bind_query_exporter

README

BIND Query log Prometheus Exporter

A Prometheus exporter for BIND queries. This exporter consumes the BIND9 query log file. It is based on the node_exporter and cf_exporter projects.

Installation

Binaries

Download the already existing binaries for your platform:

$ ./bind_query_exporter <flags>

From source

Using the standard go install (you must have Go already installed in your local machine):

$ go install github.com/DRuggeri/bind_query_exporter
$ bind_query_exporter <flags>

Usage

Flags

usage: bind_query_exporter [<flags>]

Flags:
  -h, --help                   Show context-sensitive help (also try --help-long and --help-man).
      --log="/var/log/bind/queries.log"
                               Path of the BIND query log to watch. Defaults to '/var/log/bind/queries.log' ($BIND_QUERY_EXPORTER_LOG)
      --names.include.file=""  Path to a file of domain names that this exporter WILL export when the Names filter is enabled. One DNS name per line will be read. ($BIND_QUERY_EXPORTER_NAMES_INCLUDE_FILE)
      --names.exclude.file=""  Path to a file of domain names that this exporter WILL NOT export when the Names filter is enabled. One DNS name per line will be read. ($BIND_QUERY_EXPORTER_NAMES_EXCLUDE_FILE)
      --names.capture-client   Enable capturing the client making the query as part of the vector. WARNING: This will can lead to lots of metrics in your Prometheus database! ($BIND_QUERY_EXPORTER_NAMES_CAPTURE_CLIENT)
      --names.reverse-lookup   When names.capture-client is enabled, enable a reverse DNS lookup to identify the client in the vector instead of the IP. ($BIND_QUERY_EXPORTER_NAMES_REVERSE_LOOKUP)
      --filter.collectors="Stats,Names"
                               Comma separated collectors to enable (Stats,Names) ($BIND_QUERY_EXPORTER_FILTER_COLLECTORS)
      --metrics.namespace="bind_query"
                               Metrics Namespace ($BIND_QUERY_EXPORTER_METRICS_NAMESPACE)
      --web.listen-address=":9197"
                               Address to listen on for web interface and telemetry ($BIND_QUERY_EXPORTER_WEB_LISTEN_ADDRESS)
      --web.telemetry-path="/metrics"
                               Path under which to expose Prometheus metrics ($BIND_QUERY_EXPORTER_WEB_TELEMETRY_PATH)
      --web.auth.username=WEB.AUTH.USERNAME
                               Username for web interface basic auth ($BIND_QUERY_EXPORTER_WEB_AUTH_USERNAME)
      --web.auth.password=WEB.AUTH.PASSWORD
                               Password for web interface basic auth ($BIND_QUERY_EXPORTER_WEB_AUTH_PASSWORD)
      --web.tls.cert_file=WEB.TLS.CERT_FILE
                               Path to a file that contains the TLS certificate (PEM format). If the certificate is signed by a certificate authority, the file should be the concatenation of the server's certificate, any intermediates, and the CA's certificate
                               ($BIND_QUERY_EXPORTER_WEB_TLS_CERTFILE)
      --web.tls.key_file=WEB.TLS.KEY_FILE
                               Path to a file that contains the TLS private key (PEM format) ($BIND_QUERY_EXPORTER_WEB_TLS_KEYFILE)
      --printMetrics           Print the metrics this exporter exposes and exits. Default: false ($BIND_QUERY_EXPORTER_PRINT_METRICS)
      --log.level="info"       Only log messages with the given severity or above. Valid levels: [debug, info, warn, error, fatal]
      --log.format="logger:stderr"
                               Set the log target and format. Example: "logger:syslog?appname=bob&local=7" or "logger:stdout?json=true"
      --version                Show application version.

Metrics

Stats

This collector counts the number of DNS queries the DNS server receives by type.

  bind_query_stats_total - Total queries recieved
  bind_query_stats_total_by_type - Total queries recieved by type of query
  bind_query_stats_scrapes_total - Total number of scrapes for BIND query stats.
  bind_query_stats_scrape_errors_total - Total number of scrapes errors for BIND query stats.
  bind_query_stats_last_scrape_error - Whether the last scrape of BIND query stats resulted in an error (1 for error, 0 for success).
  bind_query_stats_last_scrape_timestamp - Number of seconds since 1970 since last scrape of BIND qyery stat metrics.

Names

This collector counts unique hits to individual DNS names.

IMPORTANT NOTE: Each DNS name gets its own label in bind_query_names_all. This causes the cardinality problems mentioned here and here if your nameserver is used as a recursive server or sees hits for many domains! Consider using the includeFile as a whitelist to limit what gets gathered.

  bind_query_names_all - Queries per DNS name
  bind_query_names_total - Sum of all queries matched. If no include/exclude filter is present, this will match bind_query_stats_total in the stats collector.  It is initialized to 0 to support increment() detection.
  bind_query_names_scrapes_total - Total number of scrapes for BIND names stats.
  bind_query_names_scrape_errors_total - Total number of scrapes errors for BIND names stats.
  bind_query_names_last_scrape_error - Whether the last scrape of BIND names stats resulted in an error (1 for error, 0 for success).
  bind_query_names_last_scrape_timestamp - Number of seconds since 1970 since last scrape of BIND names metrics.
  bind_query_names_last_scrape_duration_seconds - Duration of the last scrape of BIND names stats.

Contributing

Refer to the contributing guidelines.

License

Apache License 2.0, see LICENSE.