NewMetrics returns a Metric implementation.

SanitizeLabels sanitize all given labels.

StartCall starts a "call", which when finished via Done() will emit timing and error related metrics.

StartLatencyMetric starts a "call", which when finished via Done() will emit timing and error related metrics.

Action functionality related to actions themselves, such as rate-limiting an action.

Activate functionality related to activating some element (such as X509 CA manager); should be used with other tags to add clarity.

Address tags some network address.

Admin tags admin access.

AdminIDs are admin IDs.

Agent SPIFFE ID.

AgentKeyManager attached to all operations related to the Agent KeyManger interface.

AgentsByExpiresAtCache functionality related to the agent btree cache indexed by ExpiresAt.

AgentsByIDCache functionality related to the agent btree cache indexed by ID.

AgentSVID tag a node (agent) SVID.

Append functionality related to appending some element (such as part of a bundle); should be used with other tags to add clarity.

Attempt tags some count of attempts.

Attest functionality related to attesting; should be used with other tags to add clarity.

Attestor tags an attestor plugin/type (eg.

Audience tags some audience for a token.

AuthorizeCall functionality related to authorizing an incoming call.

AuthorizedAs indicates who an entity was authorized as.

AuthorizedVia indicates by what means an entity was authorized.

Bundle functionality related to a bundle; should be used with other tags to add clarity.

BundleEndpointProfile is the name of the bundle endpoint profile.

BundleEndpointURL is the URL of the bundle endpoint.

BundleManager functionality related to a Bundle manager.

BundlesUpdate functionality related to updating bundles.

ByBanned tags filtering by banned agents.

ByCanReattest tags filtering by agents that can re-attest.

BySelectorMatch tags Match used when filtering by Selectors.

BySelectors tags selectors used when filtering.

CA functionality related to some CA; should be used with other tags to add clarity.

Cache functionality related to a cache.

CacheManager functionality related to a cache manager.

Cache type tag.

CAJournal is a CA journal record.

CAJournalID tags a CA journal ID.

CallerAddr labels an API caller address.

CallerGID tags an API caller group ID; should be used with other tags to add clarity; Unix only.

CallerID tags an API caller; should be used with other tags to add clarity.

CallerPath tags an API caller binary path; should be used with other tags to add clarity.

CallerUID tags an API caller user ID; should be used with other tags to add clarity; Unix only.

CallerSID tags an API caller user SID; should be used with other tags to add clarity; Windows only.

CAManager functionality related to a CA manager.

Catalog functionality related to plugin catalog.

CertFilePath tags a certificate file path used for TLS connections.

CGroupPath tags a linux CGroup path, most likely for use in attestation.

Check tags a health check subsystem.

Connection functionality related to some connection; should be used with other tags to add clarity.

Connections functionality related to some group of connections; should be used with other tags to add clarity.

ContainerID tags some container ID, most likely for use in attestation.

ContainerName tags some container name, most likely for use in attestation.

Count tags some basic count; should be used with other tags and clear messaging to add clarity.

CountAgents functionality related to counting agents.

CountBundles functionality related to counting bundles.

Create functionality related to creating some entity; should be used with other tags to add clarity.

CreatedAt tags registration entry creation date.

CreateFederatedBundle functionality related to creating a federated bundle.

Create if not exists functionality related to creating some entity; should be used with other tags to add clarity.

CreateJoinToken functionality related to creating a join token.

CreateRegistrationEntry functionality related to creating a registration entry.

CreateRegistrationEntryIfNotExists functionality related to creating a registration entry.

Csr represents a presented Csr in hashed format.

CsrSpiffeID represents the SPIFFE ID in a Certificate Signing Request.

DatabaseType labels a database type (MySQL, postgres...).

DataDir is a data directory.

Datastore functionality related to datastore plugin.

DebugAPI functionality related to debug endpoints.

DelegatedIdentityAPI functionality related to delegated identity endpoints.

Delete functionality related to deleting some entity; should be used with other tags to add clarity.

Deleted tags something as deleted.

DeleteFederatedBundle functionality related to deleting a federated bundle.

DeleteFederatedBundleMode functionality related to deleting federated bundle modes.

DeleteRegistrationEntry functionality related to deleting a registration entry.

DeprecatedServiceName tags the deprecated service name.

Details tags details response from a health check subsystem.

DiscoveredSelectors tags selectors for some registration.

DNS name is a name which is resolvable with DNS.

