diff options
Diffstat (limited to '')
20 files changed, 1251 insertions, 0 deletions
diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/README.md b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/README.md new file mode 120000 index 000000000..603c8249b --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/README.md @@ -0,0 +1 @@ +integrations/openvpn_status_log.md
\ No newline at end of file diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/charts.go b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/charts.go new file mode 100644 index 000000000..cb8d7c89b --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/charts.go @@ -0,0 +1,72 @@ +// SPDX-License-Identifier: GPL-3.0-or-later + +package openvpn_status_log + +import ( + "fmt" + + "github.com/netdata/netdata/go/go.d.plugin/agent/module" +) + +var charts = module.Charts{ + { + ID: "active_clients", + Title: "Active Clients", + Units: "active clients", + Fam: "active_clients", + Ctx: "openvpn.active_clients", + Dims: module.Dims{ + {ID: "clients"}, + }, + }, + { + ID: "traffic", + Title: "Traffic", + Units: "kilobits/s", + Fam: "traffic", + Ctx: "openvpn.total_traffic", + Type: module.Area, + Dims: module.Dims{ + {ID: "bytes_in", Name: "in", Algo: module.Incremental, Mul: 8, Div: 1000}, + {ID: "bytes_out", Name: "out", Algo: module.Incremental, Mul: -8, Div: 1000}, + }, + }, +} + +var userCharts = module.Charts{ + { + ID: "%s_user_traffic", + Title: "User Traffic", + Units: "kilobits/s", + Fam: "user stats", + Ctx: "openvpn.user_traffic", + Type: module.Area, + Dims: module.Dims{ + {ID: "%s_bytes_in", Name: "in", Algo: module.Incremental, Mul: 8, Div: 1000}, + {ID: "%s_bytes_out", Name: "out", Algo: module.Incremental, Mul: -8, Div: 1000}, + }, + }, + { + ID: "%s_user_connection_time", + Title: "User Connection Time", + Units: "seconds", + Fam: "user stats", + Ctx: "openvpn.user_connection_time", + Dims: module.Dims{ + {ID: "%s_connection_time", Name: "time"}, + }, + }, +} + +func (o *OpenVPNStatusLog) addUserCharts(userName string) error { + cs := userCharts.Copy() + + for _, chart := range *cs { + chart.ID = fmt.Sprintf(chart.ID, userName) + for _, dim := range chart.Dims { + dim.ID = fmt.Sprintf(dim.ID, userName) + } + chart.MarkNotCreated() + } + return o.charts.Add(*cs...) +} diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/collect.go b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/collect.go new file mode 100644 index 000000000..f6a442fd5 --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/collect.go @@ -0,0 +1,65 @@ +// SPDX-License-Identifier: GPL-3.0-or-later + +package openvpn_status_log + +import ( + "time" +) + +func (o *OpenVPNStatusLog) collect() (map[string]int64, error) { + clients, err := parse(o.LogPath) + if err != nil { + return nil, err + } + + mx := make(map[string]int64) + + collectTotalStats(mx, clients) + + if o.perUserMatcher != nil && numOfClients(clients) > 0 { + o.collectUsers(mx, clients) + } + + return mx, nil +} + +func collectTotalStats(mx map[string]int64, clients []clientInfo) { + var in, out int64 + for _, c := range clients { + in += c.bytesReceived + out += c.bytesSent + } + mx["clients"] = numOfClients(clients) + mx["bytes_in"] = in + mx["bytes_out"] = out +} + +func (o *OpenVPNStatusLog) collectUsers(mx map[string]int64, clients []clientInfo) { + now := time.Now().Unix() + + for _, user := range clients { + name := user.commonName + if !o.perUserMatcher.MatchString(name) { + continue + } + if !o.collectedUsers[name] { + o.collectedUsers[name] = true + if err := o.addUserCharts(name); err != nil { + o.Warning(err) + } + } + mx[name+"_bytes_in"] = user.bytesReceived + mx[name+"_bytes_out"] = user.bytesSent + mx[name+"_connection_time"] = now - user.connectedSince + } +} + +func numOfClients(clients []clientInfo) int64 { + var num int64 + for _, v := range clients { + if v.commonName != "" && v.commonName != "UNDEF" { + num++ + } + } + return num +} diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/config_schema.json b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/config_schema.json new file mode 100644 index 000000000..5a31078d0 --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/config_schema.json @@ -0,0 +1,92 @@ +{ + "jsonSchema": { + "$schema": "http://json-schema.org/draft-07/schema#", + "title": "OpenVPN status log collector configuration.", + "type": "object", + "properties": { + "update_every": { + "title": "Update every", + "description": "Data collection interval, measured in seconds.", + "type": "integer", + "minimum": 