Teleport
Telemetry
Version preview- Older Versions
This document explains what telemetry is collected by the Machine ID tbot
agent, why we want to collect this telemetry and, how to opt in or out.
Why?
Machine ID is an emerging part of the Teleport product and it's helpful for us to be able to identify the kinds of use-cases people have. This allows us to prioritise more common usages. Whilst we try to collect this sort of information by talking to users directly, having a more general overview of the product in the wild helps us make even more informed decisions and avoid our decisions being solely influenced by a select few users.
Anonymous telemetry
Anonymous telemetry is currently the only mode supported by tbot
. This means
that the collected data does not include anything which identifies:
- the specific machine
tbot
is running on - the cluster
tbot
is connecting to - the hosts, applications, databases and Kubernetes clusters
tbot
connects to - the user that has configured
tbot
If we introduce further events to Machine ID's anonymous telemetry in future, we will abide by the above guidelines and ensure that changes are explicitly included in changelogs where new information is gathered.
Whilst we do not collect data which uniquely identifies the specific machine
tbot
is running on, we may collect general information about the architecture
and operating system installed on the machine.
We do not assign a unique ID that identifies your tbot
installation across
multiple starts. This means it is not possible for us to determine how long
tbot
has been installed on a machine or track changes made to a tbot
configuration on a specific host over time.
We do assign a unique ID that identifies events that originate from a single
tbot
start (you may hear this be referred to as a "session"). This allows
us to tie together multiple events and determine how long they occur after
tbot
has started.
Opt-out/opt-in
Anonymous telemetry in tbot
is strictly opt-in.
To opt in to this telemetry, set the opt-in environment variable to 1
:
export TELEPORT_ANONYMOUS_TELEMETRY=1
tbot start ...
You can use the same environment variable to explicitly opt-out of this
telemetry by setting the value to 0
:
export TELEPORT_ANONYMOUS_TELEMETRY=0
tbot start ...
If this environment variable is not configured, tbot
defaults to not
collecting anonymous telemetry.
Events
Anonymous telemetry currently submits a single event on the start of tbot
.
This event is called tbot.start
and contains the following attributes:
tbot.run_mode
: one of [one-shot
,daemon
] depending on iftbot
has been invoked with--oneshot
tbot.version
: the running version oftbot
tbot.join_type
: the join method type that has been configured (such astoken
orgithub
)tbot.helper
: the name of the helper that has startedtbot
if one has been used. For example:gha:teleport-actions/auth
tbot.helper_version
: the version of the helper that has startedtbot
if one has been usedtbot.destinations_other
: a count of destinations configured that are not associated with the Database Service, Kubernetes Service or Application Servicetbot.destinations_database
: a count of Database Service destinations configuredtbot.destinations_kubernetes
: a count of Kubernetes Service destinations configuredtbot.destinations_application
: a count of Application Service destinations configured