Add input plugin for OpenLDAP (#2612)

2017-04-03 10:30:53 -04:00
parent 06a285bb5e
commit 9fb8cf6319
7 changed files with 427 additions and 2 deletions
--- a/plugins/inputs/openldap/openldap.go
+++ b/plugins/inputs/openldap/openldap.go
@@ -0,0 +1,178 @@
+package openldap
+
+import (
+	"fmt"
+	"strconv"
+	"strings"
+
+	"gopkg.in/ldap.v2"
+
+	"github.com/influxdata/telegraf"
+	"github.com/influxdata/telegraf/internal"
+	"github.com/influxdata/telegraf/plugins/inputs"
+)
+
+type Openldap struct {
+	Host               string
+	Port               int
+	Ssl                string
+	InsecureSkipVerify bool
+	SslCa              string
+	BindDn             string
+	BindPassword       string
+}
+
+const sampleConfig string = `
+  host = "localhost"
+  port = 389
+
+  # ldaps, starttls, or no encryption. default is an empty string, disabling all encryption.
+  # note that port will likely need to be changed to 636 for ldaps
+  # valid options: "" | "starttls" | "ldaps"
+  ssl = ""
+
+  # skip peer certificate verification. Default is false.
+  insecure_skip_verify = false
+
+  # Path to PEM-encoded Root certificate to use to verify server certificate
+  ssl_ca = "/etc/ssl/certs.pem"
+
+  # dn/password to bind with. If bind_dn is empty, an anonymous bind is performed.
+  bind_dn = ""
+  bind_password = ""
+`
+
+var searchBase = "cn=Monitor"
+var searchFilter = "(|(objectClass=monitorCounterObject)(objectClass=monitorOperation))"
+var searchAttrs = []string{"monitorCounter", "monitorOpInitiated", "monitorOpCompleted"}
+var attrTranslate = map[string]string{
+	"monitorCounter":     "",
+	"monitorOpInitiated": "_initiated",
+	"monitorOpCompleted": "_completed",
+}
+
+func (o *Openldap) SampleConfig() string {
+	return sampleConfig
+}
+
+func (o *Openldap) Description() string {
+	return "OpenLDAP cn=Monitor plugin"
+}
+
+// return an initialized Openldap
+func NewOpenldap() *Openldap {
+	return &Openldap{
+		Host:               "localhost",
+		Port:               389,
+		Ssl:                "",
+		InsecureSkipVerify: false,
+		SslCa:              "",
+		BindDn:             "",
+		BindPassword:       "",
+	}
+}
+
+// gather metrics
+func (o *Openldap) Gather(acc telegraf.Accumulator) error {
+	var err error
+	var l *ldap.Conn
+	if o.Ssl != "" {
+		// build tls config
+		tlsConfig, err := internal.GetTLSConfig("", "", o.SslCa, o.InsecureSkipVerify)
+		if err != nil {
+			acc.AddError(err)
+			return nil
+		}
+		if o.Ssl == "ldaps" {
+			l, err = ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", o.Host, o.Port), tlsConfig)
+			if err != nil {
+				acc.AddError(err)
+				return nil
+			}
+		} else if o.Ssl == "starttls" {
+			l, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", o.Host, o.Port))
+			if err != nil {
+				acc.AddError(err)
+				return nil
+			}
+			err = l.StartTLS(tlsConfig)
+		} else {
+			acc.AddError(fmt.Errorf("Invalid setting for ssl: %s", o.Ssl))
+			return nil
+		}
+	} else {
+		l, err = ldap.Dial("tcp", fmt.Sprintf("%s:%d", o.Host, o.Port))
+	}
+
+	if err != nil {
+		acc.AddError(err)
+		return nil
+	}
+	defer l.Close()
+
+	// username/password bind
+	if o.BindDn != "" && o.BindPassword != "" {
+		err = l.Bind(o.BindDn, o.BindPassword)
+		if err != nil {
+			acc.AddError(err)
+			return nil
+		}
+	}
+
+	searchRequest := ldap.NewSearchRequest(
+		searchBase,
+		ldap.ScopeWholeSubtree,
+		ldap.NeverDerefAliases,
+		0,
+		0,
+		false,
+		searchFilter,
+		searchAttrs,
+		nil,
+	)
+
+	sr, err := l.Search(searchRequest)
+	if err != nil {
+		acc.AddError(err)
+		return nil
+	}
+
+	gatherSearchResult(sr, o, acc)
+
+	return nil
+}
+
+func gatherSearchResult(sr *ldap.SearchResult, o *Openldap, acc telegraf.Accumulator) {
+	fields := map[string]interface{}{}
+	tags := map[string]string{
+		"server": o.Host,
+		"port":   strconv.Itoa(o.Port),
+	}
+	for _, entry := range sr.Entries {
+		metricName := dnToMetric(entry.DN, searchBase)
+		for _, attr := range entry.Attributes {
+			if len(attr.Values[0]) >= 1 {
+				if v, err := strconv.ParseInt(attr.Values[0], 10, 64); err == nil {
+					fields[metricName+attrTranslate[attr.Name]] = v
+				}
+			}
+		}
+	}
+	acc.AddFields("openldap", fields, tags)
+	return
+}
+
+// Convert a DN to metric name, eg cn=Read,cn=Waiters,cn=Monitor to read_waiters
+func dnToMetric(dn, searchBase string) string {
+	metricName := strings.Trim(dn, " ")
+	metricName = strings.Replace(metricName, " ", "_", -1)
+	metricName = strings.ToLower(metricName)
+	metricName = strings.TrimPrefix(metricName, "cn=")
+	metricName = strings.Replace(metricName, strings.ToLower(searchBase), "", -1)
+	metricName = strings.Replace(metricName, "cn=", "_", -1)
+	return strings.Replace(metricName, ",", "", -1)
+}
+
+func init() {
+	inputs.Add("openldap", func() telegraf.Input { return NewOpenldap() })
+}