Metrics Allow-List

The Metrics Allow-List is a security feature that controls access to the /metrics endpoint, which provides Prometheus-compatible monitoring metrics for Syncplify Server!'s Web/REST service.

Configuration

• Specify IP addresses or CIDR networks that are permitted to access the metrics endpoint
• Only listed IP addresses/networks can retrieve monitoring metrics
• Helps prevent unauthorized access to system performance data

Example Configurations

192.168.1.100
10.0.0.0/24

IMPORTANT

Carefully configure this list to ensure that only trusted monitoring systems and network segments can access your server's metrics endpoint. Leaving this list too open can expose sensitive system performance information.

Best Practices

• Include only IP addresses of your monitoring infrastructure
• Use CIDR notation for broader network access when necessary
• Regularly review and update the allow-list
• Combine with other security measures like firewall rules