cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sam Tunnicliffe (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-10635) Add metrics for authentication failures
Date Fri, 08 Jul 2016 12:08:11 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-10635?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15367587#comment-15367587
] 

Sam Tunnicliffe commented on CASSANDRA-10635:
---------------------------------------------

I wonder whether meters rather than counters would be more useful here, being able to provide
not just an absolute count but rates of auth failure/success. I would imagine that the ability
to detect spikes here would provide more actionable signals for operators. 

I'm not wild about tying the metric/mbean names to the message classes. It would be cleaner
IMO to grouop them with the existing client metrics (at least in the mbeans). Doing it that
way would mean being losing the ability to disambiguate between the counts generated from
{{CredentialsMessage}}(protocol v1) and {{AuthResponse}}(later versions), but that's a feature
not a bug for me and we should have dedicated metrics for the versions used by connecting
clients if they're relevant. 

[~soumava] I've pushed a branch which applies the above changes to your original patch [here|https://github.com/beobal/cassandra/tree/10635-trunk],
wdyt?

[~cnlwsu] would be good to get your opinion here too, if you have chance to take a look.

> Add metrics for authentication failures
> ---------------------------------------
>
>                 Key: CASSANDRA-10635
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-10635
>             Project: Cassandra
>          Issue Type: Improvement
>            Reporter: Soumava Ghosh
>            Assignee: Soumava Ghosh
>            Priority: Minor
>             Fix For: 3.x
>
>         Attachments: 10635-2.1.txt, 10635-2.2.txt, 10635-3.0.txt, 10635-dtest.patch,
10635-trunk.patch
>
>
> There should be no auth failures on a cluster in general. 
> Having metrics around the authentication code would help detect clients 
> that are connecting to the wrong cluster or have auth incorrectly configured.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message