diff --git a/scripts/base/frameworks/telemetry/options.zeek b/scripts/base/frameworks/telemetry/options.zeek index 9e5adf1fbb..6aa05f5f9b 100644 --- a/scripts/base/frameworks/telemetry/options.zeek +++ b/scripts/base/frameworks/telemetry/options.zeek @@ -11,7 +11,7 @@ export { const metrics_address = getenv("ZEEK_DEFAULT_LISTEN_ADDRESS") &redef; ## Port used to make metric data available to Prometheus scrapers via - ## HTTP. + ## HTTP. The default value means Zeek won't expose the port. const metrics_port = 0/unknown &redef; ## ID for the metrics exporter. This is used as the 'endpoint' label diff --git a/scripts/policy/frameworks/telemetry/prometheus.zeek b/scripts/policy/frameworks/telemetry/prometheus.zeek index b1d9374e8b..2b2ac4d255 100644 --- a/scripts/policy/frameworks/telemetry/prometheus.zeek +++ b/scripts/policy/frameworks/telemetry/prometheus.zeek @@ -2,10 +2,6 @@ ##! from the cluster node configuration for exporting data to ##! Prometheus. ##! -##! For customization or disabling, redef the involved Telemetry options -##! again. Specifically, to disable listening on port 9911, set -##! :zeek:see:`Telemetry::metrics_port` to `0/unknown` again. -##! ##! The manager node will also provide a ``/services.json`` endpoint ##! for the HTTP Service Discovery system in Prometheus to use for ##! configuration. This endpoint will include information for all of diff --git a/scripts/site/local.zeek b/scripts/site/local.zeek index 328c823975..71251c0cb1 100644 --- a/scripts/site/local.zeek +++ b/scripts/site/local.zeek @@ -94,8 +94,8 @@ redef digest_salt = "Please change this value."; # telemetry_histogram.log. @load frameworks/telemetry/log -# Enable metrics centralization on the manager. This opens port 9911/tcp -# on the manager node that can be readily scraped by Prometheus. +# Enable Prometheus metrics scraping in the cluster: each Zeek node will listen +# on the metrics port defined in its Cluster::nodes entry. # @load frameworks/telemetry/prometheus # Uncomment the following line to enable detection of the heartbleed attack. Enabling