<!DOCTYPE html>
<html>
<head>
<title>ProFTPD module mod_statsd</title>
</head>

<body bgcolor=white>

<hr>
<center>
<h2><b>ProFTPD module <code>mod_statsd</code></b></h2>
</center>
<hr><br>

<p>
The <code>mod_statsd</code> module instruments the ProFTPD code to emit
<i>metrics</i> directly to a
<a href="https://github.com/etsy/statsd"><code>statsd</code></a> server,
avoiding the need for custom log file parsing.

<p>
This module is contained in the <code>mod_statsd</code> files for
ProFTPD 1.3.<i>x</i>, and is not compiled by default.  Installation
instructions are discussed <a href="#Installation">here</a>.  More examples
of <code>mod_statsd</code> usage can be found <a href="#Usage">here</a>.

<p>
The most current version of <code>mod_statsd</code> can be found at:
<pre>
  <a href="https://github.com/Castaglia/proftpd-mod_statsd">https://github.com/Castaglia/proftpd-mod_statsd</a>
</pre>

<h2>Author</h2>
<p>
Please contact TJ Saunders &lt;tj <i>at</i> castaglia.org&gt; with any
questions, concerns, or suggestions regarding this module.

<h2>Directives</h2>
<ul>
  <li><a href="#StatsdEngine">StatsdEngine</a>
  <li><a href="#StatsdExcludeFilter">StatsdExcludeFilter</a>
  <li><a href="#StatsdSampling">StatsdSampling</a>
  <li><a href="#StatsdServer">StatsdServer</a>
</ul>

<hr>
<h3><a name="StatsdEngine">StatsdEngine</a></h3>
<strong>Syntax:</strong> StatsdEngine <em>on|off</em><br>
<strong>Default:</strong> <em>off</em><br>
<strong>Context:</strong> server config, <code>&lt;VirtualHost&gt;</code>, <code>&lt;Global&gt;</code><br>
<strong>Module:</strong> mod_statsd<br>
<strong>Compatibility:</strong> 1.3.6rc1 and later

<p>
The <code>StatsdEngine</code> directive enables or disables the emitting of
metrics to the configured <code>statsd</code> server.

<hr>
<h3><a name="StatsdExcludeFilter">StatsdExcludeFilter</a></h3>
<strong>Syntax:</strong> StatsdExcludeFilter <em>regex|"none"</em><br>
<strong>Default:</strong> None<br>
<strong>Context:</strong> server config, <code>&lt;VirtualHost&gt;</code>, <code>&lt;Global&gt;</code><br>
<strong>Module:</strong> mod_statsd<br>
<strong>Compatibility:</strong> 1.3.6rc1 and later

<p>
The <code>StatsdExcludeFilter</code> directive configures a regular expression
filter that is applied to every command.  Any command which matches the configured
regular expression will <b>not</b> be sampled by <code>mod_statsd</code>.

<p>
Example:
<pre>
  # Exclude SYST commands from our metrics
  StatsdExcludeFilter ^SYST$
</pre>

<hr>
<h3><a name="StatsdSampling">StatsdSampling</a></h3>
<strong>Syntax:</strong> StatsdSampling <em>percentage</em><br>
<strong>Default:</strong> 100<br>
<strong>Context:</strong> server config, <code>&lt;VirtualHost&gt;</code>, <code>&lt;Global&gt;</code><br>
<strong>Module:</strong> mod_statsd<br>
<strong>Compatibility:</strong> 1.3.6rc1 and later

<p>
The <code>StatsdSampling</code> directive configures the <em>percentage</em>
of events that <code>mod_statsd</code> will sample <i>sample</i>, and thus
send to <code>statsd</code>.  With very busy systems, sampling 100% of the
metrics can place undue stress on the metrics collection, while sampling a
smaller percentage of the events can still provide a statistically relevant
view of the system.

<p>
The configured <em>percentage</em> value <b>must</b> be between 1 and 100.

<p>
Example:
<pre>
  # Sample only 10 percent of the metrics
  StatsdSampling 10
</pre>

<hr>
<h3><a name="StatsdServer">StatsdServer</a></h3>
<strong>Syntax:</strong> StatsdServer <em>[scheme://]address[:port] [prefix] [suffix]</em><br>
<strong>Default:</strong> None<br>
<strong>Context:</strong> server config, <code>&lt;VirtualHost&gt;</code>, <code>&lt;Global&gt;</code><br>
<strong>Module:</strong> mod_statsd<br>
<strong>Compatibility:</strong> 1.3.6rc1 and later

<p>
The <code>StatsdServer</code> directive is used to configure the IP address/port
of the <code>statsd</code> server that the <code>mod_statsd</code> module is
to use.  For example:
<pre>
  StatsdServer 1.2.3.4:8125
</pre>
or, for an IPv6 address, make sure the IPv6 address is enclosed in square
brackets:
<pre>
  StatsdServer [::ffff:1.2.3.4]:8125
</pre>

<p>
By default, the <code>mod_statsd</code> module will use UDP when sending metrics
to the configured <code>statsd</code> server.  For more reliable (but slower)
transmission of data using TCP, use the optional <em>scheme</em> prefix,
<i>e.g.</i>:
<pre>
  # Use TCP instead of UDP
  StatsdServer tcp://1.2.3.4:8125
</pre>
or, to explicitly declare that you want to use UDP:
<pre>
  # Use UDP, with an IPv6 address
  StatsdServer udp://[::ffff:1.2.3.4]:8125
</pre>

