Instrumentation for metrics

Philipp Marek philipp at
Tue Jan 21 19:03:07 AEDT 2020

>> Another idea is to mirror the current preauth load via 
>> setproctitle()...
> That's a really, really good idea. Patch below.
Thanks ;)

>> Data that I would like to see logged is the utime information of child
>> processes - how much user/sys time the processes took, memory usage,
>> and some more.
> Well, there's two plausible places where this could be logged:
> 1) At shell/command termination. This would be a little divorced from 
> its
>    context however, because we don't log any commands for privacy 
> reasons.
> 2) At connection termination; this would roll up all stats for 
> multiplexed
>    sessions as you observe.

No, that's too late for my use case.

A ControlMaster might be active for multiple days, weeks, or (hopefully)
even months ;)
At least until the next update, that is.

For multiplexed connections every one of them needs to be logged
separately - I understand that the command isn't logged, but if the PID
is included then the command itself (which probably is just a script)
can log its PID, the audit log can be used, or (in the worst case)
SystemTap or some similar stuff can be used.

Mostly, "resources spent per user" would be interesting.

More information about the openssh-unix-dev mailing list