Grafana Dashboards

Tayra ships pre-built Grafana dashboard templates and Prometheus alerting rules in the dashboards/ directory. Zero code required -- just import into Grafana and connect to your Prometheus data source.

Dashboard Panels

The Tayra dashboard is organized into five rows, each focusing on a different operational area.

Overview

High-level counters and gauges for at-a-glance health monitoring:

Panel	Type	Metric(s)
Total Encryptions	Stat	tayra_encrypt_count_total
Total Decryptions	Stat	tayra_decrypt_count_total
Cache Hit Ratio	Gauge	tayra_cache_hits_total / (tayra_cache_hits_total + tayra_cache_misses_total)
Keys Created	Stat	tayra_keys_created_total
Keys Deleted	Stat	tayra_keys_deleted_total
Keys Expired	Stat	tayra_keys_expired_total

Throughput

Time series panels for encryption and decryption performance:

Panel	Type	Metric(s)
Encrypt/Decrypt Rate	Time series	rate(tayra_encrypt_count_total[5m]), rate(tayra_decrypt_count_total[5m])
Encrypt Latency Percentiles	Time series	tayra_encrypt_duration p50, p95, p99
Decrypt Latency Percentiles	Time series	tayra_decrypt_duration p50, p95, p99

Key Store

Key store operation latency and cache effectiveness:

Panel	Type	Metric(s)
Key Store Latency Percentiles	Time series	tayra_keystore_duration p50, p95, p99
Cache Hits vs Misses	Time series	rate(tayra_cache_hits_total[5m]), rate(tayra_cache_misses_total[5m])

Key Lifecycle

Key management events over time:

Panel	Type	Metric(s)
Key Creation Events	Time series	rate(tayra_keys_created_total[5m])
Key Deletion Events	Time series	rate(tayra_keys_deleted_total[5m])
Key Expiry Events	Time series	rate(tayra_keys_expired_total[5m])
Cache Hit Ratio Trend	Time series	tayra_cache_hits_total / (tayra_cache_hits_total + tayra_cache_misses_total)

GDPR Compliance

Panels tracking GDPR-related operations:

Panel	Type	Metric(s)
Access Reports Generated	Stat / Time series	tayra_access_reports_total
Breach Assessments	Stat / Time series	tayra_breach_assessments_total
Migration Rows Encrypted	Stat / Time series	tayra_migration_rows_encrypted_total
Blind Indexes Recomputed	Stat / Time series	tayra_blind_index_recomputed_total

Installation

1. Export Tayra Metrics to Prometheus

Configure the OpenTelemetry SDK to export Tayra metrics to Prometheus:

using OpenTelemetry.Metrics;

builder.Services.AddOpenTelemetry()
    .WithMetrics(metrics => metrics
        .AddMeter("Tayra")
        .AddPrometheusExporter());

// Expose the /metrics endpoint for Prometheus scraping
app.MapPrometheusScrapingEndpoint();

Alternatively, use the OTLP exporter to push metrics to a Prometheus-compatible backend (e.g., Grafana Mimir, Thanos):

builder.Services.AddOpenTelemetry()
    .WithMetrics(metrics => metrics
        .AddMeter("Tayra")
        .AddOtlpExporter());

2. Import the Dashboard

1. Open your Grafana instance
2. Navigate to Dashboards > Import
3. Click Upload JSON file and select dashboards/grafana/tayra-dashboard.json
4. Select your Prometheus data source from the dropdown
5. Click Import

The dashboard will appear with all five rows of panels pre-configured.

3. Verify Data

After importing, confirm that metrics are flowing by checking the Overview row. The stat panels should show non-zero values once your application has processed some encryption or decryption operations.

Prometheus Alerting Rules

Tayra includes a set of production-ready alerting rules at dashboards/prometheus/tayra-alerting-rules.yml. Copy or include this file in your Prometheus configuration.

Alert Definitions

Alert	Severity	Condition	Description
TayraHighEncryptionErrorRate	critical	Error rate > 5% for 5 minutes	A significant percentage of encryption operations are failing. Investigate key store connectivity and key availability.
TayraKeyStoreLatencyWarning	warning	p95 latency > 200ms	Key store operations are slower than expected. Check database connection pooling and network latency.
TayraKeyStoreLatencyCritical	critical	p99 latency > 1000ms	Key store operations are critically slow. Immediate investigation required.
TayraLowCacheHitRatioWarning	warning	Cache hit ratio < 80%	Cache effectiveness is degraded. Consider increasing KeyCacheDuration in TayraOptions.
TayraLowCacheHitRatioCritical	critical	Cache hit ratio < 50%	Cache is severely underperforming. Check for high key churn or misconfigured cache settings.
TayraHighKeyExpiryRate	warning	Key expiry rate unusually high	An unexpected number of keys are expiring. Review retention policies and TTL settings.
TayraKeyDeletionSpike	warning	Key deletion rate spike detected	A sudden increase in key deletions may indicate a bulk crypto-shredding operation or an incident.
TayraBreachAssessmentTriggered	critical	tayra_breach_assessments_total increases	A breach impact assessment has been triggered. Follow your incident response procedure.

Installing Alerting Rules

Add the alerting rules file to your Prometheus configuration:

# prometheus.yml
rule_files:
  - "dashboards/prometheus/tayra-alerting-rules.yml"

Then reload Prometheus:

# Send SIGHUP to Prometheus
kill -HUP $(pidof prometheus)

# Or use the reload endpoint (if --web.enable-lifecycle is set)
curl -X POST http://localhost:9090/-/reload

Full OpenTelemetry Setup Example

For a complete setup exporting both traces and metrics:

using OpenTelemetry.Metrics;
using OpenTelemetry.Trace;

builder.Services.AddOpenTelemetry()
    .WithTracing(tracing => tracing
        .AddSource("Tayra")
        .AddOtlpExporter())
    .WithMetrics(metrics => metrics
        .AddMeter("Tayra")
        .AddPrometheusExporter());

// Expose the Prometheus scrape endpoint
app.MapPrometheusScrapingEndpoint();

This configuration:

• Exports distributed traces via OTLP (for Jaeger, Grafana Tempo, etc.)
• Exposes a /metrics endpoint for Prometheus to scrape
• Feeds all the data needed by the Tayra Grafana dashboard and alerting rules

See Also

• Observability -- Metrics and tracing reference
• Health Checks -- Key store connectivity monitoring
• Configuration -- Cache duration and key size options