Spring Boot Actuator

The actuator is mainly used to expose operational information about the running application — health, metrics, info, dump, env, etc. It uses HTTP endpoints or JMX beans to enable us to interact with it. Once this dependency is on the classpath, several endpoints are available for us out of the box.

The main benefit of this library is that we can get production-grade tools without having to actually implement these features ourselves.

Predefined Endpoints In Actuator

some endpoints have been added, some removed and some have been restructured in later versions

  • /auditevents lists security audit-related events such as user login/logout. Also, we can filter by principal or type among other fields.
  • /beans returns all available beans in our BeanFactory. Unlike /auditevents, it doesn’t support filtering.
  • /conditions, formerly known as /autoconfig, builds a report of conditions around autoconfiguration.
  • /configprops allows us to fetch all @ConfigurationProperties
  • /env returns the current environment properties. Additionally, we can retrieve single properties.
  • /flyway provides details about our Flyway database migrations.
  • /health summarizes the health status of our application.
  • /heapdump builds and returns a heap dump from the JVM used by our application.
  • /info returns general information. It might be custom data, build information or details about the latest commit.
  • /liquibase behaves like /flyway but for Liquibase.
  • /logfile returns ordinary application logs.
  • /loggers enables us to query and modify the logging level of our application.
  • /metrics details metrics of our application. This might include generic metrics as well as custom ones.
  • /prometheus returns metrics like the previous one, but formatted to work with a Prometheus server.
  • /scheduledtasks provide details about every scheduled task within our application.
  • /sessions lists HTTP sessions given we are using Spring Session.
  • /shutdown performs a graceful shutdown of the application.
  • /threaddump dumps the thread information of the underlying JVM.


Unlike in previous versions, Actuator comes with most endpoints disabled.

Thus, the only two available by default are /health and /info.

If we want to enable all of them, we could set management.endpoints.web.exposure.include=*.

Alternatively, we can list endpoints that should be enabled.

Actuator now shares the security config with the regular App security rules, so the security model is dramatically simplified.

Therefore, to tweak Actuator security rules, we could just add an entry for /actuator/**. To understand this refer the code snippet below


public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {

    return http.authorizeExchange()




Creating a New Endpoint

In addition to using the existing endpoints provided by Spring Boot, we can also create an entirely new one.

How to Create a New Endpoint

First, we need to have the new endpoint implement the Endpoint<T> interface. As shown in the code below:



public class CustomCreatedEndpoint implements Endpoint<List<String>> {



    public String getId() {

        return "customEndpoint";




    public boolean isEnabled() {

        return true;




    public boolean isSensitive() {

        return true;




    public List<String> invoke() {

        // Custom logic to build the output

        List<String> messages = new ArrayList<String>();

        messages.add("This is message 1");

        messages.add("This is message 2");

        return messages;



In order to access this new endpoint, its id is used to map it. In other words, we could exercise it by hitting /customCreatedEndpoint.


How To Enable Springboot Actuator:

To enable Spring Boot Actuator, we just need to add the spring-boot-actuator dependency to our package manager.

In Maven:





Leave a Reply