From: Remi Gacogne Date: Fri, 15 Apr 2022 09:15:02 +0000 (+0200) Subject: rec: Fix DNSSEC counters description in web/prometheus as well X-Git-Tag: auth-4.8.0-alpha0~136^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F11539%2Fhead;p=thirdparty%2Fpdns.git rec: Fix DNSSEC counters description in web/prometheus as well --- diff --git a/pdns/ws-recursor.cc b/pdns/ws-recursor.cc index f3372e9c38..b4c46c78ee 100644 --- a/pdns/ws-recursor.cc +++ b/pdns/ws-recursor.cc @@ -637,38 +637,38 @@ const std::map MetricDefinitionStorage::d_metrics "Number of queries received with the DO bit set")}, {"dnssec-result-bogus", MetricDefinition(PrometheusMetricType::counter, - "Number of DNSSEC validations that had the Bogus state")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state")}, {"dnssec-result-indeterminate", MetricDefinition(PrometheusMetricType::counter, - "Number of DNSSEC validations that had the Indeterminate state")}, + "Number of responses sent, packet-cache hits excluded, that were in the Indeterminate state")}, {"dnssec-result-insecure", MetricDefinition(PrometheusMetricType::counter, - "Number of DNSSEC validations that had the Insecure state")}, + "Number of responses sent, packet-cache hits excluded, that were in the Insecure state")}, {"dnssec-result-nta", MetricDefinition(PrometheusMetricType::counter, - "Number of DNSSEC validations that had the (negative trust anchor) state")}, + "Number of responses sent, packet-cache hits excluded, that were in the (negative trust anchor) state")}, {"dnssec-result-secure", MetricDefinition(PrometheusMetricType::counter, - "Number of DNSSEC validations that had the Secure state")}, + "Number of responses sent, packet-cache hits excluded, that were in the Secure state")}, {"x-dnssec-result-bogus", MetricDefinition(PrometheusMetricType::counter, - "Number of DNSSEC validations that had the Bogus state")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state")}, {"x-dnssec-result-indeterminate", MetricDefinition(PrometheusMetricType::counter, - "Number of DNSSEC validations that had the Indeterminate state")}, + "Number of responses sent, packet-cache hits excluded, that were in the Indeterminate state")}, {"x-dnssec-result-insecure", MetricDefinition(PrometheusMetricType::counter, - "Number of DNSSEC validations that had the Insecure state")}, + "Number of responses sent, packet-cache hits excluded, that were in the Insecure state")}, {"x-dnssec-result-nta", MetricDefinition(PrometheusMetricType::counter, - "Number of DNSSEC validations that had the (negative trust anchor) state")}, + "Number of responses sent, packet-cache hits excluded, that were in the (negative trust anchor) state")}, {"x-dnssec-result-secure", MetricDefinition(PrometheusMetricType::counter, - "Number of DNSSEC validations that had the Secure state")}, + "Number of responses sent, packet-cache hits excluded, that were in the Secure state")}, {"dnssec-validations", MetricDefinition(PrometheusMetricType::counter, - "Number of DNSSEC validations performed")}, + "Number of responses sent, packet-cache hits excluded, for which a DNSSEC validation was requested by either the client or the configuration")}, {"dont-outqueries", MetricDefinition(PrometheusMetricType::counter, "Number of outgoing queries dropped because of `setting-dont-query` setting")}, @@ -945,144 +945,144 @@ const std::map MetricDefinitionStorage::d_metrics {"dnssec-result-bogus-invalid-denial", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a valid denial of existence proof could not be found")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a valid denial of existence proof could not be found")}, {"dnssec-result-bogus-invalid-dnskey-protocol", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because all DNSKEYs had invalid protocols")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because all DNSKEYs had invalid protocols")}, {"dnssec-result-bogus-missing-negative-indication", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a NODATA or NXDOMAIN answer lacked the required SOA and/or NSEC(3) records")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a NODATA or NXDOMAIN answer lacked the required SOA and/or NSEC(3) records")}, {"dnssec-result-bogus-no-rrsig", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because required RRSIG records were not present in an answer")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because required RRSIG records were not present in an answer")}, {"dnssec-result-bogus-no-valid-dnskey", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a valid DNSKEY could not be found")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a valid DNSKEY could not be found")}, {"dnssec-result-bogus-no-valid-rrsig", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because only invalid RRSIG records were present in an answer")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because only invalid RRSIG records were present in an answer")}, {"dnssec-result-bogus-no-zone-key-bit-set", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because no DNSKEY with the Zone Key bit set was found")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because no DNSKEY with the Zone Key bit set was found")}, {"dnssec-result-bogus-revoked-dnskey", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because all DNSKEYs were revoked")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because all DNSKEYs were revoked")}, {"dnssec-result-bogus-self-signed-ds", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a DS record was signed by itself")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a DS record was signed by itself")}, {"dnssec-result-bogus-signature-expired", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because the signature expired time in the RRSIG was in the past")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because the signature expired time in the RRSIG was in the past")}, {"dnssec-result-bogus-signature-not-yet-valid", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because the signature inception time in the RRSIG was not yet valid")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because the signature inception time in the RRSIG was not yet valid")}, {"dnssec-result-bogus-unable-to-get-dnskeys", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a valid DNSKEY could not be retrieved")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a valid DNSKEY could not be retrieved")}, {"dnssec-result-bogus-unable-to-get-dss", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a