1, + "default": 1 + }, + "log_path": { + "title": "Log file", + "description": "Path to the status log file.", + "type": "string", + "default": "/var/log/openvpn/status.log", + "pattern": "^$|^/" + }, + "per_user_stats": { + "title": "User selector", + "description": "Configuration for monitoring specific users. If left empty, no user stats will be collected.", + "type": [ + "object", + "null" + ], + "properties": { + "includes": { + "title": "Include", + "description": "Include users whose usernames match any of the specified inclusion [patterns](https://github.com/netdata/netdata/tree/master/src/go/collectors/go.d.plugin/pkg/matcher#readme).", + "type": [ + "array", + "null" + ], + "items": { + "title": "Username pattern", + "type": "string" + }, + "uniqueItems": true + }, + "excludes": { + "title": "Exclude", + "description": "Exclude users whose usernames match any of the specified exclusion [patterns](https://github.com/netdata/netdata/tree/master/src/go/collectors/go.d.plugin/pkg/matcher#readme).", + "type": [ + "array", + "null" + ], + "items": { + "title": "Username pattern", + "type": "string" + }, + "uniqueItems": true + } + } + } + }, + "required": [ + "address" + ], + "additionalProperties": false, + "patternProperties": { + "^name$": {} + } + }, + "uiSchema": { + "uiOptions": { + "fullPage": true + }, + "timeout": { + "ui:help": "Accepts decimals for precise control (e.g., type 1.5 for 1.5 seconds)." + }, + "ui:flavour": "tabs", + "ui:options": { + "tabs": [ + { + "title": "Base", + "fields": [ + "update_every", + "log_path" + ] + }, + { + "title": "User stats", + "fields": [ + "per_user_stats" + ] + } + ] + } + } +} diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/init.go b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/init.go new file mode 100644 index 000000000..de75d096a --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/init.go @@ -0,0 +1,27 @@ +// SPDX-License-Identifier: GPL-3.0-or-later + +package openvpn_status_log + +import ( + "errors" + "github.com/netdata/netdata/go/go.d.plugin/pkg/matcher" +) + +func (o *OpenVPNStatusLog) validateConfig() error { + if o.LogPath == "" { + return errors.New("empty 'log_path'") + } + return nil +} + +func (o *OpenVPNStatusLog) initPerUserStatsMatcher() (matcher.Matcher, error) { + if o.PerUserStats.Empty() { + return nil, nil + } + m, err := o.PerUserStats.Parse() + if err != nil { + return nil, err + } + + return m, nil +} diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/integrations/openvpn_status_log.md b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/integrations/openvpn_status_log.md new file mode 100644 index 000000000..fdbf54e87 --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/integrations/openvpn_status_log.md @@ -0,0 +1,178 @@ +<!--startmeta +custom_edit_url: "https://github.com/netdata/netdata/edit/master/src/go/collectors/go.d.plugin/modules/openvpn_status_log/README.md" +meta_yaml: "https://github.com/netdata/netdata/edit/master/src/go/collectors/go.d.plugin/modules/openvpn_status_log/metadata.yaml" +sidebar_label: "OpenVPN status log" +learn_status: "Published" +learn_rel_path: "Collecting Metrics/VPNs" +most_popular: False +message: "DO NOT EDIT THIS FILE DIRECTLY, IT IS GENERATED BY THE COLLECTOR'S metadata.yaml FILE" +endmeta--> + +# OpenVPN status log + + +<img src="https://netdata.cloud/img/openvpn.svg" width="150"/> + + +Plugin: go.d.plugin +Module: openvpn_status_log + +<img src="https://img.shields.io/badge/maintained%20by-Netdata-%2300ab44" /> + +## Overview + +This collector monitors OpenVPN server. + +It parses server log files and provides summary and per user metrics. + + + + +This collector is supported on all platforms. + +This collector supports collecting metrics from multiple instances of this integration, including remote instances. + + +### Default Behavior + +#### Auto-Detection + +This integration doesn't support auto-detection. + +#### Limits + +The default configuration for this integration does not impose any limits on data collection. + +#### Performance Impact + +The default configuration for this integration is not expected to impose a significant performance impact on the system. + + +## Metrics + +Metrics grouped by *scope*. + +The scope defines the instance that the metric belongs to. An instance is uniquely identified by a set of labels. + + + +### Per OpenVPN status log instance + +These metrics refer to the entire monitored application. + +This scope has no labels. + +Metrics: + +| Metric | Dimensions | Unit | +|:------|:----------|:----| +| openvpn.active_clients | clients | clients | +| openvpn.total_traffic | in, out | kilobits/s | + +### Per user + +These metrics refer to the VPN user. + +Labels: + +| Label | Description | +|:-----------|:----------------| +| username | VPN username | + +Metrics: + +| Metric | Dimensions | Unit | +|:------|:----------|:----| +| openvpn.user_traffic | in, out | kilobits/s | +| openvpn.user_connection_time | time | seconds | + + + +## Alerts + +There are no alerts configured by default for this integration. + + +## Setup + +### Prerequisites + +No action required. + +### Configuration + +#### File + +The configuration file name for this integration is `go.d/openvpn_status_log.conf`. + + +You can edit the configuration file using the `edit-config` script from the +Netdata [config directory](/docs/netdata-agent/configuration/README.md#the-netdata-config-directory). + +```bash +cd /etc/netdata 2>/dev/null || cd /opt/netdata/etc/netdata +sudo ./edit-config go.d/openvpn_status_log.conf +``` +#### Options + +The following options can be defined globally: update_every, autodetection_retry. + + +<details open><summary>Config options</summary> + +| Name | Description | Default | Required | +|:----|:-----------|:-------|:--------:| +| update_every | Data collection frequency. | 1 | no | +| autodetection_retry | Recheck interval in seconds. Zero means no recheck will be scheduled. | 0 | no | +| log_path | Path to status log. | /var/log/openvpn/status.log | yes | +| per_user_stats | User selector. Determines which user metrics will be collected. | | no | + +</details> + +#### Examples + +##### With user metrics + +Collect metrics of all users. + +<details open><summary>Config</summary> + +```yaml +jobs: + - name: local + per_user_stats: + includes: + - "* *" + +``` +</details> + + + +## Troubleshooting + +### Debug Mode + +To troubleshoot issues with the `openvpn_status_log` collector, run the `go.d.plugin` with the debug option enabled. The output +should give you clues as to why the collector isn't working. + +- Navigate to the `plugins.d` directory, usually at `/usr/libexec/netdata/plugins.d/`. If that's not the case on + your system, open `netdata.conf` and look for the `plugins` setting under `[directories]`. + + ```bash + cd /usr/libexec/netdata/plugins.d/ + ``` + +- Switch to the `netdata` user. + + ```bash + sudo -u netdata -s + ``` + +- Run the `go.d.plugin` to debug the collector: + + ```bash + ./go.d.plugin -d -m openvpn_status_log + ``` + + diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/metadata.yaml b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/metadata.yaml new file mode 100644 index 000000000..fbe3ff610 --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/metadata.yaml @@ -0,0 +1,144 @@ +plugin_name: go.d.plugin +modules: + - meta: + id: collector-go.d.plugin-openvpn_status_log + plugin_name: go.d.plugin + module_name: openvpn_status_log + monitored_instance: + name: OpenVPN status log + link: https://openvpn.net/ + icon_filename: openvpn.svg + categories: + - data-collection.vpns + keywords: + - openvpn + - vpn + related_resources: + integrations: + list: [] + info_provided_to_referring_integrations: + description: "" + most_popular: false + overview: + data_collection: + metrics_description: | + This collector monitors OpenVPN server. + + It parses server log files and provides summary and per user metrics. + method_description: "" + supported_platforms: + include: [] + exclude: [] + multi_instance: true + additional_permissions: + description: "" + default_behavior: + auto_detection: + description: "" + limits: + description: "" + performance_impact: + description: "" + setup: + prerequisites: + list: [] + configuration: + file: + name: go.d/openvpn_status_log.conf + options: + description: | + The following options can be defined globally: update_every, autodetection_retry. + folding: + title: Config options + enabled: true + list: + - name: update_every + description: Data collection frequency. + default_value: 1 + required: false + - name: autodetection_retry + description: Recheck interval in seconds. Zero means no recheck will be scheduled. + default_value: 0 + required: false + - name: log_path + description: Path to status log. + default_value: /var/log/openvpn/status.log + required: true + - name: per_user_stats + description: User selector. Determines which user metrics will be collected. + default_value: "" + required: false + details: | + Metrics of users matching the selector will be collected. + - Logic: (pattern1 OR pattern2) AND !