From f974de115cbe4dea596174fe01d04072fff32f21 Mon Sep 17 00:00:00 2001 From: Hector Date: Thu, 14 Oct 2021 21:40:50 +0100 Subject: [PATCH] add new metrics for find time and max retry --- src/collector/f2b/socket.go | 28 ++++++++++++++++++++++++++++ src/socket/fail2banSocket.go | 36 ++++++++++++++++++++++++++---------- src/socket/protocol.go | 2 ++ 3 files changed, 56 insertions(+), 10 deletions(-) diff --git a/src/collector/f2b/socket.go b/src/collector/f2b/socket.go index 40764b3..7dadd95 100644 --- a/src/collector/f2b/socket.go +++ b/src/collector/f2b/socket.go @@ -51,6 +51,16 @@ var ( "How long an IP is banned for in this jail (in seconds)", []string{"jail"}, nil, ) + metricJailFindTime = prometheus.NewDesc( + prometheus.BuildFQName(namespace, "config", "jail_find_time"), + "How far back will the filter look for failures in this jail (in seconds)", + []string{"jail"}, nil, + ) + metricJailMaxRetry = prometheus.NewDesc( + prometheus.BuildFQName(namespace, "config", "jail_max_retries"), + "The number of failures allowed until the IP is banned by this jail", + []string{"jail"}, nil, + ) metricVersionInfo = prometheus.NewDesc( prometheus.BuildFQName(namespace, "", "version"), "Version of the exporter and fail2ban server", @@ -139,6 +149,24 @@ func (c *Collector) collectJailConfigMetrics(ch chan<- prometheus.Metric, s *soc metricJailBanTime, prometheus.GaugeValue, float64(banTime), jail, ) } + findTime, err := s.GetJailFindTime(jail) + if err != nil { + c.socketRequestErrorCount++ + log.Printf("failed to get find time for jail %s: %v", jail, err) + } else { + ch <- prometheus.MustNewConstMetric( + metricJailFindTime, prometheus.GaugeValue, float64(findTime), jail, + ) + } + maxRetry, err := s.GetJailMaxRetries(jail) + if err != nil { + c.socketRequestErrorCount++ + log.Printf("failed to get max retries for jail %s: %v", jail, err) + } else { + ch <- prometheus.MustNewConstMetric( + metricJailMaxRetry, prometheus.GaugeValue, float64(maxRetry), jail, + ) + } } func (c *Collector) collectVersionMetric(ch chan<- prometheus.Metric, s *socket.Fail2BanSocket) { diff --git a/src/socket/fail2banSocket.go b/src/socket/fail2banSocket.go index d51321a..0288dd9 100644 --- a/src/socket/fail2banSocket.go +++ b/src/socket/fail2banSocket.go @@ -120,17 +120,17 @@ func (s *Fail2BanSocket) GetJailStats(jail string) (JailStats, error) { func (s *Fail2BanSocket) GetJailBanTime(jail string) (int, error) { command := fmt.Sprintf(banTimeCommandFmt, jail) - response, err := s.sendCommand(strings.Split(command, " ")) - if err != nil { - return -1, err - } + return s.sendSimpleIntCommand(command) +} - if lvl1, ok := response.(*types.Tuple); ok { - if banTime, ok := lvl1.Get(1).(int); ok { - return banTime, nil - } - } - return -1, newBadFormatError(command, response) +func (s *Fail2BanSocket) GetJailFindTime(jail string) (int, error) { + command := fmt.Sprintf(findTimeCommandFmt, jail) + return s.sendSimpleIntCommand(command) +} + +func (s *Fail2BanSocket) GetJailMaxRetries(jail string) (int, error) { + command := fmt.Sprintf(maxRetriesCommandFmt, jail) + return s.sendSimpleIntCommand(command) } func (s *Fail2BanSocket) GetServerVersion() (string, error) { @@ -147,6 +147,22 @@ func (s *Fail2BanSocket) GetServerVersion() (string, error) { return "", newBadFormatError(versionCommand, response) } +// sendSimpleIntCommand sends a command to the fail2ban socket and parses the response to extract an int. +// This command assumes that the response data is in the format of `(d, d)` where `d` is a number. +func (s *Fail2BanSocket) sendSimpleIntCommand(command string) (int, error) { + response, err := s.sendCommand(strings.Split(command, " ")) + if err != nil { + return -1, err + } + + if lvl1, ok := response.(*types.Tuple); ok { + if banTime, ok := lvl1.Get(1).(int); ok { + return banTime, nil + } + } + return -1, newBadFormatError(command, response) +} + func newBadFormatError(command string, data interface{}) error { return fmt.Errorf("(%s) unexpected response format - cannot parse: %v", command, data) } diff --git a/src/socket/protocol.go b/src/socket/protocol.go index 68ca5a8..54d3b6e 100644 --- a/src/socket/protocol.go +++ b/src/socket/protocol.go @@ -13,6 +13,8 @@ const ( statusCommand = "status" versionCommand = "version" banTimeCommandFmt = "get %s bantime" + findTimeCommandFmt = "get %s findtime" + maxRetriesCommandFmt = "get %s maxretry" socketReadBufferSize = 1024 )