Downstream tags if entry is a downstream.

Duration is the amount of seconds that an error is active.

ElapsedTime tags some duration of time.

Endpoints functionality related to agent/server endpoints.

EndpointSpiffeID tags endpoint SPIFFE ID.

EntriesByEntryIDCache functionality related to the entries btree cache indexed by EntryID.

EntriesByParentIDCache functionality related to the entries btree cache indexed by ParentID.

Entry tag for some stored entry.

EntryAdded is the counter key for when an entry is added to LRU cache.

EntryRemoved is the counter key for when an entry is removed from LRU cache.

EntryUpdated is the counter key for when an LRU cache entry is updated.

Error tag for some error that occurred.

Event tag some event that has occurred, for a notifier, watcher, listener, etc.

EventID tags an event ID.

EvictAgent functionality related to evicting an agent.

Expect tags an expected value, as opposed to the one received.

ExpectGID is like Expect, specific to gid.

ExpectStartTime is like Expect, specific to a start time.

ExpectUID is like Expect, specific to uid.

Expiration tags an expiration time for some entity.

ExpiresAt tags registration entry expiration.

ExpiringSVIDs tags expiring SVID count/list.

ExpiryCheckDuration tags duration for an expiry check; should be used with other tags to add clarity.

External tag something as external (e.g.

Failures amount of concatenated errors.

FederatedAdded labels some count of federated bundles that have been added to an entity.

FederatedBundle functionality related to a federated bundle; should be used with other tags to add clarity.

FederatedRemoved labels some count of federated bundles that have been removed from an entity.

FederatesWith tags a federates with list.

FederatesWithMatch tags a federates with match filter.

FederationRelationship tags a federation relationship.

Fetch functionality related to fetching some entity; should be used with other tags to add clarity.

FetchBundle functionality related to fetching a CA bundle.

FetchEntriesUpdates functionality related to fetching entries updates; should be used with other tags to add clarity.

FetchFederatedBundle functionality related to fetching a federated bundle.

FetchJWTBundles functionality related to fetching JWT bundles.

FetchJWTSVID functionality related to fetching a JWT-SVID.

FetchPrivateKey related to fetching a private in the KeyManager plugin interface (agent).

FetchRegistrationEntries functionality related to fetching registration entries.

FetchRegistrationEntry functionality related to fetching a registration entry.

FetchSecrets functionality related to fetching secrets.

FetchSVIDsUpdates functionality related to fetching SVIDs updates; should be used with other tags to add clarity.

FetchX509CASVID functionality related to fetching an X509 SVID.

FetchX509SVID functionality related to fetching an X509 SVID.

FirstUpdate functionality related to fetching first update in a streaming API.

GenerateKey related to generating a key in the KeyManager plugin interface (server).

GenerateKeyPair related to generating a key pair in the KeyManager plugin interface (agent).

Generation represents an objection generation (i.e.

GetKey related to getting a key in the KeyManager plugin interface (agent).

GetKeys related to getting keys in the KeyManager plugin interface (agent).

GetNodeSelectors functionality related to getting node selectors.

GetPublicKey related to getting a key in the KeyManager plugin interface (server).

GetPublicKeys related to getting keys in the KeyManager plugin interface (server).

Hash tags a hash.

Hint tags registration entry hint.

IDType tags some type of ID (eg.

ImageID tags the image identifier in the format "repository@sha256:digest".

IssuedAt tags an issuance timestamp.

JoinToken functionality related to a join token; should be used with other tags to add clarity.

JWT declares JWT-SVID type, clarifying metrics.

JWTAuthorityExpiresAt tags a JWT Authority expiration.

JWTAuthorityKeyID tags a JWT authority key ID.

JWTAuthorityKeyIDs tags a list of JWT authority key IDs.

JWTAuthorityPublicKeySHA256 tags a JWT Authority public key.

JWTKey functionality related to a JWT key; should be used with other tags to add clarity.

JWTKeys tags some count or list of JWT Keys.

JWTSVID functionality related to a JWT-SVID; should be used with other tags to add clarity.

JWT SVID TTL functionality related to a time-to-live field for JWT-SVIDs; should be used with other tags to add clarity.

KeyFilePath tags a key file path used for TLS connections.

Keys related to keys used on HCL.

Kid tags some key ID.

LaunchLogLevel log level when service started.

Limit tags a limit.

List functionality related to listing some objects; should be used with other tags to add clarity.

ListAgents functionality related to listing agents.

