Prometheus: expose machine_id in alert metrics

[seamus-45]

What would you like to be added?

Add some context for alert metrics like machine name. This will allow to better see the attack vector on Grafana dashboards.

Current query is sum(cs_alerts{instance="$instance"}) on Crowdsec Details per instance dashboard and it display 0 alerts on agent nodes when local DB is disabled. When I change it to sum(cs_alerts{}) then all alerts from all instances is displayed. It would be better if we could see the source for alerts like sum(cs_alerts{}) by (alert_source) if such data were available.

Why is this needed?

Prometheus alert metrics become useless when the engine switched to the agent mode (with centralized LAPI) as they comes from the local DB even if local LAPI server is disabled.

[github-actions]

@seamus-45: Thanks for opening an issue, it is currently awaiting triage.

In the meantime, you can:

1. Check Crowdsec Documentation to see if your issue can be self resolved.
2. You can also join our Discord.
3. Check Releases to make sure your agent is on the latest version.

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[github-actions]

@seamus-45: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.

• /kind feature
• /kind enhancement
• /kind refactoring
• /kind bug
• /kind packaging

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[seamus-45]

/kind enhancement