mirror of
https://github.com/prometheus/node_exporter.git
synced 2024-11-23 12:30:46 +01:00
Add selinux collector (#2205)
Add selinux collector Signed-off-by: Jonathan Davies <jpds@protonmail.com>
This commit is contained in:
parent
d64766f43d
commit
88f1811eb1
@ -120,6 +120,7 @@ powersupplyclass | Exposes Power Supply statistics from `/sys/class/power_supply
|
||||
pressure | Exposes pressure stall statistics from `/proc/pressure/`. | Linux (kernel 4.20+ and/or [CONFIG\_PSI](https://www.kernel.org/doc/html/latest/accounting/psi.html))
|
||||
rapl | Exposes various statistics from `/sys/class/powercap`. | Linux
|
||||
schedstat | Exposes task scheduler statistics from `/proc/schedstat`. | Linux
|
||||
selinux | Exposes SELinux statistics. | Linux
|
||||
sockstat | Exposes various statistics from `/proc/net/sockstat`. | Linux
|
||||
softnet | Exposes statistics from `/proc/net/softnet_stat`. | Linux
|
||||
stat | Exposes various statistics from `/proc/stat`. This includes boot time, forks and interrupts. | Linux
|
||||
|
@ -3012,6 +3012,7 @@ node_scrape_collector_success{collector="processes"} 1
|
||||
node_scrape_collector_success{collector="qdisc"} 1
|
||||
node_scrape_collector_success{collector="rapl"} 1
|
||||
node_scrape_collector_success{collector="schedstat"} 1
|
||||
node_scrape_collector_success{collector="selinux"} 1
|
||||
node_scrape_collector_success{collector="sockstat"} 1
|
||||
node_scrape_collector_success{collector="softnet"} 1
|
||||
node_scrape_collector_success{collector="stat"} 1
|
||||
@ -3025,6 +3026,9 @@ node_scrape_collector_success{collector="wifi"} 1
|
||||
node_scrape_collector_success{collector="xfs"} 1
|
||||
node_scrape_collector_success{collector="zfs"} 1
|
||||
node_scrape_collector_success{collector="zoneinfo"} 1
|
||||
# HELP node_selinux_enabled SELinux is enabled, 1 is true, 0 is false
|
||||
# TYPE node_selinux_enabled gauge
|
||||
node_selinux_enabled 0
|
||||
# HELP node_sockstat_FRAG6_inuse Number of FRAG6 sockets in state inuse.
|
||||
# TYPE node_sockstat_FRAG6_inuse gauge
|
||||
node_sockstat_FRAG6_inuse 0
|
||||
|
@ -3034,6 +3034,7 @@ node_scrape_collector_success{collector="processes"} 1
|
||||
node_scrape_collector_success{collector="qdisc"} 1
|
||||
node_scrape_collector_success{collector="rapl"} 1
|
||||
node_scrape_collector_success{collector="schedstat"} 1
|
||||
node_scrape_collector_success{collector="selinux"} 1
|
||||
node_scrape_collector_success{collector="sockstat"} 1
|
||||
node_scrape_collector_success{collector="softnet"} 1
|
||||
node_scrape_collector_success{collector="stat"} 1
|
||||
@ -3047,6 +3048,9 @@ node_scrape_collector_success{collector="wifi"} 1
|
||||
node_scrape_collector_success{collector="xfs"} 1
|
||||
node_scrape_collector_success{collector="zfs"} 1
|
||||
node_scrape_collector_success{collector="zoneinfo"} 1
|
||||
# HELP node_selinux_enabled SELinux is enabled, 1 is true, 0 is false
|
||||
# TYPE node_selinux_enabled gauge
|
||||
node_selinux_enabled 0
|
||||
# HELP node_sockstat_FRAG6_inuse Number of FRAG6 sockets in state inuse.
|
||||
# TYPE node_sockstat_FRAG6_inuse gauge
|
||||
node_sockstat_FRAG6_inuse 0
|
||||
|
78
collector/selinux_linux.go
Normal file
78
collector/selinux_linux.go
Normal file
@ -0,0 +1,78 @@
|
||||
// Copyright 2022 The Prometheus Authors
|
||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||
// you may not use this file except in compliance with the License.