ListAllEntriesWithPages functionality related to listing all registration entries with pagination.

ListFederatedBundles functionality related to listing federated bundles.

ListRegistrationsByParentID functionality related to listing registrations by parent ID.

ListRegistrationsBySelector functionality related to listing registrations by selector.

ListRegistrationsBySelectors functionality related to listing registrations by selectors.

ListRegistrationsBySPIFFEID functionality related to listing registrations by SPIFFE ID.

LocalAuthorityID tags a local authority ID.

Manager functionality related to a manager (such as CA manager); should be used with other tags to add clarity.

Method is the full name of the method invoked.

Mint functionality related to minting identities.

MintJWTSVID functionality related to minting a JWT-SVID.

MintX509SVID functionality related to minting an X.509 SVID.

Mode tags a bundle deletion mode.

Network tags some network name ("tcp", "udp").

NewHash tags a new hash.

NewLogLevel tags a new log level.

NewSerialNumber tags a certificate new serial number.

NewSVID functionality related to creation of a new SVID.

Node functionality related to a node entity or type; should be used with other tags to add clarity.

NodeAliasesByEntryIDCache functionality related to the node-aliases btree cache indexed by EntryID.

NodeAliasesBySelectorCache functionality related to the node-aliases btree cache indexed by Selector.

NodeAttestorType declares the type of node attestation.

NodeEvent functionality related to a node entity or type being created, updated, or deleted.

Nonce tags some nonce for communication.

Notifier functionality related to some notifying entity; should be used with other tags to add clarity.

OldHash tags a hash.

OutdatedSVIDs tags SVID with outdated attributes count/list.

ParentID tags parent ID for an entry.

PartialSelectors is a partial set of selectors for a workload.

Path declares some logic path, likely on the file system.

Peer ID is the SPIFFE ID of a peer.

PID declares some process ID.

PluginName tags name of some plugin.

PluginService tags single service provided by a plugin.

PluginServices tags services provided by a plugin.

PluginType tags type of some plugin.

PodUID tags some pod UID, most likely for use in attestation.

PreferredServiceName tags the preferred service name.

Prepare functionality related to preparation of some entity; should be used with other tags to add clarity.

ProcessTaintedJWTSVIDs functionality related to processing tainted JWT SVIDs.

ProcessTaintedX509SVIDs functionality related to processing tainted X.509 SVIDs.

Prune functionality related to pruning some entity(ies); should be used with other tags to add clarity.

Pruned flagging something has been pruned.

Push functionality related to pushing some entity to let a destination know that some source generated such entity; should be used with other tags to add clarity.

PushJWTKeyUpstream functionality related to pushing a public JWT Key to an upstream server.

ReadOnly tags something read-only.

Reason is the reason for something.

Reattestable declares if the agent should reattest when its SVID expires.

Received tags a received value, as opposed to the one that is expected.

ReceivedGID is like Received, specific to gid.

ReceivedStartTime is like Received, specific to a start time.

ReceivedUID is like Received, specific to uid.

Reconfigurable tags whether something is reconfigurable.

RecordMapSize is the gauge key to hold the size of the LRU cache entries map.

RefreshHint tags a bundle refresh hint.

Registered flags whether some entity is registered or not; should be either true or false.

RegistrationEntry tags a registration entry.

RegistrationEntryEvent is a notice a registration entry has been created, modified, or deleted.

RegistrationID tags some registration entry ID.

RegistrationManager functionality related to a registration manager.

Reload functionality related to reloading of a cache.

RequestID tags a request identifier.

ResourceNames tags some group of resources by name.

RetryInterval tags some interval for retry logic.

RevisionNumber tags a registration entry revision number.

Revoke functionality related with revoking a key from the bundle.

Rotate functionality related to rotation of SVID; should be used with other tags to add clarity.

Schema tags database schema version.

SDSAPI functionality related to SDS; should be used with other tags to add clarity.

Seconds tags some count of seconds; should be used with other tags and message to add clarity.

Selector tags some registration selector.

Selectors tags some group of registration selector.

SelectorsAdded labels some count of selectors that have been added to an entity.

SelectorsRemoved labels some count of selectors that have been removed from an entity.

SelfSigned tags whether some entity is self-signed.

SendJWTBundleLatency tags latency for sending JWT bundle.

SequenceNumber tags a bundle sequence number.

SerialNumber tags a certificate serial number.

ServerCA functionality related to a server CA; should be used with other tags to add clarity.

