2021-12-18 18:01:29 +00:00
|
|
|
//go:build windows
|
2019-08-20 12:10:57 +00:00
|
|
|
// +build windows
|
|
|
|
|
|
|
|
package collector
|
|
|
|
|
|
|
|
import (
|
|
|
|
"errors"
|
|
|
|
|
2023-04-22 10:17:51 +00:00
|
|
|
"github.com/go-kit/log"
|
|
|
|
"github.com/go-kit/log/level"
|
2019-08-20 12:10:57 +00:00
|
|
|
"github.com/prometheus/client_golang/prometheus"
|
2023-03-12 00:27:31 +00:00
|
|
|
"github.com/yusufpapurcu/wmi"
|
2019-08-20 12:10:57 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// A LogonCollector is a Prometheus collector for WMI metrics
|
|
|
|
type LogonCollector struct {
|
2023-04-22 10:17:51 +00:00
|
|
|
logger log.Logger
|
2019-08-20 12:10:57 +00:00
|
|
|
LogonType *prometheus.Desc
|
|
|
|
}
|
|
|
|
|
2022-12-21 05:44:29 +00:00
|
|
|
// newLogonCollector ...
|
2023-04-22 10:17:51 +00:00
|
|
|
func newLogonCollector(logger log.Logger) (Collector, error) {
|
2019-08-20 12:10:57 +00:00
|
|
|
const subsystem = "logon"
|
|
|
|
|
|
|
|
return &LogonCollector{
|
2023-04-22 10:17:51 +00:00
|
|
|
logger: log.With(logger, "collector", subsystem),
|
|
|
|
|
2019-08-20 12:10:57 +00:00
|
|
|
LogonType: prometheus.NewDesc(
|
|
|
|
prometheus.BuildFQName(Namespace, subsystem, "logon_type"),
|
|
|
|
"Number of active logon sessions (LogonSession.LogonType)",
|
|
|
|
[]string{"status"},
|
|
|
|
nil,
|
|
|
|
),
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Collect sends the metric values for each metric
|
|
|
|
// to the provided prometheus Metric channel.
|
|
|
|
func (c *LogonCollector) Collect(ctx *ScrapeContext, ch chan<- prometheus.Metric) error {
|
|
|
|
if desc, err := c.collect(ch); err != nil {
|
2023-06-08 00:29:50 +00:00
|
|
|
_ = level.Error(c.logger).Log("failed collecting user metrics", "desc", desc, "err", err)
|
2019-08-20 12:10:57 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Win32_LogonSession docs:
|
|
|
|
// - https://docs.microsoft.com/en-us/windows/win32/cimwin32prov/win32-logonsession
|
|
|
|
type Win32_LogonSession struct {
|
|
|
|
LogonType uint32
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *LogonCollector) collect(ch chan<- prometheus.Metric) (*prometheus.Desc, error) {
|
|
|
|
var dst []Win32_LogonSession
|
2023-04-22 10:17:51 +00:00
|
|
|
q := queryAll(&dst, c.logger)
|
2019-08-20 12:10:57 +00:00
|
|
|
if err := wmi.Query(q, &dst); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if len(dst) == 0 {
|
|
|
|
return nil, errors.New("WMI query returned empty result set")
|
|
|
|
}
|
|
|
|
|
|
|
|
// Init counters
|
|
|
|
system := 0
|
|
|
|
interactive := 0
|
|
|
|
network := 0
|
|
|
|
batch := 0
|
|
|
|
service := 0
|
|
|
|
proxy := 0
|
|
|
|
unlock := 0
|
|
|
|
networkcleartext := 0
|
|
|
|
newcredentials := 0
|
|
|
|
remoteinteractive := 0
|
|
|
|
cachedinteractive := 0
|
|
|
|
cachedremoteinteractive := 0
|
|
|
|
cachedunlock := 0