|
||||
// You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing, software
|
||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
// See the License for the specific language governing permissions and
|
||||
// limitations under the License.
|
||||
|
||||
//go:build linux && !noselinux
|
||||
// +build linux,!noselinux
|
||||
|
||||
package collector
|
||||
|
||||
import (
|
||||
"github.com/go-kit/log"
|
||||
"github.com/opencontainers/selinux/go-selinux"
|
||||
"github.com/prometheus/client_golang/prometheus"
|
||||
)
|
||||
|
||||
type selinuxCollector struct {
|
||||
configMode *prometheus.Desc
|
||||
currentMode *prometheus.Desc
|
||||
enabled *prometheus.Desc
|
||||
logger log.Logger
|
||||
}
|
||||
|
||||
func init() {
|
||||
registerCollector("selinux", defaultEnabled, NewSelinuxCollector)
|
||||
}
|
||||
|
||||
// NewSelinuxCollector returns a new Collector exposing SELinux statistics.
|
||||
func NewSelinuxCollector(logger log.Logger) (Collector, error) {
|
||||
const subsystem = "selinux"
|
||||
|
||||
return &selinuxCollector{
|
||||
configMode: prometheus.NewDesc(
|
||||
prometheus.BuildFQName(namespace, subsystem, "config_mode"),
|
||||
"Configured SELinux enforcement mode",
|
||||
nil, nil,
|
||||
),
|
||||
currentMode: prometheus.NewDesc(
|
||||
prometheus.BuildFQName(namespace, subsystem, "current_mode"),
|
||||
"Current SELinux enforcement mode",
|
||||
nil, nil,
|
||||
),
|
||||
enabled: prometheus.NewDesc(
|
||||
prometheus.BuildFQName(namespace, subsystem, "enabled"),
|
||||
"SELinux is enabled, 1 is true, 0 is false",
|
||||
nil, nil,
|
||||
),
|
||||
logger: logger,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (c *selinuxCollector) Update(ch chan<- prometheus.Metric) error {
|
||||
if !selinux.GetEnabled() {
|
||||
ch <- prometheus.MustNewConstMetric(
|
||||
c.enabled, prometheus.GaugeValue, 0)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
ch <- prometheus.MustNewConstMetric(
|
||||
c.enabled, prometheus.GaugeValue, 1)
|
||||
|
||||
ch <- prometheus.MustNewConstMetric(
|
||||
c.configMode, prometheus.GaugeValue, float64(selinux.DefaultEnforceMode()))
|
||||
|
||||
ch <- prometheus.MustNewConstMetric(
|
||||
c.currentMode, prometheus.GaugeValue, float64(selinux.EnforceMode()))
|
||||
|
||||
return nil
|
||||
}
|
@ -37,6 +37,7 @@ enabled_collectors=$(cat << COLLECTORS
|
||||
qdisc
|
||||
rapl
|
||||
schedstat
|
||||
selinux
|
||||
sockstat
|
||||
stat
|
||||
thermal_zone
|
||||
|
1
go.mod
1
go.mod
@ -16,6 +16,7 @@ require (
|
||||
github.com/mattn/go-xmlrpc v0.0.3
|
||||
github.com/mdlayher/netlink v1.6.0
|
||||
github.com/mdlayher/wifi v0.0.0-20220320220353-954ff73a19a5
|
||||
github.com/opencontainers/selinux v1.10.1
|
||||
github.com/prometheus/client_golang v1.12.2
|
||||
github.com/prometheus/client_model v0.2.0
|
||||
github.com/prometheus/common v0.35.0
|
||||
|
3
go.sum
3
go.sum
@ -205,6 +205,8 @@ github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjY
|
||||
github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
|
||||
github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f h1:KUppIJq7/+SVif2QVs3tOP0zanoHgBEVAwHxUSIzRqU=
|
||||
github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
|
||||
github.com/opencontainers/selinux v1.10.1 h1:09LIPVRP3uuZGQvgR+SgMSNBd1Eb3vlRbGqQpoHsF8w=
|
||||
github.com/opencontainers/selinux v1.10.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI=
|
||||
github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
||||
@ -379,6 +381,7 @@ golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7w
|
||||
golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20190902133755-9109b7679e13/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
|
Loading…
Reference in New Issue
Block a user