Docker Scout metrics exporter

Docker Scout exposes a metrics HTTP endpoint that lets you scrape vulnerability and policy data from Docker Scout, using Prometheus or Datadog. With this you can create your own, self-hosted Docker Scout dashboards for visualizing supply chain metrics.

👉 Metrics

The metrics endpoint exposes the following metrics:

example, by severity or package type:

          Metric                         Description                                Labels                 Type
─────────────────────────────────────────────────────────────────────────────────────────────────────────────────
scout_stream_vulnerabilities    Vulnerabilities in a stream                   streamName, severity         Gauge
scout_policy_compliant_images   Compliant images for a policy in a stream     id,displayName,streamName    Gauge
scout_policy_evaluated_images   Total images evaluated against a policy in    id,displayName,streamName    Gauge
                                a stream 

👉 Creating an access token

To export metrics from your organization, first make sure your organization is enrolled in Docker Scout. Then, create a Personal Access Token (PAT) — a secret token that allows the exporter to authenticate with the Docker Scout API.