(pattern3 or pattern4) + - Pattern syntax: [matcher](https://github.com/netdata/netdata/tree/master/src/go/collectors/go.d.plugin/pkg/matcher#supported-format). + - Syntax: + ```yaml + per_user_stats: + includes: + - pattern1 + - pattern2 + excludes: + - pattern3 + - pattern4 + ``` + examples: + folding: + title: Config + enabled: true + list: + - name: With user metrics + description: Collect metrics of all users. + config: | + jobs: + - name: local + per_user_stats: + includes: + - "* *" + troubleshooting: + problems: + list: [] + alerts: [] + metrics: + folding: + title: Metrics + enabled: false + description: "" + availability: [] + scopes: + - name: global + description: These metrics refer to the entire monitored application. + labels: [] + metrics: + - name: openvpn.active_clients + description: Total Number Of Active Clients + unit: clients + chart_type: line + dimensions: + - name: clients + - name: openvpn.total_traffic + description: Total Traffic + unit: kilobits/s + chart_type: area + dimensions: + - name: in + - name: out + - name: user + description: These metrics refer to the VPN user. + labels: + - name: username + description: VPN username + metrics: + - name: openvpn.user_traffic + description: User Traffic + unit: kilobits/s + chart_type: area + dimensions: + - name: in + - name: out + - name: openvpn.user_connection_time + description: User Connection Time + unit: seconds + chart_type: line + dimensions: + - name: time diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/openvpn.go b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/openvpn.go new file mode 100644 index 000000000..975da02f3 --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/openvpn.go @@ -0,0 +1,100 @@ +// SPDX-License-Identifier: GPL-3.0-or-later + +package openvpn_status_log + +import ( + _ "embed" + "errors" + + "github.com/netdata/netdata/go/go.d.plugin/agent/module" + "github.com/netdata/netdata/go/go.d.plugin/pkg/matcher" +) + +//go:embed "config_schema.json" +var configSchema string + +func init() { + module.Register("openvpn_status_log", module.Creator{ + JobConfigSchema: configSchema, + Create: func() module.Module { return New() }, + Config: func() any { return &Config{} }, + }) +} + +func New() *OpenVPNStatusLog { + return &OpenVPNStatusLog{ + Config: Config{ + LogPath: "/var/log/openvpn/status.log", + }, + charts: charts.Copy(), + collectedUsers: make(map[string]bool), + } +} + +type Config struct { + UpdateEvery int `yaml:"update_every,omitempty" json:"update_every"` + LogPath string `yaml:"log_path" json:"log_path"` + PerUserStats matcher.SimpleExpr `yaml:"per_user_stats,omitempty" json:"per_user_stats"` +} + +type OpenVPNStatusLog struct { + module.Base + Config `yaml:",inline" json:""` + + charts *module.Charts + + perUserMatcher matcher.Matcher + collectedUsers map[string]bool +} + +func (o *OpenVPNStatusLog) Configuration() any { + return o.Config +} + +func (o *OpenVPNStatusLog) Init() error { + if err := o.validateConfig(); err != nil { + o.Errorf("error on validating config: %v", err) + return err + } + + m, err := o.initPerUserStatsMatcher() + if err != nil { + o.Errorf("error on creating 'per_user_stats' matcher: %v", err) + return err + } + if m != nil { + o.perUserMatcher = m + } + + return nil +} + +func (o *OpenVPNStatusLog) Check() error { + mx, err := o.collect() + if err != nil { + o.Error(err) + return err + } + if len(mx) == 0 { + return errors.New("no metrics collected") + } + return nil +} + +func (o *OpenVPNStatusLog) Charts() *module.Charts { + return o.charts +} + +func (o *OpenVPNStatusLog) Collect() map[string]int64 { + mx, err := o.collect() + if err != nil { + o.Error(err) + } + + if len(mx) == 0 { + return nil + } + return mx +} + +func (o *OpenVPNStatusLog) Cleanup() {} diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/openvpn_test.go b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/openvpn_test.go new file mode 100644 index 000000000..1e6071e01 --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/openvpn_test.go @@ -0,0 +1,362 @@ +// SPDX-License-Identifier: GPL-3.0-or-later + +package openvpn_status_log + +import ( + "os" + "strings" + "testing" + + "github.com/netdata/netdata/go/go.d.plugin/agent/module" + "github.com/netdata/netdata/go/go.d.plugin/pkg/matcher" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +const ( + pathNonExistentFile = "testdata/v2.5.1/non-existent.txt" + pathEmptyFile = "testdata/v2.5.1/empty.txt" + pathStaticKey = "testdata/v2.5.1/static-key.txt" + pathStatusVersion1 = "testdata/v2.5.1/version1.txt" + pathStatusVersion1NoClients = "testdata/v2.5.1/version1-no-clients.txt" + pathStatusVersion2 = "testdata/v2.5.1/version2.txt" + pathStatusVersion2NoClients = "testdata/v2.5.1/version2-no-clients.txt" + pathStatusVersion3 = "testdata/v2.5.1/version3.txt" + pathStatusVersion3NoClients = "testdata/v2.5.1/version3-no-clients.txt" +) + +var ( + dataConfigJSON, _ = os.ReadFile("testdata/config.json") + dataConfigYAML, _ = os.ReadFile("testdata/config.yaml") +) + +func Test_testDataIsValid(t *testing.T) { + for name, data := range map[string][]byte{ + "dataConfigJSON": dataConfigJSON, + "dataConfigYAML": dataConfigYAML, + } { + require.NotNil(t, data, name) + } +} + +func TestOpenVPNStatusLog_ConfigurationSerialize(t *testing.T) { + module.TestConfigurationSerialize(t, &OpenVPNStatusLog{}, dataConfigJSON, dataConfigYAML) +} + +func TestOpenVPNStatusLog_Init(t *testing.T) { + tests := map[string]struct { + config Config + wantFail bool + }{ + "default config": { + config: New().Config, + }, + "unset 'log_path'": { + wantFail: true, + config: Config{ + LogPath: "", + }, + }, + } + + for name, test := range tests { + t.Run(name, func(t *testing.T) { + ovpn := New() + ovpn.Config = test.config + + if test.wantFail { + assert.Error(t, ovpn.Init()) + } else { + assert.NoError(t, ovpn.Init()) + } + }) + } +} + +func TestOpenVPNStatusLog_Check(t *testing.T) { + tests := map[string]struct { + prepare func() *OpenVPNStatusLog + wantFail bool + }{ + "status version 1": {prepare: prepareCaseStatusVersion1}, + "status version 1 with no clients": {prepare: prepareCaseStatusVersion1NoClients}, + "status version 2": {prepare: prepareCaseStatusVersion2}, + "status version 2 with no clients": {prepare: prepareCaseStatusVersion2NoClients}, + "status version 3": {prepare: prepareCaseStatusVersion3}, + "status version 3 with no clients": {prepare: prepareCaseStatusVersion3NoClients}, + "empty file": {prepare: prepareCaseEmptyFile, wantFail: true}, + "non-existent file": {prepare: prepareCaseNonExistentFile, wantFail: true}, + } + + for name, test := range tests { + t.Run(name, func(t *testing.T) { + ovpn := test.prepare() + + require.NoError(t, ovpn.Init()) + + if test.wantFail { + assert.Error(t, ovpn.Check()) + } else { + assert.NoError(t, ovpn.Check()) + } + }) + } +} + +func TestOpenVPNStatusLog_Charts(t *testing.T) { + tests := map[string]struct { + prepare func() *OpenVPNStatusLog + wantNumCharts int + }{ + "status version 1 with user stats": { + prepare: prepareCaseStatusVersion1WithUserStats, + wantNumCharts: len(charts) + len(userCharts)*2, + }, + "status version 2 with user stats": { + prepare: prepareCaseStatusVersion2WithUserStats, + wantNumCharts: len(charts) + len(userCharts)*2, + }, + "status version 3 with user stats": { + prepare: prepareCaseStatusVersion2WithUserStats, + wantNumCharts: len(charts) + len(userCharts)*2, + }, + "status version with static key": { + prepare: prepareCaseStatusStaticKey, + wantNumCharts: len(charts), + }, + } + + for name, test := range tests { + t.Run(name, func(t *testing.T) { + ovpn := test.prepare() + + require.NoError(t, ovpn.Init()) + _ = ovpn.Check() + _ = ovpn.Collect() + + assert.Equal(t, test.wantNumCharts, len(*ovpn.Charts())) + }) + } +} + +func TestOpenVPNStatusLog_Collect(t *testing.T) { + tests := map[string]struct { + prepare func() *OpenVPNStatusLog + expected map[string]int64 + }{ + "status version 1": { + prepare: prepareCaseStatusVersion1, + expected: map[string]int64{ + "bytes_in": 6168, + "bytes_out": 6369, + "clients": 2, + }, + }, + "status version 1 with user stats": { + prepare: prepareCaseStatusVersion1WithUserStats, + expected: map[string]int64{ + "bytes_in": 6168, + "bytes_out": 6369, + "clients": 2, + "vpnclient2_bytes_in": 3084, + "vpnclient2_bytes_out": 3184, + "vpnclient2_connection_time": 63793143069, + "vpnclient_bytes_in": 3084, + "vpnclient_bytes_out": 3185, + "vpnclient_connection_time": 63793143069, + }, + }, + "status version 1 with no clients": { + prepare: prepareCaseStatusVersion1NoClients, + expected: map[string]int64{ + "bytes_in": 0, + "bytes_out": 0, + "clients": 0, + }, + }, + "status version 2": { + prepare: prepareCaseStatusVersion2, + expected: map[string]int64{ + "bytes_in": 6241, + "bytes_out": 6369, + "clients": 2, + }, + }, + "status version 2 with user stats": { + prepare: prepareCaseStatusVersion2WithUserStats, + expected: map[string]int64{ + "bytes_in": 6241, + "bytes_out": 6369, + "clients": 2, + "vpnclient2_bytes_in": 