prometheus-what-active-users-exporter
v0.7.0
Published
Prometheus exporter that scrapes currently logged in users on unix systems
Downloads
36
Maintainers
Readme
Active Users Exporter for Prometheus
This is a simple server that scrapes the output of the unix command w
. w displays information about the users currently on the machine, and their processes.
Why would you want to do that? This exporter will allow you to monitor who logs into your system. So you can define alarms for unauthorized users, the max. amount of active session or even every active user session. W
will also monitor logins via SSH which allows you to track even active remote sessions.
Currently, two metrics are created and exposed:
- what_up{version="x.x.x"} 1
- what_user_sessions_currently_active{user="demo"} 1
The exporter was tested on Ubuntu.
Getting Started
Download the binary from the latest release. We currently provide binaries for Linux and Alpine Linux on amd64.
To download latest Linux version and check sha256 sum:
#!/bin/bash
set -ex
declare -r owner="stfsy"
declare -r name="prometheus-what-active-users-exporter"
declare -r latest_release_url=$(curl -Ls -o /dev/null -w %{url_effective} https://github.com/${owner}/${name}/releases/latest)
declare -r latest_version=$(echo ${latest_release_url} | awk -F'/' '{print $8}')
declare -r latest_version_name=${name}-${latest_version}-linux-x64
declare -r shasum_url=https://github.com/${owner}/${name}/releases/download/${latest_version}/sha256sums.txt
declare -r binary_url=https://github.com/${owner}/${name}/releases/download/${latest_version}/${latest_version_name}
curl -L ${shasum_url} > shasums256.txt
curl -L ${binary_url} > ${latest_version_name}
declare -r hash_sum_line=$(cat shasums256.txt | grep ${latest_version_name})
declare -r hash_sum=$(echo ${hash_sum_line} | awk -F' ' '{print $1}')
echo "${hash_sum} ${latest_version_name}" | sha256sum --check --ignore-missing
mv ${latest_version_name} ${name}
rm shasums256.txt
To run it:
./prometheus-what-active-users-exporter [flags]
Help on flags:
./prometheus-what-active-users-exporter --help
Usage
By default the exporter will start with sensible default values. Configuration can be customized with the following command line flags:
- --listen.host:
default=127.0.0.1
- --listen.port
default=127.0.0.1
- --metrics.retention
default=30000
- --metrics.endpoint
default=/metrics
- --metrics.prefix
default=what
- --metrics.with-timestamp
default=false
- --scrape.interval
default=5000
:warning:
There's a tradeoff between detecting every single and possibly very short login vs. putting additional load on your system by querying too often. By default, the exporter will query the active sessions every 5s and will store every session for 30s. Meaning: Login sessions that last less than 5s might no be detected by the exporter. Login sessions that last longer than 5s will be stored for up to 30s - even if the user logs off after 6s - to make sure that Prometheus is able to catch the updated metric.
Please make sure that --metrics.retention
is greater than the scrape interval of your Prometheus job, to ensure Prometheus is able to pick up all values.
Building
npx pkg --compress GZip --targets node16-linux-x64,node16-alpine-x64,node16-linuxstatic-x64 lib/index.js
Testing
npm test
TLS and basic authentication
The W exporter does currently not support TLS and basic authentication.
License
This project is distributed under the MIT license.