<p>
The <code>StatsdServer</code> directive also supports optional <em>prefix</em>
and <em>suffix</em> values.  These are strings which will be used as prefixes
and suffixes to the metric names.  For example:
<pre>
  StatsdServer udp://1.2.3.4:8125 proftpd.prod ftp03
</pre>
This will use the prefix "proftpd.prod", and the suffix "ftp03", to generate
counter/timer metric names such as <code>proftpd.proftpd.command.PASS.230.ftp03</code>, instead of the default <code>command.PASS.230</code>.  Other examples:
<pre>
  # Use a prefix but no suffix for the metrics
  StatsdServer udp://1.2.3.4:8125 proftpd.prod

  # Use a suffix but no prefix for the metrics
  StatsdServer udp://1.2.3.4:8125 "" ftp03
</pre>

<p>
<hr>
<h2><a name="Installation">Installation</a></h2>
To install <code>mod_statsd</code>, copy the <code>mod_statsd</code> files into:
<pre>
  <i>proftpd-dir</i>/contrib/
</pre>
after unpacking the latest proftpd-1.3.<i>x</i> source code.  For including
<code>mod_statsd</code> as a staticly linked module:
<pre>
  $ ./configure --with-modules=mod_statsd
</pre>
To build <code>mod_statsd</code> as a DSO module:
<pre>
  $ ./configure --enable-dso --with-shared=mod_statsd
</pre>
Then follow the usual steps:
<pre>
  $ make
  $ make install
</pre>

<p>
<hr>
<h2><a name="Usage">Usage</a></h2>
An example configuration:
<pre>
  &lt;IfModule mod_statsd.c&gt;
    StatsdEngine on
    StatsdServer 127.0.0.1:8125
  &lt;/IfModule&gt;
</pre>

<p>
<b>Metrics</b><br>
The <code>mod_statsd</code> module emits one counter, and one timer, for each
command processed.  For example, a <code>USER</code> command which receives
a 331 response code would generate a counter and a timer whose name is:
<pre>
  command.USER.331
</pre>
Optional metric <em>prefixes</em> and/or <em>suffixes</em> can be configured
via the <a href="#StatsdServer"><code>StatsdServer</code></a> directive,
<i>e.g.</i>:
<pre>
  StatsdServer udp://1.2.3.4:8125 prod ftp01
</pre>
would result in command metric names like:
<pre>
  prod.command.USER.331.ftp01
</pre>

<p>
For each connection, <code>mod_statsd</code> will emit one counter and one gauge
using a metric name of:
<pre>
  connection
</pre>
Protocol-specific connection metrics are also emitted: a counter, a timer, and
a gauge, all using a metric name of "<i>protocol</i>.connection", thus:
<ul>
  <li><code>ftp.connection</code>
  <li><code>ftps.connection</code>
  <li><code>sftp.connection</code>
  <li><code>scp.connection</code>
</ul>

<p>
In addition, <code>mod_statsd</code> increments counters when the following
timeouts are encountered:
<ul>
  <li><a href="http://www.proftpd.org/docs/modules/mod_core.html#TimeoutIdle"><code>TimeoutIdle</code></a>
  <li><a href="http://www.proftpd.org/docs/modules/mod_auth.html#TimeoutLogin"><code>TimeoutLogin</code></a>
  <li><a href="http://www.proftpd.org/docs/modules/mod_xfer.html#TimeoutNoTransfer"><code>TimeoutNoTransfer</code></a>
  <li><a href="http://www.proftpd.org/docs/modules/mod_auth.html#TimeoutSession"><code>TimeoutSession</code></a>
  <li><a href="http://www.proftpd.org/docs/modules/mod_xfer.html#TimeoutStalled"><code>TimeoutStalled</code></a>
</ul>
using a metric name of "timeout.<i>name</i>", like:
<pre>
  timeout.TimeoutLogin
</pre>

<p>
<b>TLS-Specific Metrics</b><br>
For FTPS connections, <code>mod_statsd</code> emits some TLS-specific metrics.
The metric name <code>tls.handshake.ctrl</code> is used for both a counter and
a timer, for tracking number of <i>successful</i> TLS handshakes <i>and</i> how
long they take.  For <i>failed</i> TLS handshakes, the following two counters
are used:
<ul>
  <li><code>tls.hansdshake.ctrl.error</code>
  <li><code>tls.hansdshake.data.error</code>
</ul>

<p>
Counters on the TLS protocol versions and ciphers used by FTPS clients are also
available.  Note that these TLS-related counter metrics are only available when
FTPS is used, <i>and</i> when the <code>StdEnvVars</code>
<a href="http://www.proftpd.org/docs/contrib/mod_tls.html#TLSOptions"><code>TLSOption</code></a> is enabled:
<pre>
  TLSOptions StdEnvVar
</pre>
The counters in question are:
<pre>
  tls.cipher.<i>cipher</i>
  tls.protocol.<i>protocol</i>
</pre>
thus, for example, you would see:
<pre>
  tls.cipher.ECDHE-RSA-AES128-SHA
  tls.protocol.TLSv1
</pre>

<p>
<b>Logging</b><br>
The <code>mod_statsd</code> module supports <a href="http://www.proftpd.org/docs/howto/Tracing.html">trace logging</a>, via the module-specific log channels:
<ul>
  <li>statsd
  <li>statsd.metric
  <li>statsd.statsd
</ul>
Thus for trace logging, to aid in debugging, you would use the following in
your <code>proftpd.conf</code>:
<pre>
  TraceLog /path/to/ftpd/trace.log
  Trace statsd:20
</pre>
This trace logging can generate large files; it is intended for debugging use
only, and should be removed from any production configuration.

<p>
<hr>
<font size=2><b><i>
&copy; Copyright 2017 TJ Saunders<br>
 All Rights Reserved<br>
</i></b></font>
<hr>

</body>
</html>