https://github.com/casbin/casbin-prometheus-logger
Casbin Prometheus logger
https://github.com/casbin/casbin-prometheus-logger
abac acl auth authorization authz casbin log logger logging prometheus rbac
Last synced: 5 months ago
JSON representation
Casbin Prometheus logger
- Host: GitHub
- URL: https://github.com/casbin/casbin-prometheus-logger
- Owner: casbin
- License: apache-2.0
- Created: 2026-01-03T16:25:35.000Z (6 months ago)
- Default Branch: master
- Last Pushed: 2026-01-09T11:48:57.000Z (5 months ago)
- Last Synced: 2026-01-12T16:31:23.670Z (5 months ago)
- Topics: abac, acl, auth, authorization, authz, casbin, log, logger, logging, prometheus, rbac
- Language: Go
- Homepage: https://github.com/casbin/casbin
- Size: 7.05 MB
- Stars: 0
- Watchers: 1
- Forks: 1
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# casbin-prometheus-logger
[](https://goreportcard.com/report/github.com/casbin/casbin-prometheus-logger)
[](https://github.com/casbin/casbin-prometheus-logger/actions/workflows/ci.yml)
[](https://codecov.io/gh/casbin/casbin-prometheus-logger)
[](https://godoc.org/github.com/casbin/casbin-prometheus-logger)
[](https://github.com/casbin/casbin-prometheus-logger/releases/latest)
[](https://discord.gg/S5UjpzGZjN)
A Prometheus logger implementation for [Casbin](https://github.com/casbin/casbin), providing event-driven metrics collection for authorization events.
## Features
- **Event-Driven Logging**: Implements the Casbin Logger interface with support for event-driven logging
- **Prometheus Metrics**: Exports comprehensive metrics for Casbin operations
- **Customizable Event Types**: Filter which event types to log
- **Custom Callbacks**: Add custom processing for log entries
- **Multiple Registries**: Support for both default and custom Prometheus registries
## Metrics Exported
### Enforce Metrics
- `casbin_enforce_total` - Total number of enforce requests (labeled by `allowed`, `domain`)
- `casbin_enforce_duration_seconds` - Duration of enforce requests (labeled by `allowed`, `domain`)
### Policy Operation Metrics
- `casbin_policy_operations_total` - Total number of policy operations (labeled by `operation`, `success`)
- `casbin_policy_operations_duration_seconds` - Duration of policy operations (labeled by `operation`)
- `casbin_policy_rules_count` - Number of policy rules affected by operations (labeled by `operation`)
## Installation
```bash
go get github.com/casbin/casbin-prometheus-logger
```
## Usage
### Basic Usage
```go
package main
import (
"net/http"
prometheuslogger "github.com/casbin/casbin-prometheus-logger"
"github.com/prometheus/client_golang/prometheus"
"github.com/prometheus/client_golang/prometheus/promhttp"
)
func main() {
// Create logger with default Prometheus registry
logger := prometheuslogger.NewPrometheusLogger()
defer logger.Unregister()
// Or create with custom registry
registry := prometheus.NewRegistry()
logger := prometheuslogger.NewPrometheusLoggerWithRegistry(registry)
defer logger.UnregisterFrom(registry)
// Use with Casbin
// enforcer.SetLogger(logger)
// Expose metrics endpoint
http.Handle("/metrics", promhttp.Handler())
http.ListenAndServe(":8080", nil)
}
```
### Configure Event Types
```go
// Only log specific event types
logger.SetEventTypes([]prometheuslogger.EventType{
prometheuslogger.EventEnforce,
prometheuslogger.EventAddPolicy,
})
```
### Add Custom Callback
```go
// Add custom processing for log entries
logger.SetLogCallback(func(entry *prometheuslogger.LogEntry) error {
fmt.Printf("Event: %s, Duration: %v\n", entry.EventType, entry.Duration)
return nil
})
```
## Event Types
The logger supports the following event types:
- `EventEnforce` - Authorization enforcement requests
- `EventAddPolicy` - Policy addition operations
- `EventRemovePolicy` - Policy removal operations
- `EventLoadPolicy` - Policy loading operations
- `EventSavePolicy` - Policy saving operations
## Prometheus + Grafana Setup
This section guides you through setting up Prometheus and Grafana to visualize Casbin metrics.
