add custom prometheus labes

Signed-off-by: Jeremy Mill <jeremymill@gmail.com>

README.md

@@ -173,6 +173,11 @@ customfields: # custom fields are added to falco events
   Ckey: "CValue"
 mutualtlsfilespath: "/etc/certs" # folder which will used to store client.crt, client.key and ca.crt files for mutual tls (default: "/etc/certs")
 
+customprometheus: # custom labels to add to prometheus
+  Akey: "AValue"
+  Bkey: "BValue"
+  Ckey: "CValue"
+
 slack:
   webhookurl: "" # Slack WebhookURL (ex: https://hooks.slack.com/services/XXXX/YYYY/ZZZZ), if not empty, Slack output is enabled
   #footer: "" # Slack footer

config.go

@@ -19,9 +19,10 @@ import (
 
 func getConfig() *types.Configuration {
 	c := &types.Configuration{
-		Customfields: make(map[string]string),
-		Webhook:      types.WebhookOutputConfig{CustomHeaders: make(map[string]string)},
-		CloudEvents:  types.CloudEventsOutputConfig{Extensions: make(map[string]string)},
+		Customfields:     make(map[string]string),
+		CustomPrometheus: make(map[string]string),
+		Webhook:          types.WebhookOutputConfig{CustomHeaders: make(map[string]string)},
+		CloudEvents:      types.CloudEventsOutputConfig{Extensions: make(map[string]string)},
 	}
 
 	configFile := kingpin.Flag("config-file", "config file").Short('c').ExistingFile()
@@ -327,6 +328,7 @@ func getConfig() *types.Configuration {
 	}
 
 	v.GetStringMapString("customfields")
+	v.GetStringMapString("customprometheus")
 	v.GetStringMapString("Webhook.CustomHeaders")
 	v.GetStringMapString("CloudEvents.Extensions")
 	if err := v.Unmarshal(c); err != nil {
@@ -343,6 +345,16 @@ func getConfig() *types.Configuration {
 		}
 	}
 
+	if value, present := os.LookupEnv("CUSTOMPROMETHEUS"); present {
+		customprometheus := strings.Split(value, ",")
+		for _, label := range customprometheus {
+			tagkeys := strings.Split(label, ":")
+			if len(tagkeys) == 2 {
+				c.CustomPrometheus[tagkeys[0]] = tagkeys[1]
+			}
+		}
+	}
+
 	if value, present := os.LookupEnv("WEBHOOK_CUSTOMHEADERS"); present {
 		customfields := strings.Split(value, ",")
 		for _, label := range customfields {

config_example.yaml

@@ -5,6 +5,10 @@ customfields: # custom fields are added to falco events
   Akey: "AValue"
   Bkey: "BValue"
   Ckey: "CValue"
+customprometheus: # custom labels to add to prometheus
+  Akey: "AValue"
+  Bkey: "BValue"
+  Ckey: "CValue"
 mutualtlsfilespath: "/etc/certs" # folder which will used to store client.crt, client.key and ca.crt files for mutual tls (default: "/etc/certs")
 
 slack:

handlers.go

@@ -106,7 +106,11 @@ func newFalcoPayload(payload io.Reader) (types.FalcoPayload, error) {
 
 	nullClient.CountMetric("falco.accepted", 1, []string{"priority:" + falcopayload.Priority.String()})
 	stats.Falco.Add(strings.ToLower(falcopayload.Priority.String()), 1)
-	promStats.Falco.With(map[string]string{"rule": falcopayload.Rule, "priority": falcopayload.Priority.String(), "k8s_ns_name": kn, "k8s_pod_name": kp}).Inc()
+	promLabels := map[string]string{"rule": falcopayload.Rule, "priority": falcopayload.Priority.String(), "k8s_ns_name": kn, "k8s_pod_name": kp}
+	for key, value := range config.CustomPrometheus {
+		promLabels[key] = value
+	}
+	promStats.Falco.With(promLabels).Inc()
 
 	if config.Debug == true {
 		body, _ := json.Marshal(falcopayload)

main.go

@@ -62,7 +62,7 @@ var (
 func init() {
 	config = getConfig()
 	stats = getInitStats()
-	promStats = getInitPromStats()
+	promStats = getInitPromStats(config)
 
 	nullClient = &outputs.Client{
 		OutputType:      "null",

stats_prometheus.go

@@ -7,9 +7,9 @@ import (
 	"github.com/falcosecurity/falcosidekick/types"
 )
 
-func getInitPromStats() *types.PromStatistics {
+func getInitPromStats(config *types.Configuration) *types.PromStatistics {
 	promStats = &types.PromStatistics{
-		Falco:   getFalcoNewCounterVec(),
+		Falco:   getFalcoNewCounterVec(config),
 		Inputs:  getInputNewCounterVec(),
 		Outputs: getOutputNewCounterVec(),
 	}
@@ -34,16 +34,20 @@ func getOutputNewCounterVec() *prometheus.CounterVec {
 	)
 }
 
-func getFalcoNewCounterVec() *prometheus.CounterVec {
+func getFalcoNewCounterVec(config *types.Configuration) *prometheus.CounterVec {
+	labelnames := []string{
+		"rule",
+		"priority",
+		"k8s_ns_name",
+		"k8s_pod_name",
+	}
+	for key := range config.CustomPrometheus {
+		labelnames = append(labelnames, key)
+	}
 	return promauto.NewCounterVec(
 		prometheus.CounterOpts{
 			Name: "falco_events",
 		},
-		[]string{
-			"rule",
-			"priority",
-			"k8s_ns_name",
-			"k8s_pod_name",
-		},
+		labelnames,
 	)
 }

types/types.go

@@ -25,6 +25,7 @@ type Configuration struct {
 	ListenAddress      string
 	ListenPort         int
 	Customfields       map[string]string
+	CustomPrometheus   map[string]string
 	Slack              SlackOutputConfig
 	Cliq               CliqOutputConfig
 	Mattermost         MattermostOutputConfig