ServerKeyManager attached to all operations related to the server KeyManager interface.

Service is the name of the service invoked.

Set functionality related to set/override/clobber of an entity, such as a bundle; should be used with other tags to add clarity.

Sign functionality related to signing a token / cert; should be used with other tags to add clarity.

SignData related to signing data in the KeyManager plugin interface (server).

SkippedEntryEventIDs functionality related to counting missed entry event IDs.

SkippedNodeEventIDs functionality related to counting missed node event IDs.

Slot X509 CA Slot ID.

SPIFFEID tags a SPIFFE ID.

SpireAgent typically the entire spire agent service.

SpireServer typically the entire spire server.

StartTime tags some start/entry timestamp.

Status tags status of call (OK, or some error), or status of some process.

StatusCode tags status codes of call.

StatusMessage tags status messages of call.

Store functionality related to SVID Store service.

StorePrivateKey related to storing a private key in the KeyManager plugin interface (agent or server).

StoreSvid tags if entry is storable.

StoreSVIDUpdates related to storing SVID updates in SVIDStore plugins.

StreamSecrets functionality related to streaming secrets.

Subject tags some subject (likely a SPIFFE ID, and likely for a token); should be used with other tags to add clarity.

SubjectKeyID tags a certificate subject key ID.

SubjectKeyIDs tags a list of subject key ID.

SubscribeX509SVIDs functionality related to subscribing to X.509 SVIDs.

SubsystemName declares field for some subsystem name (an API, module...).

SVID functionality related to a SVID; should be used with other tags to add clarity.

SVIDMapSize is the gauge key for the size of the LRU cache SVID map.

SVIDResponseLatency tags latency for SVID response.

SVIDRotator functionality related to a SVID rotator.

SVIDSerialNumber tags a certificate serial number.

SVIDStore tags an SVID store plugin/type (eg.

SVIDType tags some type of SVID (eg.

SVIDUpdated tags that for some entity the SVID was updated.

Sync functionality for syncing (such as CA manager updates).

SyncBundlesTotal is the number of bundles synced from the server.

SyncEntriesTotal is the number of entries that were no longer on the server.

SyncEntriesTotal is the number of entries that existed on the server but not the agent.

SyncEntriesTotal is the number of entries that were out of date on the agent.

SyncEntriesTotal is the number of entries synced from the server.

Taint functionality related with tainting a key from the bundle.

TaintedJWTSVIDs tags tainted JWT SVID count/list.

TaintedX509SVIDs tags tainted X.509 SVID count/list.

Telemetry tags a telemetry module.

TrustDomain tags the name of some trust domain.

TrustDomainID tags the ID of some trust domain.

TTL functionality related to a time-to-live field; should be used with other tags to add clarity.

Type tags a type.

Unknown tags some unknown caller, entity, or status.

Update functionality related to updating some entity; should be used with other tags to add clarity.

Updated tags some entity as updated; should be used with other tags to add clarity.

UpdateFederatedBundle functionality related to updating a federated bundle.

UpdateRegistrationEntry functionality related to updating a registration entry.

UpstreamAuthorityID tags a signing authority ID.

ValidateJWTSVID functionality related validating a JWT-SVID.

ValidateJWTSVIDError functionality related to an error validating a JWT-SVID.

Version tags a version.

VersionInfo tags some version information.

WorkloadAPI flagging usage of workload API; should be used with other tags to add clarity.

WorkloadAttestation tags call of overall workload attestation.

WorkloadAttestor tags call of a workload attestor.

X509 declared X509 SVID type, clarifying metrics.

X509AuthoritiesASN1256 tags a X509 authority ASN1 encrypted using SHA256.

X509CA functionality related to an x509 CA; should be used with other tags to add clarity.

X509CAs tags some count or list of X509 CAs.

X509CASVID functionality related to an x509 CA SVID; should be used with other tags to add clarity.

X509SVID functionality related to an x509 SVID; should be used with other tags to add clarity.

X509 SVID TTL functionality related to a time-to-live field for X509-SVIDs; should be used with other tags to add clarity.

Blackhole implements the Metrics interface, but throws away the metric data Useful for satisfying the Metrics interface when testing code which depends on it.

CallCounter is used to track timing and other information about a "call".

Latency is used to track timing between two specific events.

Metrics is an interface for all metrics plugins and services.

Label is a label/tag for a metric.

Sink is an interface for emitting metrics.