diff --git a/cloudflare.go b/cloudflare.go index 3f054f6..f8e0822 100644 --- a/cloudflare.go +++ b/cloudflare.go @@ -289,38 +289,38 @@ func fetchZones() []cloudflare.Zone { return z } -func fetchFirewallRules(zoneID string) map[string]string { - ctx := context.Background() - listOfRules, _, err := cloudflareAPI.FirewallRules(ctx, - cloudflare.ZoneIdentifier(zoneID), - cloudflare.FirewallRuleListParams{}) - if err != nil { - log.Fatalf("Error fetching firewall rules: %s", err) - } - firewallRulesMap := make(map[string]string) - - for _, rule := range listOfRules { - firewallRulesMap[rule.ID] = rule.Description - } - - listOfRulesets, err := cloudflareAPI.ListRulesets(ctx, cloudflare.ZoneIdentifier(zoneID), cloudflare.ListRulesetsParams{}) - if err != nil { - log.Fatalf("Error listing rulesets: %s", err) - } - for _, rulesetDesc := range listOfRulesets { - if rulesetDesc.Phase == "http_request_firewall_managed" { - ruleset, err := cloudflareAPI.GetRuleset(ctx, cloudflare.ZoneIdentifier(zoneID), rulesetDesc.ID) - if err != nil { - log.Fatalf("Error fetching ruleset: %s", err) - } - for _, rule := range ruleset.Rules { - firewallRulesMap[rule.ID] = rule.Description - } - } - } - - return firewallRulesMap -} +//func fetchFirewallRules(zoneID string) map[string]string { +// ctx := context.Background() +// listOfRules, _, err := cloudflareAPI.FirewallRules(ctx, +// cloudflare.ZoneIdentifier(zoneID), +// cloudflare.FirewallRuleListParams{}) +// if err != nil { +// log.Fatalf("Error fetching firewall rules: %s", err) +// } +// firewallRulesMap := make(map[string]string) +// +// for _, rule := range listOfRules { +// firewallRulesMap[rule.ID] = rule.Description +// } +// +// listOfRulesets, err := cloudflareAPI.ListRulesets(ctx, cloudflare.ZoneIdentifier(zoneID), cloudflare.ListRulesetsParams{}) +// if err != nil { +// log.Fatalf("Error listing rulesets: %s", err) +// } +// for _, rulesetDesc := range listOfRulesets { +// if rulesetDesc.Phase == "http_request_firewall_managed" { +// ruleset, err := cloudflareAPI.GetRuleset(ctx, cloudflare.ZoneIdentifier(zoneID), rulesetDesc.ID) +// if err != nil { +// log.Fatalf("Error fetching ruleset: %s", err) +// } +// for _, rule := range ruleset.Rules { +// firewallRulesMap[rule.ID] = rule.Description +// } +// } +// } +// +// return firewallRulesMap +//} func fetchAccounts() []cloudflare.Account { ctx := context.Background() diff --git a/main.go b/main.go index 8e994b4..b8db63f 100644 --- a/main.go +++ b/main.go @@ -151,7 +151,6 @@ func runExporter() { if len(viper.GetString("cf_api_token")) > 0 { cloudflareAPI, err = cloudflare.NewWithAPIToken(viper.GetString("cf_api_token")) - } else { cloudflareAPI, err = cloudflare.New(viper.GetString("cf_api_key"), viper.GetString("cf_api_email")) } diff --git a/prometheus.go b/prometheus.go index f6d5eac..5619835 100644 --- a/prometheus.go +++ b/prometheus.go @@ -449,7 +449,6 @@ func mustRegisterMetrics(deniedMetrics MetricsSet) { if !deniedMetrics.Has(r2ObjectCountMetricName) { prometheus.MustRegister(r2ObjectCount) } - } func fetchWorkerAnalytics(account cloudflare.Account, wg *sync.WaitGroup) { @@ -608,7 +607,7 @@ func fetchZoneAnalytics(zones []cloudflare.Zone, wg *sync.WaitGroup) { z := z addHTTPGroups(&z, name, account) - addFirewallGroups(&z, name, account) + //addFirewallGroups(&z, name, account) addHealthCheckGroups(&z, name, account) addHTTPAdaptiveGroups(&z, name, account) } @@ -664,34 +663,34 @@ func addHTTPGroups(z *zoneResp, name string, account string) { zoneUniquesTotal.With(prometheus.Labels{"zone": name, "account": account}).Add(float64(zt.Unique.Uniques)) } -func addFirewallGroups(z *zoneResp, name string, account string) { - // Nothing to do. - if len(z.FirewallEventsAdaptiveGroups) == 0 { - return - } - rulesMap := fetchFirewallRules(z.ZoneTag) - for _, g := range z.FirewallEventsAdaptiveGroups { - zoneFirewallEventsCount.With( - prometheus.Labels{ - "zone": name, - "account": account, - "action": g.Dimensions.Action, - "source": g.Dimensions.Source, - "rule": normalizeRuleName(rulesMap[g.Dimensions.RuleID]), - "host": g.Dimensions.ClientRequestHTTPHost, - "country": g.Dimensions.ClientCountryName, - }).Add(float64(g.Count)) - } -} - -func normalizeRuleName(initialText string) string { - maxLength := 200 - nonSpaceName := strings.ReplaceAll(strings.ToLower(initialText), " ", "_") - if len(nonSpaceName) > maxLength { - return nonSpaceName[:maxLength] - } - return nonSpaceName -} +//func addFirewallGroups(z *zoneResp, name string, account string) { +// // Nothing to do. +// if len(z.FirewallEventsAdaptiveGroups) == 0 { +// return +// } +// rulesMap := fetchFirewallRules(z.ZoneTag) +// for _, g := range z.FirewallEventsAdaptiveGroups { +// zoneFirewallEventsCount.With( +// prometheus.Labels{ +// "zone": name, +// "account": account, +// "action": g.Dimensions.Action, +// "source": g.Dimensions.Source, +// "rule": normalizeRuleName(rulesMap[g.Dimensions.RuleID]), +// "host": g.Dimensions.ClientRequestHTTPHost, +// "country": g.Dimensions.ClientCountryName, +// }).Add(float64(g.Count)) +// } +//} + +//func normalizeRuleName(initialText string) string { +// maxLength := 200 +// nonSpaceName := strings.ReplaceAll(strings.ToLower(initialText), " ", "_") +// if len(nonSpaceName) > maxLength { +// return nonSpaceName[:maxLength] +// } +// return nonSpaceName +//} func addHealthCheckGroups(z *zoneResp, name string, account string) { if len(z.HealthCheckEventsAdaptiveGroups) == 0 {