Esempio n. 1
0
func c_windows_processes() opentsdb.MultiDataPoint {
	var dst []Win32_PerfRawData_PerfProc_Process
	var q = wmi.CreateQuery(&dst, `WHERE Name <> '_Total'`)
	err := wmi.Query(q, &dst)
	if err != nil {
		l.Println("processes:", err)
		return nil
	}

	var svc_dst []Win32_Service
	var svc_q = wmi.CreateQuery(&svc_dst, `WHERE Name <> '_Total'`)
	err = wmi.Query(svc_q, &svc_dst)
	if err != nil {
		l.Println("services:", err)
		return nil
	}

	var iis_dst []WorkerProcess
	iis_q := wmi.CreateQuery(&iis_dst, "")
	err = wmi.QueryNamespace(iis_q, &iis_dst, "root\\WebAdministration")
	if err != nil {
		l.Println("iis_worker:", err, "WQL Query: ", iis_q, "NameSpace", "root\\WebAdministration")
		return nil
	}

	var md opentsdb.MultiDataPoint
	for _, v := range dst {
		var name string
		service_match := false
		iis_match := false
		process_match := processInclusions.MatchString(v.Name)

		id := "0"

		if process_match {
			raw_name := strings.Split(v.Name, "#")
			name = raw_name[0]
			if len(raw_name) == 2 {
				id = raw_name[1]
			}
			// If you have a hash sign in your process name you don't deserve monitoring ;-)
			if len(raw_name) > 2 {
				continue
			}
		}

		// A Service match could "overwrite" a process match, but that is probably what we would want
		for _, svc := range svc_dst {
			if serviceInclusions.MatchString(svc.Name) {
				// It is possible the pid has gone and been reused, but I think this unlikely
				// And I'm not aware of an atomic join we could do anyways
				if svc.ProcessId == v.IDProcess {
					id = "0"
					service_match = true
					name = svc.Name
					break
				}
			}
		}

		for _, a_pool := range iis_dst {
			if a_pool.ProcessId == v.IDProcess {
				id = "0"
				iis_match = true
				name = strings.Join([]string{"iis", a_pool.AppPoolName}, "_")
				break
			}
		}

		if !(service_match || process_match || iis_match) {
			continue
		}

		Add(&md, "processes.elapsed_time", v.ElapsedTime, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.handle_count", v.HandleCount, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.io_bytes", v.IOOtherBytesPersec, opentsdb.TagSet{"name": name, "id": id, "type": "other"})
		Add(&md, "processes.io_operations", v.IOOtherOperationsPersec, opentsdb.TagSet{"name": name, "id": id, "type": "other"})
		Add(&md, "processes.io_bytes", v.IOReadBytesPersec, opentsdb.TagSet{"name": name, "id": id, "type": "read"})
		Add(&md, "processes.io_operations", v.IOReadOperationsPersec, opentsdb.TagSet{"name": name, "id": id, "type": "read"})
		Add(&md, "processes.io_bytes", v.IOWriteBytesPersec, opentsdb.TagSet{"name": name, "id": id, "type": "write"})
		Add(&md, "processes.io_operations", v.IOWriteOperationsPersec, opentsdb.TagSet{"name": name, "id": id, "type": "write"})
		Add(&md, "processes.page_faults", v.PageFaultsPersec, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.pagefile_bytes", v.PageFileBytes, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.pagefile_bytes_peak", v.PageFileBytesPeak, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.cpu_time", v.PercentPrivilegedTime, opentsdb.TagSet{"name": name, "id": id, "type": "privileged"})
		Add(&md, "processes.cpu_total", v.PercentProcessorTime, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.cpu_time", v.PercentUserTime, opentsdb.TagSet{"name": name, "id": id, "type": "user"})
		Add(&md, "processes.pool_nonpaged_bytes", v.PoolNonpagedBytes, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.pool_paged_bytes", v.PoolPagedBytes, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.priority_base", v.PriorityBase, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.private_bytes", v.PrivateBytes, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.thread_count", v.ThreadCount, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.virtual_bytes", v.VirtualBytes, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.virtual_bytes_peak", v.VirtualBytesPeak, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.working_set", v.WorkingSet, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.working_set_peak", v.WorkingSetPeak, opentsdb.TagSet{"name": name, "id": id})
		Add(&md, "processes.working_set_private", v.WorkingSetPrivate, opentsdb.TagSet{"name": name, "id": id})