3157, + "vpnclient2_bytes_out": 3184, + "vpnclient2_connection_time": 264610, + "vpnclient_bytes_in": 3084, + "vpnclient_bytes_out": 3185, + "vpnclient_connection_time": 264609, + }, + }, + "status version 2 with no clients": { + prepare: prepareCaseStatusVersion2NoClients, + expected: map[string]int64{ + "bytes_in": 0, + "bytes_out": 0, + "clients": 0, + }, + }, + "status version 3": { + prepare: prepareCaseStatusVersion3, + expected: map[string]int64{ + "bytes_in": 7308, + "bytes_out": 7235, + "clients": 2, + }, + }, + "status version 3 with user stats": { + prepare: prepareCaseStatusVersion3WithUserStats, + expected: map[string]int64{ + "bytes_in": 7308, + "bytes_out": 7235, + "clients": 2, + "vpnclient2_bytes_in": 3654, + "vpnclient2_bytes_out": 3617, + "vpnclient2_connection_time": 265498, + "vpnclient_bytes_in": 3654, + "vpnclient_bytes_out": 3618, + "vpnclient_connection_time": 265496, + }, + }, + "status version 3 with no clients": { + prepare: prepareCaseStatusVersion3NoClients, + expected: map[string]int64{ + "bytes_in": 0, + "bytes_out": 0, + "clients": 0, + }, + }, + "status with static key": { + prepare: prepareCaseStatusStaticKey, + expected: map[string]int64{ + "bytes_in": 19265, + "bytes_out": 261631, + "clients": 0, + }, + }, + "empty file": { + prepare: prepareCaseEmptyFile, + expected: nil, + }, + "non-existent file": { + prepare: prepareCaseNonExistentFile, + expected: nil, + }, + } + + for name, test := range tests { + t.Run(name, func(t *testing.T) { + ovpn := test.prepare() + + require.NoError(t, ovpn.Init()) + _ = ovpn.Check() + + collected := ovpn.Collect() + + copyConnTime(collected, test.expected) + assert.Equal(t, test.expected, collected) + }) + } +} + +func prepareCaseStatusVersion1() *OpenVPNStatusLog { + ovpn := New() + ovpn.LogPath = pathStatusVersion1 + return ovpn +} + +func prepareCaseStatusVersion1WithUserStats() *OpenVPNStatusLog { + ovpn := New() + ovpn.LogPath = pathStatusVersion1 + ovpn.PerUserStats = matcher.SimpleExpr{ + Includes: []string{"* *"}, + } + return ovpn +} + +func prepareCaseStatusVersion1NoClients() *OpenVPNStatusLog { + ovpn := New() + ovpn.LogPath = pathStatusVersion1NoClients + return ovpn +} + +func prepareCaseStatusVersion2() *OpenVPNStatusLog { + ovpn := New() + ovpn.LogPath = pathStatusVersion2 + return ovpn +} + +func prepareCaseStatusVersion2WithUserStats() *OpenVPNStatusLog { + ovpn := New() + ovpn.LogPath = pathStatusVersion2 + ovpn.PerUserStats = matcher.SimpleExpr{ + Includes: []string{"* *"}, + } + return ovpn +} + +func prepareCaseStatusVersion2NoClients() *OpenVPNStatusLog { + ovpn := New() + ovpn.LogPath = pathStatusVersion2NoClients + return ovpn +} + +func prepareCaseStatusVersion3() *OpenVPNStatusLog { + ovpn := New() + ovpn.LogPath = pathStatusVersion3 + return ovpn +} + +func prepareCaseStatusVersion3WithUserStats() *OpenVPNStatusLog { + ovpn := New() + ovpn.LogPath = pathStatusVersion3 + ovpn.PerUserStats = matcher.SimpleExpr{ + Includes: []string{"* *"}, + } + return ovpn +} + +func prepareCaseStatusVersion3NoClients() *OpenVPNStatusLog { + ovpn := New() + ovpn.LogPath = pathStatusVersion3NoClients + return ovpn +} + +func prepareCaseStatusStaticKey() *OpenVPNStatusLog { + ovpn := New() + ovpn.LogPath = pathStaticKey + return ovpn +} + +func prepareCaseEmptyFile() *OpenVPNStatusLog { + ovpn := New() + ovpn.LogPath = pathEmptyFile + return ovpn +} + +func prepareCaseNonExistentFile() *OpenVPNStatusLog { + ovpn := New() + ovpn.LogPath = pathNonExistentFile + return ovpn +} + +func copyConnTime(dst, src map[string]int64) { + for k, v := range src { + if !strings.HasSuffix(k, "connection_time") { + continue + } + if _, ok := dst[k]; !ok { + continue + } + dst[k] = v + } +} diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/parser.go b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/parser.go new file mode 100644 index 000000000..c734fd5fb --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/parser.go @@ -0,0 +1,131 @@ +// SPDX-License-Identifier: GPL-3.0-or-later + +package openvpn_status_log + +import ( + "bufio" + "fmt" + "os" + "strconv" + "strings" + "time" +) + +type clientInfo struct { + commonName string + bytesReceived int64 + bytesSent int64 + connectedSince int64 +} + +func parse(path string) ([]clientInfo, error) { + f, err := os.Open(path) + if err != nil { + return nil, err + } + defer func() { _ = f.Close() }() + + sc := bufio.NewScanner(f) + _ = sc.Scan() + line := sc.Text() + + if line == "OpenVPN CLIENT LIST" { + return parseV1(sc), nil + } + if