From 7a38997e62b999691e44fb34fec24ebb35c0005e Mon Sep 17 00:00:00 2001 From: sabban Date: Fri, 20 Dec 2024 17:37:40 +0100 Subject: [PATCH] take care of @kka's comments --- lib/crowdsec.lua | 29 +++++-- lib/plugins/crowdsec/metrics.lua | 137 ++----------------------------- 2 files changed, 32 insertions(+), 134 deletions(-) diff --git a/lib/crowdsec.lua b/lib/crowdsec.lua index 94a0a56..16c3672 100644 --- a/lib/crowdsec.lua +++ b/lib/crowdsec.lua @@ -87,8 +87,20 @@ function csmod.init(configFile, userAgent) runtime.conf["SSL_VERIFY"] = true end - runtime.cache:set("metrics_startup_time", ngx.time()) -- to make sure we have only one thread sending metrics - runtime.cache:set("metrics_first_run",true) -- to avoid sending metrics before the first period + local succ, err, forcible = runtime.cache:set("metrics_startup_time", ngx.time()) -- to make sure we have only one thread sending metrics + if not succ then + ngx.log(ngx.ERR, "failed to add metrics_startup_time key in cache: "..err) + end + if forcible then + ngx.log(ngx.ERR, "Lua shared dict (crowdsec cache) is full, please increase dict size in config") + end + local succ, err, forcible = runtime.cache:set("metrics_first_run",true) -- to avoid sending metrics before the first period + if not succ then + ngx.log(ngx.ERR, "failed to add metrics_first_run key in cache: "..err) + end + if forcible then + ngx.log(ngx.ERR, "Lua shared dict (crowdsec cache) is full, please increase dict size in config") + end if runtime.conf["ALWAYS_SEND_TO_APPSEC"] == "false" then runtime.conf["ALWAYS_SEND_TO_APPSEC"] = false @@ -149,12 +161,12 @@ local function Setup_metrics() if not ok then error("Failed to create the timer: " .. (err or "unknown")) else - ngx.log(ngx.ERR, "Metrics timer started in " .. tostring(METRICS_PERIOD) .. " seconds") + ngx.log(ngx.DEBUG, "Metrics timer started in " .. tostring(METRICS_PERIOD) .. " seconds") end end local first_run = runtime.cache:get("metrics_first_run") if first_run then - ngx.log(ngx.INFO, "First run for setup metrics ") --debug + ngx.log(ngx.DEBUG, "First run for setup metrics ") metrics:new(runtime.userAgent) runtime.cache:set("metrics_first_run",false) Setup_metrics_timer() @@ -168,7 +180,14 @@ local function Setup_metrics() runtime.conf["SSL_VERIFY"], METRICS_PERIOD ) - runtime.cache:set("metrics_startup_time",ngx.time()) --TODO add err handling + local succ, err, forcible = runtime.cache:set("metrics_startup_time", ngx.time()) -- to make sure we have only one thread sending metrics + if not succ then + ngx.log(ngx.ERR, "failed to add metrics_startup_time key in cache: "..err) + end + if forcible then + ngx.log(ngx.ERR, "Lua shared dict (crowdsec cache) is full, please increase dict size in config") + end + -- --TODO rename the cache key Setup_metrics_timer() end diff --git a/lib/plugins/crowdsec/metrics.lua b/lib/plugins/crowdsec/metrics.lua index e17b46b..cf52b42 100644 --- a/lib/plugins/crowdsec/metrics.lua +++ b/lib/plugins/crowdsec/metrics.lua @@ -1,122 +1,3 @@ --- expected --- { --- "log_processors": null, "remediation_components": [ { --- "feature_flags": [], --- "metrics": [ --- { --- "items": [ --- { --- "labels": { --- "ip_type": "ipv4", --- "origin": "CAPI" --- }, --- "name": "active_decisions", --- "unit": "ip", --- "value": 46576 --- }, --- { --- "labels": { --- "ip_type": "ipv6", --- "origin": "CAPI" --- }, --- "name": "active_decisions", --- "unit": "ip", --- "value": 546 --- }, --- { --- "labels": { --- "ip_type": "ipv4", --- "origin": "CAPI" --- }, --- "name": "dropped", --- "unit": "byte", --- "value": 84 --- }, --- { --- "labels": { --- "ip_type": "ipv6", --- "origin": "CAPI" --- }, --- "name": "dropped", --- "unit": "byte", --- "value": 0 --- }, --- { --- "labels": { "origin": "CAPI" 20:20:39 [51/116] --- }, --- "name": "dropped", --- "unit": "byte", --- "value": 0 --- }, --- { --- "labels": { --- "ip_type": "ipv4", --- "origin": "CAPI" --- }, --- "name": "dropped", --- "unit": "packet", --- "value": 2 --- }, --- { --- "labels": { --- "ip_type": "ipv6", --- "origin": "CAPI" --- }, --- "name": "dropped", --- "unit": "packet", --- "value": 0 --- }, --- { --- "labels": { --- "ip_type": "ipv4" --- }, --- "name": "processed", --- "unit": "byte", --- "value": 100836 --- }, --- { --- "labels": { --- "ip_type": "ipv6" --- }, --- "name": "processed", --- "unit": "byte", --- "value": 0 --- }, --- { --- "labels": { --- "ip_type": "ipv4" --- }, --- "name": "processed", --- "unit": "packet", --- "value": 748 --- }, --- { --- "labels": { --- "ip_type": "ipv6" --- }, --- "name": "processed", --- "unit": "packet", --- "value": 0 --- } --- ], --- "meta": { --- "utc_now_timestamp": 1726593109, --- "window_size_seconds": 900 --- } --- } --- ], --- "os": { --- "name": "Debian GNU/Linux", --- "version": "12" --- }, --- "utc_startup_timestamp": 1726584109, --- "version": "v0.0.30-debian-pragmatic-amd64-3f592b52075a80734b4fc291d5a08043d433c8fe", --- "type": "crowdsec-firewall-bouncer" --- } --- ] --- } - - local cjson = require "cjson" local http = require "resty.http" local utils = require "plugins.crowdsec.utils" @@ -150,16 +31,14 @@ end -- @return the new value of the key function metrics:increment(key, increment, labels) increment = increment or 1 - if labels ~= nil then - for k, v in pairs(labels) do - ngx.log(ngx.INFO, "label: " .. k .. " " .. v) - end - else - ngx.log(ngx.INFO, "no labels") - end + if labels == nil then + ngx.log(ngx.INFO, "no labels") + end + -- keys could look like: + -- processed/ip_version=ipv4& + -- active_decisions/ip_version=ipv4&decision_type=ban& key = key .. "/" .. utils.table_to_string(labels) - ngx.log(ngx.INFO, "incrementing value on key: " .. key) local value, err, forcible = self.cache:incr("metrics_" .. key, increment, 0) metrics:add_to_metrics(key) if err then @@ -294,8 +173,8 @@ end function metrics:sendMetrics(link, headers, ssl, window) local body = self:toJson(window) .. "\n" - ngx.log(ngx.INFO, "Sending metrics to " .. link .. "/v1/usage-metrics") - ngx.log(ngx.INFO, "metrics: " .. body) + ngx.log(ngx.DEBUG, "Sending metrics to " .. link .. "/v1/usage-metrics") + ngx.log(ngx.DEBUG, "metrics: " .. body) local httpc = http.new() local res, err = httpc:request_uri(link .. "/v1/usage-metrics", { body = body,