diff --git a/vault/core.go b/vault/core.go
index 98c0241d9d..2a24d86b4d 100644
--- a/vault/core.go
+++ b/vault/core.go
@@ -784,6 +784,8 @@ func NewCore(conf *CoreConfig) (*Core, error) {
 	c.rawConfig.Store(conf.RawConfig)
 
 	atomic.StoreUint32(c.sealed, 1)
+	c.metricSink.SetGaugeWithLabels([]string{"core", "unsealed"}, 0, nil)
+
 	c.allLoggers = append(c.allLoggers, c.logger)
 
 	c.router.logger = c.logger.Named("router")
@@ -1503,6 +1505,7 @@ func (c *Core) unsealInternal(ctx context.Context, masterKey []byte) (bool, erro
 
 	// Success!
 	atomic.StoreUint32(c.sealed, 0)
+	c.metricSink.SetGaugeWithLabels([]string{"core", "unsealed"}, 1, nil)
 
 	if c.logger.IsInfo() {
 		c.logger.Info("vault is unsealed")
@@ -1716,6 +1719,7 @@ func (c *Core) sealInternalWithOptions(grabStateLock, keepHALock, shutdownRaft b
 	if swapped := atomic.CompareAndSwapUint32(c.sealed, 0, 1); !swapped {
 		return nil
 	}
+	c.metricSink.SetGaugeWithLabels([]string{"core", "unsealed"}, 0, nil)
 
 	c.logger.Info("marked as sealed")
 
@@ -2096,6 +2100,13 @@ func (c *Core) emitMetrics(stopCh chan struct{}) {
 			if c.expiration != nil {
 				c.expiration.emitMetrics()
 			}
+			//Refresh the sealed gauge
+			if c.Sealed() {
+				c.metricSink.SetGaugeWithLabels([]string{"core", "unsealed"}, 0, nil)
+			} else {
+				c.metricSink.SetGaugeWithLabels([]string{"core", "unsealed"}, 1, nil)
+			}
+
 			c.metricsMutex.Unlock()
 
 		case <-writeTimer: