telegraf/plugins/inputs/openldap/openldap.go

package openldap

import (
	"fmt"
	"strconv"
	"strings"

	"gopkg.in/ldap.v2"

	"github.com/influxdata/telegraf"
	"github.com/influxdata/telegraf/internal"
	"github.com/influxdata/telegraf/plugins/inputs"
)

type Openldap struct {
	Host               string
	Port               int
	Ssl                string
	InsecureSkipVerify bool
	SslCa              string
	BindDn             string
	BindPassword       string
}

const sampleConfig string = `
  host = "localhost"
  port = 389

  # ldaps, starttls, or no encryption. default is an empty string, disabling all encryption.
  # note that port will likely need to be changed to 636 for ldaps
  # valid options: "" | "starttls" | "ldaps"
  ssl = ""

  # skip peer certificate verification. Default is false.
  insecure_skip_verify = false

  # Path to PEM-encoded Root certificate to use to verify server certificate
  ssl_ca = "/etc/ssl/certs.pem"

  # dn/password to bind with. If bind_dn is empty, an anonymous bind is performed.
  bind_dn = ""
  bind_password = ""
`

var searchBase = "cn=Monitor"
var searchFilter = "(|(objectClass=monitorCounterObject)(objectClass=monitorOperation))"
var searchAttrs = []string{"monitorCounter", "monitorOpInitiated", "monitorOpCompleted"}
var attrTranslate = map[string]string{
	"monitorCounter":     "",
	"monitorOpInitiated": "_initiated",
	"monitorOpCompleted": "_completed",
}

func (o *Openldap) SampleConfig() string {
	return sampleConfig
}

func (o *Openldap) Description() string {
	return "OpenLDAP cn=Monitor plugin"
}

// return an initialized Openldap
func NewOpenldap() *Openldap {
	return &Openldap{
		Host:               "localhost",
		Port:               389,
		Ssl:                "",
		InsecureSkipVerify: false,
		SslCa:              "",
		BindDn:             "",
		BindPassword:       "",
	}
}

// gather metrics
func (o *Openldap) Gather(acc telegraf.Accumulator) error {
	var err error
	var l *ldap.Conn
	if o.Ssl != "" {
		// build tls config
		tlsConfig, err := internal.GetTLSConfig("", "", o.SslCa, o.InsecureSkipVerify)
		if err != nil {
			acc.AddError(err)
			return nil
		}
		if o.Ssl == "ldaps" {
			l, err = ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", o.Host, o.Port), tlsConfig)
			if err != nil {
				acc.AddError(err)
				return nil
			}
		} else if o.Ssl == "starttls" {
			l, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", o.Host, o.Port))
			if err != nil {
				acc.AddError(err)
				return nil
			}
			err = l.StartTLS(tlsConfig)
		} else {
			acc.AddError(fmt.Errorf("Invalid setting for ssl: %s", o.Ssl))
			return nil
		}
	} else {
		l, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", o.Host, o.Port))
	}

	if err != nil {
		acc.AddError(err)
		return nil
	}
	defer l.Close()

	// username/password bind
	if o.BindDn != "" && o.BindPassword != "" {
		err = l.Bind(o.BindDn, o.BindPassword)
		if err != nil {
			acc.AddError(err)
			return nil
		}
	}

	searchRequest := ldap.NewSearchRequest(
		searchBase,
		ldap.ScopeWholeSubtree,
		ldap.NeverDerefAliases,
		0,
		0,
		false,
		searchFilter,
		searchAttrs,
		nil,
	)

	sr, err := l.Search(searchRequest)
	if err != nil {
		acc.AddError(err)
		return nil
	}

	gatherSearchResult(sr, o, acc)

	return nil
}

func gatherSearchResult(sr *ldap.SearchResult, o *Openldap, acc telegraf.Accumulator) {
	fields := map[string]interface{}{}
	tags := map[string]string{
		"server": o.Host,
		"port":   strconv.Itoa(o.Port),
	}
	for _, entry := range sr.Entries {
		metricName := dnToMetric(entry.DN, searchBase)
		for _, attr := range entry.Attributes {
			if len(attr.Values[0]) >= 1 {
				if v, err := strconv.ParseInt(attr.Values[0], 10, 64); err == nil {
					fields[metricName+attrTranslate[attr.Name]] = v
				}
			}
		}
	}
	acc.AddFields("openldap", fields, tags)
	return
}

// Convert a DN to metric name, eg cn=Read,cn=Waiters,cn=Monitor to read_waiters
func dnToMetric(dn, searchBase string) string {
	metricName := strings.Trim(dn, " ")
	metricName = strings.Replace(metricName, " ", "_", -1)
	metricName = strings.ToLower(metricName)
	metricName = strings.TrimPrefix(metricName, "cn=")
	metricName = strings.Replace(metricName, strings.ToLower(searchBase), "", -1)
	metricName = strings.Replace(metricName, "cn=", "_", -1)
	return strings.Replace(metricName, ",", "", -1)
}

func init() {
	inputs.Add("openldap", func() telegraf.Input { return NewOpenldap() })
}
Add input plugin for OpenLDAP (#2612) 2017-04-03 14:30:53 +00:00			`package openldap`

			`import (`
			`"fmt"`
			`"strconv"`
			`"strings"`

			`"gopkg.in/ldap.v2"`

			`"github.com/influxdata/telegraf"`
			`"github.com/influxdata/telegraf/internal"`
			`"github.com/influxdata/telegraf/plugins/inputs"`
			`)`