|
|
|
|
|
|
|
|
for _, entry := range dst {
|
|
|
|
switch entry.LogonType {
|
|
|
|
case 0:
|
|
|
|
system++
|
|
|
|
case 2:
|
|
|
|
interactive++
|
|
|
|
case 3:
|
|
|
|
network++
|
|
|
|
case 4:
|
|
|
|
batch++
|
|
|
|
case 5:
|
|
|
|
service++
|
|
|
|
case 6:
|
|
|
|
proxy++
|
|
|
|
case 7:
|
|
|
|
unlock++
|
|
|
|
case 8:
|
|
|
|
networkcleartext++
|
|
|
|
case 9:
|
|
|
|
newcredentials++
|
|
|
|
case 10:
|
|
|
|
remoteinteractive++
|
|
|
|
case 11:
|
|
|
|
cachedinteractive++
|
|
|
|
case 12:
|
|
|
|
cachedremoteinteractive++
|
|
|
|
case 13:
|
|
|
|
cachedunlock++
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
ch <- prometheus.MustNewConstMetric(
|
|
|
|
c.LogonType,
|
|
|
|
prometheus.GaugeValue,
|
|
|
|
float64(system),
|
|
|
|
"system",
|
|
|
|
)
|
|
|
|
|
|
|
|
ch <- prometheus.MustNewConstMetric(
|
|
|
|
c.LogonType,
|
|
|
|
prometheus.GaugeValue,
|
|
|
|
float64(interactive),
|
|
|
|
"interactive",
|
|
|
|
)
|
|
|
|
|
|
|
|
ch <- prometheus.MustNewConstMetric(
|
|
|
|
c.LogonType,
|
|
|
|
prometheus.GaugeValue,
|
|
|
|
float64(network),
|
|
|
|
"network",
|
|
|
|
)
|
|
|
|
|
|
|
|
ch <- prometheus.MustNewConstMetric(
|
|
|
|
c.LogonType,
|
|
|
|
prometheus.GaugeValue,
|
|
|
|
float64(batch),
|
|
|
|
"batch",
|
|
|
|
)
|
|
|
|
|
|
|
|
ch <- prometheus.MustNewConstMetric(
|
|
|
|
c.LogonType,
|
|
|
|
prometheus.GaugeValue,
|
|
|
|
float64(service),
|
|
|
|
"service",
|
|
|
|
)
|
|
|
|
|
|
|
|
ch <- prometheus.MustNewConstMetric(
|
|
|
|
c.LogonType,
|
|
|
|
prometheus.GaugeValue,
|
|
|
|
float64(proxy),
|
|
|
|
"proxy",
|
|
|
|
)
|
|
|
|
|
|
|
|
ch <- prometheus.MustNewConstMetric(
|
|
|
|
c.LogonType,
|
|
|
|
prometheus.GaugeValue,
|
|
|
|
float64(unlock),
|
|
|
|
"unlock",
|
|
|
|
)
|
|
|
|
|
|
|
|
ch <- prometheus.MustNewConstMetric(
|
|
|
|
c.LogonType,
|
|
|
|
prometheus.GaugeValue,
|
|
|
|
float64(networkcleartext),
|
|
|
|
"network_clear_text",
|
|
|
|
)
|
|
|
|
|
|
|
|
ch <- prometheus.MustNewConstMetric(
|
|
|
|
c.LogonType,
|
|
|
|
prometheus.GaugeValue,
|
|
|
|
float64(newcredentials),
|
|
|
|
"new_credentials",
|
|
|
|
)
|
|
|
|
|
|
|
|
ch <- prometheus.MustNewConstMetric(
|
|
|
|
c.LogonType,
|
|
|
|
prometheus.GaugeValue,
|
|
|
|
float64(remoteinteractive),
|
|
|
|
"remote_interactive",
|
|
|
|
)
|
|
|
|
|
|
|
|
ch <- prometheus.MustNewConstMetric(
|
|
|
|
c.LogonType,
|
|
|
|
prometheus.GaugeValue,
|
|
|
|
float64(cachedinteractive),
|
|
|
|
"cached_interactive",
|
|
|
|
)
|
|
|
|
|
|
|
|
ch <- prometheus.MustNewConstMetric(
|
|
|
|
c.LogonType,
|
|
|
|
prometheus.GaugeValue,
|
|
|
|
float64(remoteinteractive),
|
|
|
|
"cached_remote_interactive",
|
|
|
|
)
|
|
|
|
|
|
|
|
ch <- prometheus.MustNewConstMetric(
|
|
|
|
c.LogonType,
|
|
|
|
prometheus.GaugeValue,
|
|
|
|
float64(cachedunlock),
|
|
|
|
"cached_unlock",
|
|
|
|
)
|
|
|
|
return nil, nil
|
|
|
|
}
|