Introduction to Actuator

Spring Boot Actuator gives you a backstage pass to what your app is doing, minus the velvet rope and overpriced drinks. It exposes useful endpoints for metrics, health checks, and management tasks so you can stop guessing and start observing. This guide shows how to enable Actuator, secure the endpoints, collect custom metrics, and plug into backends like Prometheus and Grafana.

Add the Actuator dependency

Start by adding the officially blessed starter to your build. This unlocks a set of ready made endpoints for metrics and health that save time and reduce the need for handcrafted status pages.

<dependency>
  <groupId>org.springframework.boot</groupId>
  <artifactId>spring-boot-starter-actuator</artifactId>
</dependency>

Expose and configure endpoints

Control what is visible through application properties. Expose only the things you actually need so you do not accidentally leak internals to the internet.

management.endpoints.web.exposure.include=health,metrics,info
management.endpoint.health.show.details=when-authorized

These keys let you pick endpoints and control how much detail the health endpoint returns. Keep the noisy ones closed in production and open only on demand.

Secure management endpoints

Leaving /actuator wide open is handy for demos and terrible for production. Protect the endpoints with Spring Security or network rules. Map actuator endpoints under /actuator and require authentication for sensitive ones such as shutdown and env.

• Use role based access for write or sensitive operations
• Prefer network level restrictions when possible for an extra safety net
• Audit access to management paths so someone cannot quietly pull your feature flags

Collect metrics and custom health checks

Micrometer is the recommended bridge between your app and monitoring systems. It provides a MeterRegistry where you can register custom meters, timers, and gauges. Implement HealthIndicator to add bespoke health checks that actually mean something to your ops team.

public class MyHealth implements HealthIndicator {
  @Override
  public Health health() {
    // run a quick check and return up or down
    return Health.up().build();
  }
}

Custom checks help surface business relevant problems, not just CPU or memory usage. Add meters for request latency, error rates, and other signals you care about.

Integrate with monitoring backends

Micrometer offers registries for Prometheus and many other systems. For Prometheus you typically add the registry dependency and let Prometheus scrape the /actuator/prometheus endpoint. In cloud or batch jobs you might use a push gateway instead.

• Prometheus works well with scraping on /actuator/prometheus
• Grafana is the usual dashboarding companion for visualizing metrics
• Choose scrape based or push based export based on your infrastructure and scale

Best practices and tips

Expose only needed endpoints in production and use role based rules for management paths. If observability budget is tight focus on request metrics, error rates, and a single meaningful custom health check. Keep sensitive endpoints behind authentication and log who did what and when.

Quick checklist

• Add spring boot starter actuator
• Pick which endpoints to expose with management settings
• Protect /actuator with Spring Security or network controls
• Use Micrometer for custom meters and a HealthIndicator for checks
• Export to Prometheus and visualize with Grafana

Follow these steps and you will gain real operational visibility, fewer surprise outages, and slightly less chaos for the team. You may even sleep better, but do not get cocky, production still has jokes to tell.