			`type Openldap struct {`
			`Host string`
			`Port int`
			`Ssl string`
			`InsecureSkipVerify bool`
			`SslCa string`
			`BindDn string`
			`BindPassword string`
			`}`

			const sampleConfig string = `
			`host = "localhost"`
			`port = 389`

			`# ldaps, starttls, or no encryption. default is an empty string, disabling all encryption.`
			`# note that port will likely need to be changed to 636 for ldaps`
			`# valid options: "" \| "starttls" \| "ldaps"`
			`ssl = ""`

			`# skip peer certificate verification. Default is false.`
			`insecure_skip_verify = false`

			`# Path to PEM-encoded Root certificate to use to verify server certificate`
			`ssl_ca = "/etc/ssl/certs.pem"`

			`# dn/password to bind with. If bind_dn is empty, an anonymous bind is performed.`
			`bind_dn = ""`
			`bind_password = ""`
			`

			`var searchBase = "cn=Monitor"`
			`var searchFilter = "(\|(objectClass=monitorCounterObject)(objectClass=monitorOperation))"`
			`var searchAttrs = []string{"monitorCounter", "monitorOpInitiated", "monitorOpCompleted"}`
			`var attrTranslate = map[string]string{`
			`"monitorCounter": "",`
			`"monitorOpInitiated": "_initiated",`
			`"monitorOpCompleted": "_completed",`
			`}`

			`func (o *Openldap) SampleConfig() string {`
			`return sampleConfig`
			`}`

			`func (o *Openldap) Description() string {`
			`return "OpenLDAP cn=Monitor plugin"`
			`}`

			`// return an initialized Openldap`
			`func NewOpenldap() *Openldap {`
			`return &Openldap{`
			`Host: "localhost",`
			`Port: 389,`
			`Ssl: "",`
			`InsecureSkipVerify: false,`
			`SslCa: "",`
			`BindDn: "",`
			`BindPassword: "",`
			`}`
			`}`

			`// gather metrics`
			`func (o *Openldap) Gather(acc telegraf.Accumulator) error {`
			`var err error`
			`var l *ldap.Conn`
			`if o.Ssl != "" {`
			`// build tls config`
			`tlsConfig, err := internal.GetTLSConfig("", "", o.SslCa, o.InsecureSkipVerify)`
			`if err != nil {`
			`acc.AddError(err)`
			`return nil`
			`}`
			`if o.Ssl == "ldaps" {`
			`l, err = ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", o.Host, o.Port), tlsConfig)`
			`if err != nil {`
			`acc.AddError(err)`
			`return nil`
			`}`
			`} else if o.Ssl == "starttls" {`
			`l, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", o.Host, o.Port))`
			`if err != nil {`
			`acc.AddError(err)`
			`return nil`
			`}`
			`err = l.StartTLS(tlsConfig)`
			`} else {`
			`acc.AddError(fmt.Errorf("Invalid setting for ssl: %s", o.Ssl))`
			`return nil`
			`}`
			`} else {`
			`l, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", o.Host, o.Port))`
			`}`

			`if err != nil {`
			`acc.AddError(err)`
			`return nil`
			`}`
			`defer l.Close()`

			`// username/password bind`
			`if o.BindDn != "" && o.BindPassword != "" {`
			`err = l.Bind(o.BindDn, o.BindPassword)`
			`if err != nil {`
			`acc.AddError(err)`
			`return nil`
			`}`
			`}`

			`searchRequest := ldap.NewSearchRequest(`
			`searchBase,`
			`ldap.ScopeWholeSubtree,`
			`ldap.NeverDerefAliases,`
			`0,`
			`0,`
			`false,`
			`searchFilter,`
			`searchAttrs,`
			`nil,`
			`)`

			`sr, err := l.Search(searchRequest)`
			`if err != nil {`
			`acc.AddError(err)`
			`return nil`
			`}`

			`gatherSearchResult(sr, o, acc)`

			`return nil`
			`}`

			`func gatherSearchResult(sr ldap.SearchResult, o Openldap, acc telegraf.Accumulator) {`
			`fields := map[string]interface{}{}`
			`tags := map[string]string{`
			`"server": o.Host,`
			`"port": strconv.Itoa(o.Port),`
			`}`
			`for _, entry := range sr.Entries {`
			`metricName := dnToMetric(entry.DN, searchBase)`
			`for _, attr := range entry.Attributes {`
			`if len(attr.Values[0]) >= 1 {`
			`if v, err := strconv.ParseInt(attr.Values[0], 10, 64); err == nil {`
			`fields[metricName+attrTranslate[attr.Name]] = v`
			`}`
			`}`
			`}`
			`}`
			`acc.AddFields("openldap", fields, tags)`
			`return`
			`}`

			`// Convert a DN to metric name, eg cn=Read,cn=Waiters,cn=Monitor to read_waiters`
			`func dnToMetric(dn, searchBase string) string {`
			`metricName := strings.Trim(dn, " ")`
			`metricName = strings.Replace(metricName, " ", "_", -1)`
			`metricName = strings.ToLower(metricName)`
			`metricName = strings.TrimPrefix(metricName, "cn=")`
			`metricName = strings.Replace(metricName, strings.ToLower(searchBase), "", -1)`
			`metricName = strings.Replace(metricName, "cn=", "_", -1)`
			`return strings.Replace(metricName, ",", "", -1)`
			`}`

			`func init() {`
			`inputs.Add("openldap", func() telegraf.Input { return NewOpenldap() })`
			`}`