Metrics data deletion
The metrics data for the graphs of the Dashboard are published by ADS to ASM, and stored in an instance of InfluxDB running within ASM.
If needed, the metrics data for a given time range can be deleted from the InfluxDB database.
Deleting metrics data from InfluxDB
To be able to delete metrics data, an OIDC client must exist in Keycloak that will serve the Client Credential flow.
The client created for ADS can be used for this. If you want to create a new client for the particular purpose of metrics data deletion, you need to follow only Step 1 of the instructions in the Appendix: Configuring Keycloak clients for ADS and give a "Client ID" of your choice.
- Find the Client Secret from the Credentials tab of the Keycloak client. Using the Client ID and the Client Secret, you must make a request to retrieve a token. Below is an example of a request using curl.
curl --location --request POST 'https://localhost/auth/realms/asm/protocol/openid-connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=Your_Client_ID' \
--data-urlencode 'client_secret=Your_Client_Secret' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=openid'
A response is returned containing an access token.
- Using this access token as an Authorization Bearer token, you can make a request to delete the metrics data for a specific time range. Below is a sample request:
curl --location --request POST 'https://localhost/metrics/delete' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer Your_Access_Token' \
--data-raw '{
"start": "2022-05-10T01:00:00Z",
"stop": "2022-05-10T23:00:00Z"
}'
start: earliest point in time from which to delete data
stop: latest point in time from which to delete data
The start and stop parameters must follow the RFC 3339 format.
Note: If a self-signed certificate is used in ASM, the
-kparameter should be used in the curl command.