add some basic prometheus node exporter textfile collector scripts

author: Christian Pointner <equinox@spreadspace.org> 2021-09-24 00:57:01 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2021-09-24 00:57:01 +0200
commit: 6320da1262c1f44ac773c6b6578a59ba286ce973 (patch)
tree: 45cdb61f249f502727fd500d7c4760cae9a46133 /roles/monitoring/prometheus/exporter/node/files/deleted-libraries
parent: add some more prometheus rules for blackbox exporter (diff)
1 files changed, 75 insertions, 0 deletions
diff --git a/roles/monitoring/prometheus/exporter/node/files/deleted-libraries b/roles/monitoring/prometheus/exporter/node/files/deleted-libraries
new file mode 100755
index 00000000..e3e19cbd
--- /dev/null
+++ b/roles/monitoring/prometheus/exporter/node/files/deleted-libraries
@@ -0,0 +1,75 @@
+#!/usr/bin/env python3
+"""
+Script to count the number of deleted libraries that are linked by running
+processes and expose a summary as Prometheus metrics.
+
+The aim is to discover processes that are still using libraries that have since
+been updated, perhaps due security vulnerabilities.
+"""
+
+import errno
+import glob
+import os
+import sys
+
+
+def main():
+    processes_linking_deleted_libraries = {}
+
+    for path in glob.glob('/proc/*/maps'):
+        try:
+            with open(path, 'rb') as file:
+                for line in file:
+                    part = line.decode().strip().split()
+
+                    if len(part) == 7:
+                        library = part[5]
+                        comment = part[6]
+
+                        if '/lib/' in library and '(deleted)' in comment:
+                            if path not in processes_linking_deleted_libraries:
+                                processes_linking_deleted_libraries[path] = {}
+
+                                if library in processes_linking_deleted_libraries[path]:
+                                    processes_linking_deleted_libraries[path][library] += 1
+                                else:
+                                    processes_linking_deleted_libraries[path][library] = 1
+        except EnvironmentError as e:
+            # Ignore non-existent files, since the files may have changed since
+            # we globbed.
+            if e.errno != errno.ENOENT:
+                sys.exit('Failed to open file: {0}'.format(path))
+
+    num_processes_per_library = {}
+
+    for process, library_count in processes_linking_deleted_libraries.items():
+        libraries_seen = set()
+        for library, count in library_count.items():
+            if library in libraries_seen:
+                continue
+
+            libraries_seen.add(library)
+            if library in num_processes_per_library:
+                num_processes_per_library[library] += 1
+            else:
+                num_processes_per_library[library] = 1
+
+    metric_name = 'node_processes_linking_deleted_libraries'
+    description = 'Count of running processes that link a deleted library'
+    print('# HELP {0} {1}'.format(metric_name, description))
+    print('# TYPE {0} gauge'.format(metric_name))
+
+    for library, count in num_processes_per_library.items():
+        dir_path, basename = os.path.split(library)
+        basename = basename.replace('"', '\\"')
+        dir_path = dir_path.replace('"', '\\"')
+        print('{0}{{library_path="{1}", library_name="{2}"}} {3}'.format(
+            metric_name,
+            dir_path,
+            basename,
+            count)
+        )
+
+
+if __name__ == "__main__":
+    main()
author	Christian Pointner <equinox@spreadspace.org>	2021-09-24 00:57:01 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2021-09-24 00:57:01 +0200
commit	6320da1262c1f44ac773c6b6578a59ba286ce973 (patch)
tree	45cdb61f249f502727fd500d7c4760cae9a46133 /roles/monitoring/prometheus/exporter/node/files/deleted-libraries
parent	add some more prometheus rules for blackbox exporter (diff)