	}
	return md
}
Esempio n. 2
0
func c_meta_windows_ifaces() (opentsdb.MultiDataPoint, error) {
	var md opentsdb.MultiDataPoint
	var dstConfigs []Win32_NetworkAdapterConfiguration
	q := wmi.CreateQuery(&dstConfigs, "WHERE MACAddress != null")
	err := wmi.Query(q, &dstConfigs)
	if err != nil {
		slog.Error(err)
		return md, err
	}

	mNicConfigs := make(map[uint32]*Win32_NetworkAdapterConfiguration)
	for i, nic := range dstConfigs {
		mNicConfigs[nic.InterfaceIndex] = &dstConfigs[i]
	}

	mNicTeamIDtoSpeed := make(map[string]uint64)
	mNicTeamIDtoMaster := make(map[string]string)
	var dstTeamMembers []MSFT_NetLbfoTeamMember
	q = wmi.CreateQuery(&dstTeamMembers, "")
	err = wmi.QueryNamespace(q, &dstTeamMembers, "root\\StandardCimv2")
	if err == nil {
		for _, teamMember := range dstTeamMembers {
			mNicTeamIDtoSpeed[teamMember.InstanceID] = teamMember.ReceiveLinkSpeed
			mNicTeamIDtoMaster[teamMember.InstanceID] = teamMember.Team
		}
	}

	var dstAdapters []Win32_NetworkAdapter
	q = wmi.CreateQuery(&dstAdapters, "WHERE PhysicalAdapter=True and MACAddress <> null and NetConnectionStatus = 2") //Only adapters with MAC addresses and status="Connected"
	err = wmi.Query(q, &dstAdapters)
	if err != nil {
		slog.Error(err)
		return md, err
	}

	mNicIndextoIPs := make(map[int]string)
	ifaces, _ := net.Interfaces()
	for _, iface := range ifaces {
		if iface.Flags&(net.FlagLoopback|net.FlagPointToPoint) != 0 {
			continue
		}
		rawAds, _ := iface.Addrs()
		addrs := make([]string, len(rawAds))
		for i, rAd := range rawAds {
			addrs[i] = rAd.String()
		}
		sort.Strings(addrs)
		j, _ := json.Marshal(addrs)
		mNicIndextoIPs[iface.Index] = string(j)
	}

	for _, v := range dstAdapters {
		tag := opentsdb.TagSet{"iface": fmt.Sprint("Interface", v.InterfaceIndex)}
		metadata.AddMeta("", tag, "description", v.Description, true)
		metadata.AddMeta("", tag, "name", v.NetConnectionID, true)
		metadata.AddMeta("", tag, "mac", strings.Replace(v.MACAddress, ":", "", -1), true)
		if v.Speed != nil && *v.Speed != 0 {
			metadata.AddMeta("", tag, "speed", v.Speed, true)
		} else {
			nicSpeed := mNicTeamIDtoSpeed[v.GUID]
			metadata.AddMeta("", tag, "speed", nicSpeed, true)
		}

		nicMaster := mNicTeamIDtoMaster[v.GUID]
		if nicMaster != "" {
			metadata.AddMeta("", tag, "master", nicMaster, true)
		}

		nicIPs := mNicIndextoIPs[int(v.InterfaceIndex)]
		if nicIPs == "" {
			nicIPs = "[]"
		}
		metadata.AddMeta("", tag, "addresses", nicIPs, true)
	}
	return md, nil
}
Esempio n. 3
0
func queryWmiNamespace(query string, dst interface{}, namespace string) error {
	return wmi.QueryNamespace(query, dst, namespace)
}