When upgrading to Spring Boot 3 we had issue in new spring security metrics exposed with Micrometer. Issue seems to be that these metrics end up having "-" in it's name. And since we are using prometheus, scraping/parsing of metrics did not work since prometheus can't have dash in it's metric name.
Exact metric that was causing the issue is "spring_security_filterchains_session_url-encoding_before_total" which is located in ObservationFilterChainDecorator.class.
Should naming of these metrics change so it can be used with prometheus?
Comment From: bclozel
Can you open this issue against Spring Security? The instrumentation code lives there. Thanks!