prometheus-what-active-users-exporter v0.7.0
Active Users Exporter for Prometheus
This is a simple server that scrapes the output of the unix command w. w displays information about the users currently on the machine, and their processes.
Why would you want to do that? This exporter will allow you to monitor who logs into your system. So you can define alarms for unauthorized users, the max. amount of active session or even every active user session. W will also monitor logins via SSH which allows you to track even active remote sessions.
Currently, two metrics are created and exposed:
- what_up{version="x.x.x"} 1
- what_user_sessions_currently_active{user="demo"} 1
The exporter was tested on Ubuntu.
Getting Started
Download the binary from the latest release. We currently provide binaries for Linux and Alpine Linux on amd64.
To download latest Linux version and check sha256 sum:
#!/bin/bash
set -ex
declare -r owner="stfsy"
declare -r name="prometheus-what-active-users-exporter"
declare -r latest_release_url=$(curl -Ls -o /dev/null -w %{url_effective} https://github.com/${owner}/${name}/releases/latest)
declare -r latest_version=$(echo ${latest_release_url} | awk -F'/' '{print $8}')
declare -r latest_version_name=${name}-${latest_version}-linux-x64
declare -r shasum_url=https://github.com/${owner}/${name}/releases/download/${latest_version}/sha256sums.txt
declare -r binary_url=https://github.com/${owner}/${name}/releases/download/${latest_version}/${latest_version_name}
curl -L ${shasum_url} > shasums256.txt
curl -L ${binary_url} > ${latest_version_name}
declare -r hash_sum_line=$(cat shasums256.txt | grep ${latest_version_name})
declare -r hash_sum=$(echo ${hash_sum_line} | awk -F' ' '{print $1}')
echo "${hash_sum} ${latest_version_name}" | sha256sum --check --ignore-missing
mv ${latest_version_name} ${name}
rm shasums256.txtTo run it:
./prometheus-what-active-users-exporter [flags]Help on flags:
./prometheus-what-active-users-exporter --helpUsage
By default the exporter will start with sensible default values. Configuration can be customized with the following command line flags:
- --listen.host:
default=127.0.0.1 - --listen.port
default=127.0.0.1 - --metrics.retention
default=30000 - --metrics.endpoint
default=/metrics - --metrics.prefix
default=what - --metrics.with-timestamp
default=false - --scrape.interval
default=5000
:warning:
There's a tradeoff between detecting every single and possibly very short login vs. putting additional load on your system by querying too often. By default, the exporter will query the active sessions every 5s and will store every session for 30s. Meaning: Login sessions that last less than 5s might no be detected by the exporter. Login sessions that last longer than 5s will be stored for up to 30s - even if the user logs off after 6s - to make sure that Prometheus is able to catch the updated metric.
Please make sure that --metrics.retention is greater than the scrape interval of your Prometheus job, to ensure Prometheus is able to pick up all values.
Building
npx pkg --compress GZip --targets node16-linux-x64,node16-alpine-x64,node16-linuxstatic-x64 lib/index.jsTesting
npm testTLS and basic authentication
The W exporter does currently not support TLS and basic authentication.
License
This project is distributed under the MIT license.