TL;DR

The key sever now collects metrics on publish requests and has an API for retrieval of that information

• google/exposure-notifications-server#1259

Design

Proposal

• This must be opt-in (default off). There must be a disclaimer that this should be covered in the privacy policy for the PHAs app in terms of operational metrics that may be collected sever side and displayed in aggregate only, not tied to any individual.

• New setting for the key server audience value and key sever to retrieve from. These should be system level setting w/ realm level override available (only needed in some scenarios)

• New periodic job to update stats for all realms that have this enabled. Once an hour, all enabled realms should mint the appropriate JWT (using the active verification certificate key) and call the /v1/stats API on the key server. Any data retrieved should replace what is in local storage. The verification server is however free to retain data longer (up to 30d).

• Display of the new information to PHA authorized users

  • total number of publish request should be graphed w/ codes issued and claimed
  • histogram of oldest tek
  • histogram of onset to upload

/assign @sethvargo

I'm going to call this done. We may have specific updates/tweaks to make, new stats to add, etc, but it will be easier to track those under more specific issues.

/close

@whaught: Closing this issue.