Telemetry
This document explains what telemetry is collected by the Machine ID
tbot
agent, why we want to collect this telemetry and, how to opt in or out.
Why?
Machine ID is an emerging part of the Teleport product and it's helpful for us to be able to identify the kinds of use-cases people have. This allows us to prioritise more common usages. Whilst we try to collect this sort of information by talking to users directly, having a more general overview of the product in the wild helps us make even more informed decisions and avoid our decisions being solely influenced by a select few users.
Anonymous telemetry
Anonymous telemetry is currently the only mode supported by
tbot. This means
that the collected data does not include anything which identifies:
- the specific machine
tbotis running on
- the cluster
tbotis connecting to
- the hosts, applications, databases and Kubernetes clusters
tbotconnects to
- the user that has configured
tbot
If we introduce further events to Machine ID's anonymous telemetry in future, we will abide by the above guidelines and ensure that changes are explicitly included in changelogs where new information is gathered.
Whilst we do not collect data which uniquely identifies the specific machine
tbot is running on, we may collect general information about the architecture
and operating system installed on the machine.
We do not assign a unique ID that identifies your
tbot installation across
multiple starts. This means it is not possible for us to determine how long
tbot has been installed on a machine or track changes made to a
tbot
configuration on a specific host over time.
We do assign a unique ID that identifies events that originate from a single
tbot start (you may hear this be referred to as a "session"). This allows
us to tie together multiple events and determine how long they occur after
tbot has started.
Opt-out/opt-in
Anonymous telemetry in
tbot is strictly opt-in.
To opt in to this telemetry, set the opt-in environment variable to
1:
export TELEPORT_ANONYMOUS_TELEMETRY=1
tbot start ...
You can use the same environment variable to explicitly opt-out of this
telemetry by setting the value to
0:
export TELEPORT_ANONYMOUS_TELEMETRY=0
tbot start ...
If this environment variable is not configured,
tbot defaults to not
collecting anonymous telemetry.
Events
Anonymous telemetry currently submits a single event on the start of
tbot.
This event is called
tbot.start and contains the following attributes:
tbot.run_mode: one of [
one-shot,
daemon] depending on if
tbothas been invoked with
--oneshot
tbot.version: the running version of
tbot
tbot.join_type: the join method type that has been configured (such as
tokenor
github)
tbot.helper: the name of the helper that has started
tbotif one has been used. For example:
gha:teleport-actions/auth
tbot.helper_version: the version of the helper that has started
tbotif one has been used
tbot.destinations_other: a count of destinations configured that are not associated with the Database Service, Kubernetes Service or Application Service
tbot.destinations_database: a count of Database Service destinations configured
tbot.destinations_kubernetes: a count of Kubernetes Service destinations configured
tbot.destinations_application: a count of Application Service destinations configured