Appendix: Prometheus monitoring support
Prometheus is a monitoring service for server applications. A Prometheus server uses HTTP GET calls to scrape data from various services, and allows you to run queries against that data. For more information, see https://prometheus.io/.
- Counter: A metric that can only increase (for example, a total amount).
- Guage: A counter that can increase or decrease (for example, a count of items in process).
- Histogram: A sample of observations sorted into buckets, along with the sum and count of observations.
|
Metric |
Scope |
Type |
Description |
|---|---|---|---|
|
cyeng_samples_in_process |
Global |
Gauge |
This metric tracks the number of samples that are currently in process. It can range from 0 (idle) up to the max concurrency setting in the INI file or command-line option. |
|
cyeng_total_errors |
Global |
Counter |
This metric is the total number of errors encountered during the scoring process. Composite files (for example, archives) can generate more than one error or a combination of valid, aborted, and error counts. |
|
cyeng_total_unknowns |
Global |
Counter |
This metric is the total number of samples that do not have a corresponding model. Composite files (for example, archives) can result in more unknowns than samples processed, as one archive sample may contain many supported and unsupported files. |
|
cyeng_total_aborted_samples |
Global |
Counter |
This metric is the total number of samples that were aborted due to a timeout or exceeding the maximum nesting level. Composite files (for example, archives) can produce both valid and aborted results. |
|
cyeng_total_bytes_processed |
Global |
Counter |
This metric is the total number of sample bytes that have been processed. This counter is the top-level sample size and does not count samples that are extracted from a sample (for example, Apple Universal Binaries or archives). |
|
cyeng_sample_processing_time |
Global |
Histogram |
This metric is the observation of sample processing times for all sample types. For a composite file, the observation is for the total processing time of all samples it contains. |
|
cyeng_sample_size |
Global |
Histogram |
This metric is the observation of the sample size, in bytes. For a composite file, the observation is for the total size of all samples it contains. |
|
cyeng_total_sample-format_samples_processed |
Per model |
Counter |
This metric is the total number of processed samples of the type specified with sample-format. For a composite file, the count applies to all samples that it contains. For example, if an archive contains another archive, this counter would accumulate 2 counts for the ARC format in addition to any formats inside the archive. |
|
cyeng_total_benign_sample-format_samples |
Per model |
Counter |
This metric is the total number of benign samples (a score between 0.0 and +1.0, inclusive) of the type specified with sample-format. For a composite file, the count applies to all samples that it contains. |
|
cyeng_total_suspicious_sample-format_samples |
Per model |
Counter |
This metric is the total number of suspicious samples (a score between -0.6 and 0.0, exclusive) of the type specified with sample-format. For a composite file, the count applies to all samples that it contains. |
|
cyeng_total_malicious_sample-format_samples |
Per model |
Counter |
This metric is the total number of malicious samples (a score between -1.0 and -0.6, inclusive) of the type specified with sample-format. For a composite file, the count applies to all samples that it contains. |
|
cyeng_sample-format_processing_time |
Per model |
Histogram |
This metric is the observation of sample processing times for the sample type specified with sample-format. For composite files, the entire processing time of the composite file is included in the composite file's bucket (for example, ARC or MOFAT). |