Real time monitoring with simple counters
Counters
Preliminaries
This note describes the counter module, how to enable it, how to retrieve real-time server statistics, its limitations, and security implications.
Webmasters often need to check the health of the server. Is it still up and running? Are there unexpected response codes being returned to users? Is the web site traffic unusually high or low? Is it being subjected to new hacking attempts?
The counter module can provide answers to these types of questions.
Each time the server receives a request and returns with a response, it increments an in-memory data structure that holds a set of counters. These counts can then be retrieved by the webmaster using a simple HTTP GET request to the "counters" page (a self-declared virtual resource). The response can be formatted as XML, JSON, or HTML.
Five types of header values are tracked in this way:
- method
- user-agent
- content-type
- content-length
- status-code
Each type (except content-length) is counted by value, so for example, the content-type header keeps track of how many requests were fulfilled for each distinct mime-type: text/html, application/js, image/x-icon, etc. Similarly, the status-code counter keeps track of how many responses were 200, 303, 404, etc. On the other hand, the content-length value contains the number of bytes sent in the response payload; this value is used to track the total bytes transferred for all requests.
When more than one hostname has been configured, separate counters will be used to track each of them.
Counters are initialized to zero when the server is started, and continue to increment until the server stops. Counters are not automatically saved to disk, so if that is desired, the webmaster should issue a request to the "counters" page via periodic cron job, or just before stopping the server.
The counter module provides simple monitoring capabilities only. The server's Logging module provides a much more sophisticated approach to traffic analysis.
Configuration
The counter module is not enabled by default. To use it, add a counters
entry to the modules
section and set its value to on
.
As alluded to before, the "counters" page is a virtual resource. To make it visible, add an entry to the plugins/router
section using a path-pattern of your choice, for example `/rwserve/counters`
; declare a *methods=GET
attribute; and declare a *plugin='rwserve-counters'
attribute.
This configuration will enable the counters module to respond to your requests for current real-time statistics. If your website hostname is example.com
, you can get XML, JSON, and HTML "counter" pages using these URLs:
https://example.com/rwserve/counters.xml
https://example.com/rwserve/counters.json
https://example.com/rwserve/counters.html
Restricting access to the counters page
Since the "counters" page is accessed using a standard GET request, it is visible to the general public by default. While there is nothing especially sensitive in the response or of concern to the website's security, it is understandable that many webmasters will want to restrict access to it. The best way to do that is using the RBAC module. Follow these steps:
- Enable the
rbac
module. - Add an entry to the
rbac/resources
subsection having the same path-pattern that is defined in theplugins/router
section; declare a*methods=GET
attribute; and declare a*roles=devops
attribute. - Login to the website using the
devops
userid.
The third example in the Cookbook section below demonstrates this type of configuration.
EBNF
SP | ::= | U+20 |
CR | ::= | U+0D |
ASTERISK | ::= | U+2A |
APOSTROPHE | ::= | U+27 |
EQUALS-SIGN | ::= | U+3D |
QUESTION-MARK | ::= | U+3F |
LEFT-CURLY-BRACKET | ::= | U+7B |
RIGHT-CURLY-BRACKET | ::= | U+7D |
counters-module | ::= | 'counters' | ('on' | 'off') |
rbac-module | ::= | 'counters' | ('on' | 'off') |
modules-section | ::= | 'modules' SP LEFT-CURLY-BRACKET CR counters-module router-module rbac-module RIGHT-CURLY-BRACKET CR |
Cookbook
Example 1: Counters off
server {
modules {
counters off
}
}
Example 2: Counters on, unsecured access
server {
modules {
counters on
}
plugins {
router {
`/rwserve/counters` *methods=GET *plugin='rwserve-counters'
}
}
}
Example 3: Counters on, devops access only
server {
modules {
counters on
rbac on
}
plugins {
router {
`/rwserve/counters` *methods=GET *plugin='rwserve-counters'
}
}
rbac {
roles `/etc/rwserve/roles` // the file created by the 'addrole' CLI utility
cipher-secret C#9fB$2gD@5zR*7e // secret used to encrypt the 'rw-roles' cookie
max-idle 1800 // number of seconds of inactivity before credentials expire
resources {
`/rwserve/counters` *methods=GET *role=devops
}
}
}
Review
Key points to remember:
- The counters module provides quick real-time insight into the status of website traffic.
- The logging module is an alternative that is better suited to in-depth statistical analysis.