Hi Tyler,

We have metrics in Selector for successful and failed authentication. On
the broker side, we have mbeans

These have attributes failed-authentication-rate,
failed-authentication-total etc. There are similar metrics on clients too.
Perhaps these give you what you are looking for?



On Mon, Dec 2, 2019 at 6:54 PM Tyler Lubeck <ty...@tylerlubeck.com> wrote:

> Hi!
> I ran into an issue over the weekend where our automated system updated
> some of our brokers with a certificate signed by a new certificate
> authority but didn't update the truststore on the other brokers. I've
> dumped the stacktrace in a gist
> <https://gist.github.com/TylerLubeck/a734514d8a2e9936f35e223f90f21307> for
> context.
> From what I've been able to tell, this error only shows up in logs. It'd be
> useful to have this reported via other metrics as well so I can detect the
> problem sooner next time around.
> I *think* it'll be something like updating the SSLTransportLayer
> <
> https://github.com/apache/kafka/blob/be58580e14be93618f11e609389ff6bb16317702/clients/src/main/java/org/apache/kafka/common/network/SslTransportLayer.java#L50
> >
> to
> have a counter of number of failures and then registering itself as an
> mbean via CoreUtils
> <
> https://github.com/apache/kafka/blob/33d06082117d971cdcddd4f01392006b543f3c01/core/src/main/scala/kafka/utils/CoreUtils.scala#L140
> >.
> That said, I'm new to Java development and have only touched JMX from the
> 'oh neat, metrics' side of things.
> Is this worth pursuing? Is this roughly the right track? I'm more than
> happy to add this in but I'm not entirely sure how to start.
> Thanks,
> Tyler Lubeck
> (813) 469 - 1499
> www.TylerLubeck.com <http://www.tylerlubeck.com/>
> www.linkedin.com/in/tylerlubeck/

Reply via email to