System metrics with Prometheus#

Package Security Manager (On-prem) system performance can be monitored to understand system health, evaluate network traffic, and detect issues. Each of Package Security Manager’s services expose a set of metrics that can be visualized using the built-in Prometheus expression browser. Metrics are provided in OpenMetrics (Prometheus) format.

Accessing Prometheus#

From the dashboard, open the user dropdown menu and select Metrics to open Prometheus in a new tab. Log in using the credentials created for you during installation/upgrade.

Alternately, you can navigate directly to the dashboard in your web browser by appending /prometheus/ to your Package Security Manager fully qualified domain name (FQDN). For example: https://<FQDN>.com/prometheus/

Creating graphs for metrics#

Prometheus uses a built-in expression browser for time series visualizations of system metrics.

To create system metric graphs in Prometheus:

  1. Enter the name of an expression you want to view in the search box.

  2. Select your expression from the list that appears.

  3. Click Execute.

  4. Select the Graph tab.

The graph is populated by the selected metric, and a console readout appears below it.


To isolate a specific resource, select it from the legend below the graph.

Setting a file limit alert#

Using the two metrics above, process_open_fds and process_max_fds, you can write an alert to warn you when a process hits 80% of the limit:

- name: example
   - alert: ProcessNearFDLimits
     expr: process_open_fds / process_max_fds > 0.8
     for: 10m