strings.HasPrefix(line, "TITLE,OpenVPN") || strings.HasPrefix(line, "TITLE\tOpenVPN") { + return parseV2V3(sc), nil + } + if line == "OpenVPN STATISTICS" { + return parseStaticKey(sc), nil + } + return nil, fmt.Errorf("the status log file is invalid (%s)", path) +} + +func parseV1(sc *bufio.Scanner) []clientInfo { + // https://github.com/OpenVPN/openvpn/blob/d5315a5d7400a26f1113bbc44766d49dd0c3688f/src/openvpn/multi.c#L836 + var clients []clientInfo + + for sc.Scan() { + if !strings.HasPrefix(sc.Text(), "Common Name") { + continue + } + for sc.Scan() && !strings.HasPrefix(sc.Text(), "ROUTING TABLE") { + parts := strings.Split(sc.Text(), ",") + if len(parts) != 5 { + continue + } + + name := parts[0] + bytesRx, _ := strconv.ParseInt(parts[2], 10, 64) + bytesTx, _ := strconv.ParseInt(parts[3], 10, 64) + connSince, _ := time.Parse("Mon Jan 2 15:04:05 2006", parts[4]) + + clients = append(clients, clientInfo{ + commonName: name, + bytesReceived: bytesRx, + bytesSent: bytesTx, + connectedSince: connSince.Unix(), + }) + } + break + } + return clients +} + +func parseV2V3(sc *bufio.Scanner) []clientInfo { + // https://github.com/OpenVPN/openvpn/blob/d5315a5d7400a26f1113bbc44766d49dd0c3688f/src/openvpn/multi.c#L901 + var clients []clientInfo + var sep string + if strings.IndexByte(sc.Text(), '\t') != -1 { + sep = "\t" + } else { + sep = "," + } + + for sc.Scan() { + line := sc.Text() + if !strings.HasPrefix(line, "CLIENT_LIST") { + continue + } + parts := strings.Split(line, sep) + if len(parts) != 13 { + continue + } + + name := parts[1] + bytesRx, _ := strconv.ParseInt(parts[5], 10, 64) + bytesTx, _ := strconv.ParseInt(parts[6], 10, 64) + connSince, _ := strconv.ParseInt(parts[8], 10, 64) + + clients = append(clients, clientInfo{ + commonName: name, + bytesReceived: bytesRx, + bytesSent: bytesTx, + connectedSince: connSince, + }) + } + return clients +} + +func parseStaticKey(sc *bufio.Scanner) []clientInfo { + // https://github.com/OpenVPN/openvpn/blob/d5315a5d7400a26f1113bbc44766d49dd0c3688f/src/openvpn/sig.c#L283 + var info clientInfo + for sc.Scan() { + line := sc.Text() + if !strings.HasPrefix(line, "TCP/UDP") { + continue + } + i := strings.IndexByte(line, ',') + if i == -1 || len(line) == i { + continue + } + bytes, _ := strconv.ParseInt(line[i+1:], 10, 64) + switch line[:i] { + case "TCP/UDP read bytes": + info.bytesReceived += bytes + case "TCP/UDP write bytes": + info.bytesSent += bytes + } + } + return []clientInfo{info} +} diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/config.json b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/config.json new file mode 100644 index 000000000..078a1ae56 --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/config.json @@ -0,0 +1,12 @@ +{ + "update_every": 123, + "log_path": "ok", + "per_user_stats": { + "includes": [ + "ok" + ], + "excludes": [ + "ok" + ] + } +} diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/config.yaml b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/config.yaml new file mode 100644 index 000000000..1a27ab974 --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/config.yaml @@ -0,0 +1,7 @@ +update_every: 123 +log_path: "ok" +per_user_stats: + includes: + - "ok" + excludes: + - "ok" diff --git a/fluent-bit/lib/jemalloc-5.3.0/config.stamp.in b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/empty.txt index e69de29bb..e69de29bb 100644 --- a/fluent-bit/lib/jemalloc-5.3.0/config.stamp.in +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/empty.txt diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/static-key.txt b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/static-key.txt new file mode 100644 index 000000000..64b691fcd --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/static-key.txt @@ -0,0 +1,8 @@ +OpenVPN STATISTICS +Updated,2022-05-05 12:35:47 +TUN/TAP read bytes,123 +TUN/TAP write bytes,1155 +TCP/UDP read bytes,19265 +TCP/UDP write bytes,261631 +Auth read bytes,0 +END diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version1-no-clients.txt b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version1-no-clients.txt new file mode 100644 index 000000000..34d7a748f --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version1-no-clients.txt @@ -0,0 +1,8 @@ +OpenVPN CLIENT LIST +Updated,2022-07-08 15:05:57 +Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since +ROUTING TABLE +Virtual Address,Common Name,Real Address,Last Ref +GLOBAL STATS +Max bcast/mcast queue length,0 +END
