GET /metrics-json

GET /metrics-json gives you a live snapshot of the SAW server’s operating state without requiring authentication. Use it to monitor concurrency headroom, verify that feature flags are active, and expose SAW’s limits to an external monitoring stack.

No authentication is required. The response is always served synchronously from in-memory state, so latency is negligible.

curl https://your-saw-host/metrics-json

Example response

{
  "schema_version": "2.0.0",
  "system_name": "Multi-Agent Security Operations Assistant",
  "inflight_requests": 2,
  "limits": {
    "max_inflight": 8,
    "rate_limit_window_seconds": 60,
    "rate_limit_max_requests": 12,
    "max_request_bytes": 16384
  },
  "feature_flags": {
    "adk_advisory": true,
    "escalation": true
  }
}

Response fields

schema_version

string

required

Version of the SAW response schema. Current value is "2.0.0". Increment this when breaking changes are introduced to the response shape.

system_name

string

required

Human-readable system identifier. Always "Multi-Agent Security Operations Assistant".

inflight_requests

number

required

Number of requests currently being processed across all endpoints. When this value equals limits.max_inflight, the next request to /ingest-log, /assistant/request, or /agent-test receives a 503 response.

limits

object

required

Hard limits currently active on the server. All values are read at startup from environment variables and remain constant until the server restarts.

Hide properties

max_inflight

number

required

Maximum number of simultaneous in-flight requests. Set by ASA_MAX_INFLIGHT (default: 8). Requests beyond this limit receive a 503 overloaded error.

rate_limit_window_seconds

number

required

Rolling window in seconds used to count per-IP requests. Set by ASA_RATE_LIMIT_WINDOW_SECONDS (default: 60).

rate_limit_max_requests

number

required

Maximum number of requests a single IP may make within the rate limit window. Set by ASA_RATE_LIMIT_MAX_REQUESTS (default: 12). Exceeding this returns 429 rate_limited.

max_request_bytes

number

required

Maximum allowed request body size in bytes. Set by ASA_MAX_REQUEST_BYTES (default: 16384, or 16 KB). Requests larger than this receive a 413 payload_too_large error.

feature_flags

object

required

Runtime feature flag states. Flags are read from environment variables at startup.

Hide properties

adk_advisory

boolean

required

Whether the Google ADK advisor is enabled. When true, low- and medium-confidence triage decisions are reviewed by the ADK-powered coordinator before a final decision is returned. Controlled by ASA_ENABLE_ADK_ADVISORY (default: true).

escalation

boolean

required

Whether burst and sustained escalation detection is active. When true, repeated high-severity events from the same IP trigger an escalation override that sets the effective risk score to its maximum. Controlled by ASA_ENABLE_ESCALATION (default: true).

System

Log Ingestion

Task Management

GET /metrics-json — live system metrics

GET /metrics-json

Response fields

Build docs developers (and LLMs) love

System

Log Ingestion

Task Management

Documentation Index

​GET /metrics-json

​Response fields

Build docs developers (and LLMs) love

GET /metrics-json

Response fields