The command line utility traffic_ctl offers a text based interface for viewing Traffic Server statistics. Invocation is simple and requires knowing the specific name of the statistic you wish you view:
traffic_ctl metric get <statistic name>
You may notice that this is the same utility, and argument, used for viewing configuration variables of a running Traffic Server instance. Unlike configuration variables, you cannot modify a statistic value with the traffic_ctl program.
This utility is enabled and built by default, and will be located in the
bin/ subdirectory of your Traffic Server installation. There are no required changes
to your configuration to allow traffic_ctl to function, however it
may only be run by users with permissions to access the Traffic Server Unix socket. This
will typically limit use to root as well as the system user you have configured
Traffic Server to run under or any other system users which share the same group as you
have configured Traffic Server to use.
Stats Over HTTP¶
Traffic Server includes a stable plugin, Stats Over HTTP Plugin, which provides HTTP access to all Traffic Server statistcs. The plugin returns a JSON object with all statistics and their current values. It is not possible to return a subset of the statistics. The plugin must be enabled before you may use it.
Enabling Stats Over HTTP¶
Once the plugin is enabled and Traffic Server has reloaded, you can test that it is
working properly by issuing a simple HTTP request with
curl. Assuming your
Traffic Server installation is using the default interface and port bindings, running the
following command on the same host as Traffic Server should now work:
You should be presented with an HTTP response containing a single JSON object which lists all the available statistics and their current values. If you have configured Traffic Server to only listen on a specific interface, or to use a different port, you may need to adjust the URL in the command above.
If you wish to have the stats made available at a non-default path, then that path should be given as the sole argument to the plugin, as so:
plugin.config entry will result in your Traffic Server statistics being
/81c075bc0cca1435ea899ba4ad72766b on any host and port on which
you have your Traffic Server instance listening.
Statistics Security and Privacy¶
Simply changing the path at which your statistics are available should be considered very weak security. While cache objects themselves cannot be accessed through the plugin’s JSON output, and no modifications to the configuration or operation of Traffic Server may be made through the plugin, the statistics may reveal much more about your network’s traffic and architecture than you wish to be publicly available.
A better method is to use an ACL Filter in
remap.config to restrict access to clients. For instance, if your Traffic Server
host resides on a private network in the 10.1.1.0/24 IPv4 address space
listening on the address 10.1.1.10, separate from its public interface(s) used
to serve client requests, you could add the following remap configuration:
map http://10.1.1.10/_stats http://10.1.1.10/_stats @action=deny @src_ip=0.0.0.0-255.255.255.255
map http://10.1.1.10/_stats http://10.1.1.10/_stats @action=allow @src_ip=10.1.1.0-10.1.1.255
The above configuration sets the default policy for the entirety of IPv4 address space to deny, but then exempts the 10.1.1.0/24 network by permitting their requests to be processed by Traffic Server. If your monitoring infrastructure makes use of locally-installed data collection agents, you may even wish to restrict access to the Stats Over HTTP plugin to all but localhost.