improve the name of the prometheus metrics to follow the best practic…

…e and the naming convention chosen by Falco Signed-off-by: Thomas Labarussias <[email protected]>
falcosecurity · Oct 9, 2024 · 31a8dca · 31a8dca
1 parent 04dd08b
commit 31a8dca
Show file tree

Hide file tree

Showing 6 changed files with 20 additions and 9 deletions.
diff --git a/handlers.go b/handlers.go
@@ -10,6 +10,7 @@ import (
 	"log"
 	"net/http"
 	"sort"
+	"strconv"
 	"strings"
 	"text/template"
 	"time"
@@ -156,7 +157,14 @@ func newFalcoPayload(payload io.Reader) (types.FalcoPayload, error) {
 
 	nullClient.CountMetric("falco.accepted", 1, []string{"priority:" + falcopayload.Priority.String()})
 	stats.Falco.Add(strings.ToLower(falcopayload.Priority.String()), 1)
-	promLabels := map[string]string{"rule": falcopayload.Rule, "priority": falcopayload.Priority.String(), "source": falcopayload.Source, "k8s_ns_name": kn, "k8s_pod_name": kp}
+	promLabels := map[string]string{
+		"rule":         falcopayload.Rule,
+		"priority_raw": strings.ToLower(falcopayload.Priority.String()),
+		"priority":     strconv.Itoa(int(falcopayload.Priority)),
+		"source":       falcopayload.Source,
+		"k8s_ns_name":  kn,
+		"k8s_pod_name": kp,
+	}
 	if falcopayload.Hostname != "" {
 		promLabels["hostname"] = falcopayload.Hostname
 	} else {

diff --git a/outputs/awssecuritylake.go b/outputs/awssecuritylake.go
@@ -217,7 +217,7 @@ func (c *Client) StartSecurityLakeWorker() {
 			continue
 		}
 
-		time.Sleep(time.Duration(c.Config.AWS.SecurityLake.Interval) * time.Minute)
+		time.Sleep(time.Duration(c.Config.AWS.SecurityLake.Interval) * time.Minute) //nolint:gosec // disable G115
 	}
 }
 

diff --git a/outputs/policyreport.go b/outputs/policyreport.go
@@ -175,7 +175,7 @@ func newResult(falcopayload types.FalcoPayload) *wgpolicy.PolicyReportResult {
 		Rule:        falcopayload.Rule,
 		Category:    "SI - System and Information Integrity",
 		Source:      policyReportSource,
-		Timestamp:   metav1.Timestamp{Seconds: int64(falcopayload.Time.Second()), Nanos: int32(falcopayload.Time.Nanosecond())},
+		Timestamp:   metav1.Timestamp{Seconds: int64(falcopayload.Time.Second()), Nanos: int32(falcopayload.Time.Nanosecond())}, //nolint:gosec // disable G115
 		Severity:    mapSeverity(falcopayload),
 		Result:      mapResult(falcopayload),
 		Description: falcopayload.Output,

diff --git a/outputs/spyderbat.go b/outputs/spyderbat.go
@@ -175,7 +175,7 @@ func newSpyderbatPayload(falcopayload types.FalcoPayload) (spyderbatPayload, err
 		MonotonicTime: time.Now().Nanosecond(),
 		OrcTime:       nowTime,
 		Time:          eventTime,
-		PID:           int32(pid),
+		PID:           int32(pid), //nolint:gosec // disable G115
 		Level:         level,
 		Message:       message,
 		Arguments:     arguments,

diff --git a/stats_prometheus.go b/stats_prometheus.go
@@ -13,6 +13,8 @@ import (
 	"github.com/falcosecurity/falcosidekick/types"
 )
 
+const metricPrefix string = "falcosecurity_falcosidekick_"
+
 func getInitPromStats(config *types.Configuration) *types.PromStatistics {
 	promStats = &types.PromStatistics{
 		Falco:   getFalcoNewCounterVec(config),
@@ -25,7 +27,7 @@ func getInitPromStats(config *types.Configuration) *types.PromStatistics {
 func getInputNewCounterVec() *prometheus.CounterVec {
 	return promauto.NewCounterVec(
 		prometheus.CounterOpts{
-			Name: "falcosidekick_inputs",
+			Name: metricPrefix + "inputs_total",
 		},
 		[]string{"source", "status"},
 	)
@@ -34,7 +36,7 @@ func getInputNewCounterVec() *prometheus.CounterVec {
 func getOutputNewCounterVec() *prometheus.CounterVec {
 	return promauto.NewCounterVec(
 		prometheus.CounterOpts{
-			Name: "falcosidekick_outputs",
+			Name: metricPrefix + "outputs_total",
 		},
 		[]string{"destination", "status"},
 	)
@@ -46,6 +48,7 @@ func getFalcoNewCounterVec(config *types.Configuration) *prometheus.CounterVec {
 		"hostname",
 		"rule",
 		"priority",
+		"priority_raw",
 		"source",
 		"k8s_ns_name",
 		"k8s_pod_name",
@@ -66,7 +69,7 @@ func getFalcoNewCounterVec(config *types.Configuration) *prometheus.CounterVec {
 	}
 	return promauto.NewCounterVec(
 		prometheus.CounterOpts{
-			Name: "falco_events",
+			Name: metricPrefix + "falco_events_total",
 		},
 		labelnames,
 	)

diff --git a/stats_prometheus_test.go b/stats_prometheus_test.go
@@ -18,11 +18,11 @@ func TestFalcoNewCounterVec(t *testing.T) {
 	c.Customfields["should*fail"] = "bar"
 
 	cv := getFalcoNewCounterVec(c)
-	shouldbe := []string{"hostname", "rule", "priority", "source", "k8s_ns_name", "k8s_pod_name", "test"}
+	shouldbe := []string{"hostname", "rule", "priority", "priority_raw", "source", "k8s_ns_name", "k8s_pod_name", "test"}
 	mm, err := cv.GetMetricWithLabelValues(shouldbe...)
 	if err != nil {
 		t.Errorf("Error getting Metrics from promauto")
 	}
 	metricDescString := mm.Desc().String()
-	require.Equal(t, metricDescString, "Desc{fqName: \"falco_events\", help: \"\", constLabels: {}, variableLabels: {hostname,rule,priority,source,k8s_ns_name,k8s_pod_name,test}}")
+	require.Equal(t, metricDescString, "Desc{fqName: \"falcosecurity_falcosidekick_falco_events_total\", help: \"\", constLabels: {}, variableLabels: {hostname,rule,priority,priority_raw,source,k8s_ns_name,k8s_pod_name,test}}")
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -217,7 +217,7 @@ func (c *Client) StartSecurityLakeWorker() { @@
     			continue
     		}
-    		time.Sleep(time.Duration(c.Config.AWS.SecurityLake.Interval) * time.Minute)
+    		time.Sleep(time.Duration(c.Config.AWS.SecurityLake.Interval) * time.Minute) //nolint:gosec // disable G115
     	}
     }
@@ Expand Down @@