Add alerts for Hashicorp Vault (#238)

Co-authored-by: Samuel Berthe <dev@samuel-berthe.fr>
2026-06-21 17:07:24 +08:00 · 2021-08-19 22:19:43 +03:00 · 2021-08-19 22:19:43 +03:00 · 3612c9cc3e
commit 3612c9cc3e
parent b47359c2fd
2 changed files with 23 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -58,7 +58,7 @@ Collection available here: **[https://awesome-prometheus-alerts.grep.to](https:/
 - [Linkerd](https://awesome-prometheus-alerts.grep.to/rules#linkerd)
 - [Istio](https://awesome-prometheus-alerts.grep.to/rules#istio)

-#### Network and storage
+#### Network, security and storage

 - [Ceph](https://awesome-prometheus-alerts.grep.to/rules#ceph)
 - [ZFS](https://awesome-prometheus-alerts.grep.to/rules#zfs)
@ -68,6 +68,7 @@ Collection available here: **[https://awesome-prometheus-alerts.grep.to](https:/
 - [Juniper](https://awesome-prometheus-alerts.grep.to/rules#juniper)
 - [CoreDNS](https://awesome-prometheus-alerts.grep.to/rules#coredns)
 - [FreeSwitch](https://awesome-prometheus-alerts.grep.to/rules#freeswitch)
+- [Hashicorp Vault](https://awesome-prometheus-alerts.grep.to/rules#Hashicorp-Vault)

 #### Other

--- a/_data/rules.yml
+++ b/_data/rules.yml
@ -1803,7 +1803,7 @@ groups:
                for: 1m


-  - name: Network and storage
+  - name: Network, security and storage
    services:
      - name: Ceph
        exporters:
@ -1984,6 +1984,26 @@ groups:
                severity: critical
                for: 5m

+      - name: Hashicorp Vault
+        exporters:
+          - name: Embedded exporter
+            doc_url: https://github.com/hashicorp/vault/blob/master/website/content/docs/configuration/telemetry.mdx#prometheus
+            rules:
+              - name: Vault sealed
+                description: 'Vault instance is sealed on {{ $labels.instance }}'
+                query: 'vault_core_unsealed == 0'
+                severity: critical
+              - name: Vault too many pending tokens
+                description: 'Too many pending tokens {{ $labels.instance }}: {{ $value | printf "%.2f"}}%'
+                query: 'avg(vault_token_create_count - vault_token_store_count) > 0'
+                severity: warning
+                for: 5m
+              - name: Vault too many infinity tokens
+                description: 'Too many infinity tokens {{ $labels.instance }}: {{ $value | printf "%.2f"}}%'
+                query: 'vault_token_count_by_ttl{creation_ttl="+Inf"} > 3'
+                severity: warning
+                for: 5m
+
  - name: Other
    services:
      - name: Thanos