### 1. Install and Configure Prometheus
1. **Install Prometheus**: Follow the official guide at https://prometheus.io/docs/introduction/first_steps/
2. **Configure Prometheus** to scrape metrics from your application. Edit your `prometheus.yml` configuration file and add a new job under `scrape_configs`:
```yaml
scrape_configs:
- job_name: "casbin-prometheus-logger"
static_configs:
- targets: ["localhost:8080"]
```
Replace `localhost:8080` with the actual address where your application exposes the `/metrics` endpoint.
3. **Start Prometheus** and verify it's scraping metrics by visiting `http://localhost:9090/targets` in your browser.
### 2. Install Grafana
Follow the official Grafana installation guide at https://grafana.com/docs/grafana/latest/setup-grafana/installation/ for your platform. After installation, access Grafana via your browser (default: `http://localhost:3000`) and log in with the default credentials (admin/admin).
### 3. Configure Grafana Data Source
1. In Grafana, navigate to **Connections** → **Data Sources**
2. Click **Add data source**
3. Select **Prometheus**
4. Set the URL to your Prometheus endpoint (e.g., `http://localhost:9090`)
5. Click **Save & Test** to verify the connection
### 4. Import Casbin Dashboard
A pre-built Grafana dashboard is available for visualizing Casbin metrics. You can import the dashboard JSON file from [grafana-dashboard.json](grafana-dashboard.json).
**To import the dashboard:**
1. In Grafana, go to **Dashboards** → **Import**
2. Upload the `grafana-dashboard.json` file or paste its contents
3. Select the Prometheus data source you configured in the previous step
4. Click **Import**
### Dashboard Panels
The dashboard includes the following panels organized into two sections:
#### Enforce Metrics
- **Total Enforce Rate** - Overall rate of enforce requests per second
- **Enforce Rate Detail (History)** - Historical view broken down by allowed/denied status and domain
- **Enforce Duration (Latency Distribution)** - Histogram showing p50, p90, p95, and p99 latencies
- **Enforce Duration by Status and Domain** - Average duration broken down by status and domain
#### Policy Metrics
- **Policy Operation Rate** - Current rate of policy operations (Add/Save/Load/Remove)
- **Policy Operations (Success/Failure)** - Pie chart showing success vs failure distribution
- **Policy Operation Rate History** - Historical view of policy operations activity
- **Policy Rules Affected History** - Trend of the number of policy rules affected over time
- **Policy Operation Duration (Latency Distribution)** - Histogram showing p50, p90, and p99 latencies for policy operations
- **Policy Operation Average Duration** - Average duration by operation type
## Example
See the [examples/basic](examples/basic/main.go) directory for a complete working example.
To run the example:
```bash
cd examples/basic
go run main.go
```
Then visit http://localhost:8080/metrics to see the exported metrics.
## Long-Running Test
A long-running test simulates RBAC, ABAC, and ReBAC authorization patterns for testing with Prometheus and Grafana.
**Note**: This test is excluded from normal CI runs to avoid timeouts. It must be run manually with the `longrunning` build tag.
### Usage
```bash
go test -v -tags longrunning -run TestLongRunning -timeout 0
```
The test generates ~50-150 requests/second and exposes metrics on `http://localhost:8080/metrics`. Press Ctrl+C to stop.
### Integration with Prometheus/Grafana
1. Start the test
2. Configure Prometheus to scrape `localhost:8080/metrics`
3. Import the Grafana dashboard from `grafana-dashboard.json`
## License
This project is licensed under the Apache 2.0 License - see the [LICENSE](LICENSE) file for details.
## Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
## Related Projects
- [Casbin](https://github.com/casbin/casbin) - An authorization library that supports access control models
- [Prometheus](https://prometheus.io/) - Monitoring system and time series database