\ No newline at end of file diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version1.txt b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version1.txt new file mode 100644 index 000000000..0d2f33ba5 --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version1.txt @@ -0,0 +1,12 @@ +OpenVPN CLIENT LIST +Updated,2022-07-08 15:14:45 +Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since +vpnclient,10.10.10.107:46195,3084,3185,2022-07-08 15:14:42 +vpnclient2,10.10.10.50:51275,3084,3184,2022-07-08 15:14:41 +ROUTING TABLE +Virtual Address,Common Name,Real Address,Last Ref +10.8.0.10,vpnclient,10.10.10.107:46195,2022-07-08 15:14:42 +10.8.0.6,vpnclient2,10.10.10.50:51275,2022-07-08 15:14:41 +GLOBAL STATS +Max bcast/mcast queue length,0 +END
\ No newline at end of file diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version2-no-clients.txt b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version2-no-clients.txt new file mode 100644 index 000000000..6d1ea1e32 --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version2-no-clients.txt @@ -0,0 +1,6 @@ +TITLE,OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2021 +TIME,2022-07-08 15:04:54,1657281894 +HEADER,CLIENT_LIST,Common Name,Real Address,Virtual Address,Virtual IPv6 Address,Bytes Received,Bytes Sent,Connected Since,Connected Since (time_t),Username,Client ID,Peer ID,Data Channel Cipher +HEADER,ROUTING_TABLE,Virtual Address,Common Name,Real Address,Last Ref,Last Ref (time_t) +GLOBAL_STATS,Max bcast/mcast queue length,0 +END
\ No newline at end of file diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version2.txt b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version2.txt new file mode 100644 index 000000000..d0f4ac8e3 --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version2.txt @@ -0,0 +1,10 @@ +TITLE,OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2021 +TIME,2022-07-08 15:05:14,1657281914 +HEADER,CLIENT_LIST,Common Name,Real Address,Virtual Address,Virtual IPv6 Address,Bytes Received,Bytes Sent,Connected Since,Connected Since (time_t),Username,Client ID,Peer ID,Data Channel Cipher +CLIENT_LIST,vpnclient2,10.10.10.50:38535,10.8.0.6,,3157,3184,2022-07-08 15:05:09,1657281909,UNDEF,0,0,AES-256-GCM +CLIENT_LIST,vpnclient,10.10.10.107:50026,10.8.0.10,,3084,3185,2022-07-08 15:05:10,1657281910,UNDEF,1,1,AES-256-GCM +HEADER,ROUTING_TABLE,Virtual Address,Common Name,Real Address,Last Ref,Last Ref (time_t) +ROUTING_TABLE,10.8.0.6,vpnclient2,10.10.10.50:38535,2022-07-08 15:05:09,1657281909 +ROUTING_TABLE,10.8.0.10,vpnclient,10.10.10.107:50026,2022-07-08 15:05:10,1657281910 +GLOBAL_STATS,Max bcast/mcast queue length,0 +END
\ No newline at end of file diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version3-no-clients.txt b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version3-no-clients.txt new file mode 100644 index 000000000..6ab671f20 --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version3-no-clients.txt @@ -0,0 +1,6 @@ +TITLE OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2021 +TIME 2022-07-08 15:02:27 1657281747 +HEADER CLIENT_LIST Common Name Real Address Virtual Address Virtual IPv6 Address Bytes Received Bytes Sent Connected Since Connected Since (time_t) Username Client ID Peer ID Data Channel Cipher +HEADER ROUTING_TABLE Virtual Address Common Name Real Address Last Ref Last Ref (time_t) +GLOBAL_STATS Max bcast/mcast queue length 2 +END
\ No newline at end of file diff --git a/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version3.txt b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version3.txt new file mode 100644 index 000000000..7d732042e --- /dev/null +++ b/src/go/collectors/go.d.plugin/modules/openvpn_status_log/testdata/v2.5.1/version3.txt @@ -0,0 +1,10 @@ +TITLE OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2021 +TIME 2022-07-08 14:53:40 1657281220 +HEADER CLIENT_LIST Common Name Real Address Virtual Address Virtual IPv6 Address Bytes Received Bytes Sent Connected Since Connected Since (time_t) Username Client ID Peer ID Data Channel Cipher +CLIENT_LIST vpnclient2 10.10.10.50:53856 10.8.0.6 3654 3617 2022-07-08 14:50:56 1657281056 UNDEF 0 0 AES-256-GCM +CLIENT_LIST vpnclient 10.10.10.107:42132 10.8.0.10 3654 3618 2022-07-08 14:50:58 1657281058 UNDEF 1 1 AES-256-GCM +HEADER ROUTING_TABLE Virtual Address Common Name Real Address Last Ref Last Ref (time_t) +ROUTING_TABLE 10.8.0.6 vpnclient2 10.10.10.50:53856 2022-07-08 14:50:56 1657281056 +ROUTING_TABLE 10.8.0.10 vpnclient 10.10.10.107:42132 2022-07-08 14:50:58 1657281058 +GLOBAL_STATS Max bcast/mcast queue length 2 +END
\ No newline at end of file |