Make windows drive range configurable (#450)

thll · web-flow · commit 457e40d2b111 · 2022-10-25T20:29:43.000+02:00
diff --git a/api/graylog.go b/api/graylog.go
@@ -168,7 +168,7 @@ func UpdateRegistration(httpClient *http.Client, checksum string, ctx *context.C
 
 	if ctx.UserConfig.SendStatus {
 		metrics := &graylog.MetricsRequest{
-			Disks75: common.GetFileSystemList75(),
+			Disks75: common.GetFileSystemList75(ctx.UserConfig.WindowsDriveRange),
 			CpuIdle: common.GetCpuIdle(),
 			Load1:   common.GetLoad1(),
 		}
diff --git a/cfgfile/schema.go b/cfgfile/schema.go
@@ -37,6 +37,7 @@ type SidecarConfig struct {
 	CollectorBinariesWhitelist       []string      `config:"collector_binaries_whitelist"`
 	CollectorBinariesAccesslist      []string      `config:"collector_binaries_accesslist"`
 	Tags                             []string      `config:"tags"`
+	WindowsDriveRange                string        `config:"windows_drive_range"`
 }
 
 // Default Sidecar configuration
@@ -70,6 +71,7 @@ collector_binaries_accesslist:
   - "/usr/bin/nxlog"
   - "/opt/nxlog/bin/nxlog"
 tags: []
+windows_drive_range: ""
 `
 
 // Windows specific options. Gets merged over `CommonDefaults`
@@ -87,4 +89,5 @@ collector_binaries_accesslist:
   - "C:\\Program Files\\Heartbeat\\heartbeat.exe"
   - "C:\\Program Files\\Auditbeat\\auditbeat.exe"
   - "C:\\Program Files (x86)\\nxlog\\nxlog.exe"
+windows_drive_range: "CDEFGHIJKLMNOPQRSTUVWXYZ"
 `
diff --git a/common/sigar.go b/common/sigar.go
@@ -100,12 +100,12 @@ func GetCpuIdle() float64 {
 	return cpu.LastCpuTimes.IdlePercent * 100
 }
 
-func GetFileSystemList75() []string {
+func GetFileSystemList75(windowsDriveRange string) []string {
 	result := []string{}
 	volumes := []sigar.FileSystem{}
 
 	if runtime.GOOS == "windows" {
-		volumes = getWindowsDrives()
+		volumes = getWindowsDrives(windowsDriveRange)
 	} else {
 		fslist := sigar.FileSystemList{}
 		fslist.Get()
@@ -138,8 +138,8 @@ func GetLoad1() float64 {
 	return avg.One
 }
 
-func getWindowsDrives() (drives []sigar.FileSystem) {
-	for _, drive := range "CDEFGHIJKLMNOPQRSTUVWXYZ" {
+func getWindowsDrives(windowsDriveRange string) (drives []sigar.FileSystem) {
+	for _, drive := range windowsDriveRange {
 		dirName := string(drive) + ":\\"
 		dirHandle, err := os.Open(dirName)
 		defer dirHandle.Close()
diff --git a/common/sigar_darwin.go b/common/sigar_darwin.go
@@ -19,7 +19,7 @@ func GetCpuIdle() float64 {
 	return -1
 }
 
-func GetFileSystemList75() []string {
+func GetFileSystemList75(string) []string {
 	return []string{}
 }
 
diff --git a/common/sigar_freebsd.go b/common/sigar_freebsd.go
@@ -19,7 +19,7 @@ func GetCpuIdle() float64 {
 	return -1
 }
 
-func GetFileSystemList75() []string {
+func GetFileSystemList75(string) []string {
 	return []string{}
 }
 
diff --git a/context/context.go b/context/context.go
@@ -20,6 +20,7 @@ import (
 	"net/url"
 	"os"
 	"path/filepath"
+	"regexp"
 	"runtime"
 	"time"
 
