.

Last modified February 27, 2025: Merge pull request #110 from axoflow/strptime-formatting-fix (2f838bd)