Monitoring Privacy And Security¶

Swarm Hosts monitoring is designed to keep detailed metric history on the machine that produced it.

Data Locality¶

Raw historical metrics stay on the swarm host. Live samples are sent to the authorized browser session from the swarm host monitor gateway. The control plane may store monitor session metadata, WebRTC signaling state, low-rate health summaries, and alert summaries, but it does not store raw time-series samples or chart payloads.

Access Control¶

Monitor sessions are short-lived and scoped to the swarm host, deployment, user permission, and requested metric allowlist. Deployment and swarm host sharing rules still apply: users can only view monitoring data for resources they are allowed to inspect.

Network Exposure¶

You should not expose the local collectors or metrics database to the public internet. In normal operation, browsers use the monitor gateway, and the gateway validates the session before serving metric queries.

Do not port-forward VictoriaMetrics, cAdvisor, node-exporter, or Docker metrics collector ports. The monitor gateway is the browser-facing entry point.

Metric Labels¶

Metric labels must stay low-cardinality and avoid personal or secret values. Custom game exporters must not use these as labels:

player IDs
IP addresses
session IDs
usernames
email addresses
request IDs
tokens

Keeping labels stable protects privacy and prevents high-cardinality metrics from overwhelming the local metrics store.

Keys	Action
`?`	Open this help
`n`	Next page
`p`	Previous page
`s`	Search