Product
Solutions
Enterprise
Customers
Docs
Blog
Pricing
Download
Get started
Login
© 2024

Tailscale client metrics

You can expose and collect Tailscale client metrics for use with monitoring systems such as Prometheus. These metrics provide insights into client behavior, health, and performance. Metrics are especially useful when running Tailscale server side, for example as a subnet router.

Tailscale client metrics are currently available for limited testing only. Therefore, this topic is currently hidden.

Tailscale client metrics are supported in Tailscale v1.78.0 and later.

Available metrics

The following metrics can be collected from Tailscale clients in your tailnet:

Subnet router

Use the metrics in this section to collect Tailscale client information related to subnet routes.

tailscaled_advertised_routes

  • The metric type is gauge.
  • Displays the number of routes advertised by the client.
  • Includes routes that are not approved.
  • Does not include exit nodes.

tailscaled_approved_routes

  • The metric type is gauge.
  • Displays number of advertised routes that have been approved by an administrator.

Health

Use the metrics in this section to collect Tailscale client information related to health.

tailscaled_health_messages

  • The metric type is gauge.
  • Displays the number of health messages currently reported by the Tailscale client.
  • This metric has a type label, reporting health message type. For example, warning.

More details about the health messages can be found by running tailscale status.

Throughput

Use the metrics in this section to collect Tailscale client information related to throughput.

tailscaled_inbound_packets_total

  • The metric type is counter.
  • Displays the number of packets received by the node from other peers.

tailscaled_inbound_bytes_total

  • The metric type is counter.
  • Displays the number of bytes received by the node from other peers.

tailscaled_outbound_packets_total

  • The metric type is counter.
  • Displays the number of packets sent by the device to other peers.

tailscaled_outbound_bytes_total

  • The metric type is counter.
  • Displays the number of bytes sent by the node to other peers.

All throughput metrics contain a path label, indicating the type of connection that a packet took. The path label can contain one of the following values:

  • direct_ipv4: Packets sent or received directly over IPv4.
  • direct_ipv6: Packets sent or received directly over IPv6.
  • derp: Packets sent or received through a DERP relay.

Dropped packets

Use the metrics in this section to collect Tailscale client information related to dropped packets.

tailscaled_inbound_dropped_packets_total

  • The metric type is counter.
  • Displays the number of packets dropped after being received from other peers.

tailscaled_outbound_dropped_packets_total

  • The metric type is counter.
  • Displays the number of packets dropped while being sent to other peers.

Both the tailscaled_inbound_dropped_packets_total and tailscaled_outbound_dropped_packets_total metrics contain a reason label with one of the following values:

  • acl: The reported packets dropped by Tailscale access control.
  • error: The reported packets dropped because of an error.

Collect metrics

Tailscale metrics can be collected either from the Tailscale web interface or the Tailscale CLI.

Web interface

The Tailscale web interface exposes client metrics on the conventional /metrics path.

Access metrics locally

Each client exposes metrics locally through the http://100.100.100.100/metrics URL. You can use this URL when the monitoring server (or agent) is running on the same host as the Tailscale client.

Collect metrics over Tailscale

To collect metrics over your tailnet, you must do the following:

We recommend using this method when your monitoring server is running on another machine on your Tailscale network.

Expose metrics to other networks

You can make the web interface available through another network interface on your machine by running the tailscale web command. For example, if you have a local interface with an IP address 203.0.113.5, running tailscale web --readonly --listen 203.0.113.5:8080 will make metrics accessible at http://203.0.113.5:8080/metrics.

Command line

To use metrics in a script or to inspect them in the terminal, you can run:

tailscale metrics print

Write metrics to a file

You can use the tailscale metrics write command to write metric values to a text file provided as its only argument. This can be used alongside Prometheus node exporter to allow Tailscale client metrics to be consumed and exported by the textfile collector.

For example:

tailscale metrics write /var/lib/prometheus/node-exporter/tailscaled.prom

Last updated Nov 4, 2024