Open totallyunknown opened 2 years ago
Seems like a good feature to me. To start, we would want to add parsing of this file to the Prometheus procfs library.
Update: The procfs side of this appears to have landed in master: https://github.com/prometheus/procfs/commit/6d8714c62d4165d2352f73816b44cb325eaf4296
Linux kernel with loaded
tls
module exposes the following per-namespace statistics (/proc/net/tls_stat
):TlsCurrTxSw
,TlsCurrRxSw
- number of TX and RX sessions currently installed where host handles cryptographyTlsCurrTxDevice
,TlsCurrRxDevice
- number of TX and RX sessions currently installed where NIC handles cryptographyTlsTxSw
,TlsRxSw
- number of TX and RX sessions opened with host cryptographyTlsTxDevice
,TlsRxDevice
- number of TX and RX sessions opened with NIC cryptographyTlsDecryptError
- record decryption failed (e.g. due to incorrect authentication tag)TlsDeviceRxResync
- number of RX resyncs sent to NICs handling cryptographyhttps://www.kernel.org/doc/html/latest/networking/tls.html#statistics
If this gets accepted, I can provide a PR for this.