How to Add Https Url on Target Prometheus

Better Stack Team
Updated on November 18, 2024

To configure Prometheus to scrape metrics from an HTTPS endpoint, you need to specify the target URL with the https scheme in your prometheus.yml configuration file. Additionally, you may need to configure TLS settings, such as certificates, if your HTTPS endpoint requires them. Here’s how to do it:

Basic Configuration for HTTPS Target

  1. Open Your Prometheus Configuration File: Locate your prometheus.yml file, which contains the scrape configurations.

  2. Add an HTTPS Target: Under the scrape_configs section, specify the target using the https scheme. Here’s an example configuration:

     
    global:
  scrape_interval: 15s

scrape_configs:
  - job_name: 'my_https_application'
    static_configs:
      - targets: ['<https://example.com:443/metrics>']  # Replace with your HTTPS target

Adding TLS Configuration

If your HTTPS target requires TLS certificates for verification, you need to specify additional TLS settings. Here’s how to do that:

  1. Using TLS Certificates: If the target requires a client certificate or you want to ignore server certificate verification (not recommended for production), you can add a tls_config section:

     
    global:
  scrape_interval: 15s

scrape_configs:
  - job_name: 'my_https_application'
    static_configs:
      - targets: ['<https://example.com:443/metrics>']
    scheme: https  # Specify that this is an HTTPS target
    tls_config:
      ca_file: '/path/to/ca.crt'          # Path to CA certificate
      cert_file: '/path/to/client.crt'    # Path to client certificate (if needed)
      key_file: '/path/to/client.key'      # Path to client key (if needed)
      insecure: false                       # Set to true to skip TLS verification (not recommended)

Explanation of the TLS Configuration

  • ca_file: Path to the CA certificate used to verify the server's certificate.
  • cert_file: Path to the client certificate if the server requires client authentication.
  • key_file: Path to the private key corresponding to the client certificate.
  • insecure: If set to true, it disables TLS verification. This should only be used for testing, as it exposes you to potential security risks.

Verifying Your Configuration

  1. Restart Prometheus: After making changes to the prometheus.yml file, restart your Prometheus server to apply the new configuration.
  2. Check Targets: Go to the Prometheus web UI (usually at http://localhost:9090/targets) to see if your HTTPS target is being scraped correctly.
  3. Monitor Logs: Keep an eye on the Prometheus logs for any TLS-related errors or warnings that may indicate issues with the configuration.

Conclusion

By specifying the target URL with the https scheme and configuring the necessary TLS settings, you can successfully scrape metrics from an HTTPS endpoint with Prometheus. Ensuring that the configuration is correct and secure is crucial for maintaining the integrity of your monitoring setup.

Got an article suggestion? Let us know
Licensed under CC-BY-NC-SA

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Make your mark

Join the writer's program

Are you a developer and love writing and sharing your knowledge with the world? Join our guest writing program and get paid for writing amazing technical guides. We'll get them to the right readers that will appreciate them.

Write for us
Writer of the month
Marin Bezhanov
Marin is a software engineer and architect with a broad range of experience working...
Build on top of Better Stack

Write a script, app or project on top of Better Stack and share it with the world. Make a public repository and share it with us at our email.

community@betterstack.com

or submit a pull request and help us build better products for everyone.

See the full list of amazing projects on github