@@ -166,5 +167,11 @@ func (ctx *Ctx) LoadConfig(path *string) error {
 		ctx.UserConfig.CollectorBinariesAccesslist = ctx.UserConfig.CollectorBinariesWhitelist
 	}
 
+	// windows_drive_range
+	driveRangeValid, _ := regexp.MatchString("^[A-Z]*$", ctx.UserConfig.WindowsDriveRange)
+	if !driveRangeValid {
+		log.Fatal("`windows_drive_range` must only contain valid windows drive letters in the range A-Z or left empty.")
+	}
+
 	return nil
 }
diff --git a/sidecar-windows-example.yml b/sidecar-windows-example.yml
@@ -67,6 +67,11 @@ send_status: <SENDSTATUS>
 # Directory where the sidecar generates configurations for collectors.
 #collector_configuration_directory: "C:\\Program Files\\Graylog\\sidecar\\generated"
 
+# Range of windows drives which are checked for disk usage. If their usage extends 75% they will be reported
+# in the sidecar's status report to the Graylog server. Set to "" to disable disk scanning.
+# Default:
+# windows_drive_range: "CDEFGHIJKLMNOPQRSTUVWXYZ"
+
 # A list of binaries which are allowed to be executed by the Sidecar. An empty list disables the access list feature.
 # Wildcards can be used, for a full pattern description see https://golang.org/pkg/path/filepath/#Match
 # Example:

Original file line number	Diff line number	Diff line change
`@@ -168,7 +168,7 @@ func UpdateRegistration(httpClient http.Client, checksum string, ctx context.C`
`168`	`168`
`169`	`169`	`if ctx.UserConfig.SendStatus {`
`170`	`170`	`metrics := &graylog.MetricsRequest{`
`171`		`- Disks75: common.GetFileSystemList75(),`
	`171`	`+ Disks75: common.GetFileSystemList75(ctx.UserConfig.WindowsDriveRange),`
`172`	`172`	`CpuIdle: common.GetCpuIdle(),`
`173`	`173`	`Load1: common.GetLoad1(),`
`174`	`174`	`}`
Original file line number	Diff line number	Diff line change
`@@ -37,6 +37,7 @@ type SidecarConfig struct {`
`37`	`37`	CollectorBinariesWhitelist []string `config:"collector_binaries_whitelist"`
`38`	`38`	CollectorBinariesAccesslist []string `config:"collector_binaries_accesslist"`
`39`	`39`	Tags []string `config:"tags"`
	`40`	+ WindowsDriveRange string `config:"windows_drive_range"`
`40`	`41`	`}`
`41`	`42`
`42`	`43`	`// Default Sidecar configuration`
`@@ -70,6 +71,7 @@ collector_binaries_accesslist:`
`70`	`71`	`- "/usr/bin/nxlog"`
`71`	`72`	`- "/opt/nxlog/bin/nxlog"`
`72`	`73`	`tags: []`
	`74`	`+windows_drive_range: ""`
`73`	`75`	`
`74`	`76`
`75`	`77`	// Windows specific options. Gets merged over `CommonDefaults`
`@@ -87,4 +89,5 @@ collector_binaries_accesslist:`
`87`	`89`	`- "C:\\Program Files\\Heartbeat\\heartbeat.exe"`
`88`	`90`	`- "C:\\Program Files\\Auditbeat\\auditbeat.exe"`
`89`	`91`	`- "C:\\Program Files (x86)\\nxlog\\nxlog.exe"`
	`92`	`+windows_drive_range: "CDEFGHIJKLMNOPQRSTUVWXYZ"`
`90`	`93`	`
Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@ func GetCpuIdle() float64 {`
`19`	`19`	`return -1`
`20`	`20`	`}`
`21`	`21`
`22`		`-func GetFileSystemList75() []string {`
	`22`	`+func GetFileSystemList75(string) []string {`
`23`	`23`	`return []string{}`
`24`	`24`	`}`
`25`	`25`