valid DS could not be retrieved")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a valid DS could not be retrieved")}, {"dnssec-result-bogus-unsupported-dnskey-algo", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a DNSKEY RRset contained only unsupported DNSSEC algorithms")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a DNSKEY RRset contained only unsupported DNSSEC algorithms")}, {"dnssec-result-bogus-unsupported-ds-digest-type", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a DS RRset contained only unsupported digest types")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a DS RRset contained only unsupported digest types")}, {"x-dnssec-result-bogus-invalid-denial", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a valid denial of existence proof could not be found")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a valid denial of existence proof could not be found")}, {"x-dnssec-result-bogus-invalid-dnskey-protocol", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because all DNSKEYs had invalid protocols")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because all DNSKEYs had invalid protocols")}, {"x-dnssec-result-bogus-missing-negative-indication", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a NODATA or NXDOMAIN answer lacked the required SOA and/or NSEC(3) records")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a NODATA or NXDOMAIN answer lacked the required SOA and/or NSEC(3) records")}, {"x-dnssec-result-bogus-no-rrsig", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because required RRSIG records were not present in an answer")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because required RRSIG records were not present in an answer")}, {"x-dnssec-result-bogus-no-valid-dnskey", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a valid DNSKEY could not be found")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a valid DNSKEY could not be found")}, {"x-dnssec-result-bogus-no-valid-rrsig", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because only invalid RRSIG records were present in an answer")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because only invalid RRSIG records were present in an answer")}, {"x-dnssec-result-bogus-no-zone-key-bit-set", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because no DNSKEY with the Zone Key bit set was found")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because no DNSKEY with the Zone Key bit set was found")}, {"x-dnssec-result-bogus-revoked-dnskey", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because all DNSKEYs were revoked")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because all DNSKEYs were revoked")}, {"x-dnssec-result-bogus-self-signed-ds", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a DS record was signed by itself")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a DS record was signed by itself")}, {"x-dnssec-result-bogus-signature-expired", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because the signature expired time in the RRSIG was in the past")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because the signature expired time in the RRSIG was in the past")}, {"x-dnssec-result-bogus-signature-not-yet-valid", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because the signature inception time in the RRSIG was not yet valid")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because the signature inception time in the RRSIG was not yet valid")}, {"x-dnssec-result-bogus-unable-to-get-dnskeys", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a valid DNSKEY could not be retrieved")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a valid DNSKEY could not be retrieved")}, {"x-dnssec-result-bogus-unable-to-get-dss", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a valid DS could not be retrieved")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a valid DS could not be retrieved")}, {"x-dnssec-result-bogus-unsupported-dnskey-algo", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a DNSKEY RRset contained only unsupported DNSSEC algorithms")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a DNSKEY RRset contained only unsupported DNSSEC algorithms")}, {"x-dnssec-result-bogus-unsupported-ds-digest-type", MetricDefinition(PrometheusMetricType::counter, - "number of DNSSEC validations that had the Bogus state because a DS RRset contained only unsupported digest types")}, + "Number of responses sent, packet-cache hits excluded, that were in the Bogus state because a DS RRset contained only unsupported digest types")}, {"proxy-protocol-invalid", MetricDefinition(PrometheusMetricType::counter, - "invalid proxy-protocol headers received")}, + "Number of invalid proxy-protocol headers received")}, {"record-cache-acquired", MetricDefinition(PrometheusMetricType::counter, - "number of record cache lock acquisitions")}, + "Number of record cache lock acquisitions")}, {"record-cache-contended", MetricDefinition(PrometheusMetricType::counter, - "number of contented record cache lock acquisitions")}, + "Number of contented record cache lock acquisitions")}, {"taskqueue-expired", MetricDefinition(PrometheusMetricType::counter, - "number of tasks expired before they could be run")}, + "Number of tasks expired before they could be run")}, {"taskqueue-pushed", MetricDefinition(PrometheusMetricType::counter, - "number of tasks pushed to the taskqueues")}, + "Number of tasks pushed to the taskqueues")}, {"taskqueue-size", MetricDefinition(PrometheusMetricType::gauge, - "number of tasks currently in the taskqueue")}, + "Number of tasks currently in the taskqueue")}, {"dot-outqueries", MetricDefinition(PrometheusMetricType::counter, @@ -1121,15 +1121,15 @@ const std::map MetricDefinitionStorage::d_metrics "histogram of answer times of authoritative servers")}, {"almost-expired-pushed", MetricDefinition(PrometheusMetricType::counter, - "number of almost-expired tasks pushed")}, + "Number of almost-expired tasks pushed")}, {"almost-expired-run", MetricDefinition(PrometheusMetricType::counter, - "number of almost-expired tasks run to completion")}, + "Number of almost-expired tasks run to completion")}, {"almost-expired-exceptions", MetricDefinition(PrometheusMetricType::counter, - "number of almost-expired tasks that caused an exception")}, + "Number of almost-expired tasks that caused an exception")}, // For multicounters, state the first {"policy-hits",