diff options
Diffstat (limited to 'internal/manager')
| -rw-r--r-- | internal/manager/manager.go | 31 |
1 files changed, 25 insertions, 6 deletions
diff --git a/internal/manager/manager.go b/internal/manager/manager.go index 90f6507..b839502 100644 --- a/internal/manager/manager.go +++ b/internal/manager/manager.go @@ -5,6 +5,7 @@ import ( "errors" "fmt" "os" + "strings" "time" "gitlab.torproject.org/rgdd/ct/pkg/metadata" @@ -14,6 +15,7 @@ import ( "rgdd.se/silentct/internal/monitor" "rgdd.se/silentct/pkg/policy" "rgdd.se/silentct/pkg/storage" + "rgdd.se/silentct/pkg/storage/loglist" ) type Config struct { @@ -145,7 +147,7 @@ func (mgr *Manager) startupConfig() error { return err } mgr.mconfigCh <- monitor.MonitoredLog{Config: log, State: state} - mgr.Metrics.LogState(state) + mgr.Metrics.LogState(loglist.FormatLogName(log), state) } return nil } @@ -170,7 +172,7 @@ func (mgr *Manager) removeLogs(logs []metadata.Log) { state, _ := mgr.GetMonitorState(log) mgr.Logger.Infof("removing log %s with %d entries in its backlog\n", log.URL, state.TreeSize-state.NextIndex) mgr.mconfigCh <- monitor.MonitoredLog{Config: log} - mgr.Metrics.RemoveLogState(state) + mgr.Metrics.RemoveLogState(loglist.FormatLogName(log), state) } } @@ -187,7 +189,7 @@ func (mgr *Manager) addLogs(ctx context.Context, logs []metadata.Log) { mgr.Logger.Infof("bootstrapping log %s at next index 0\n", log.URL) } mgr.mconfigCh <- monitor.MonitoredLog{Config: log, State: state} - mgr.Metrics.LogState(state) + mgr.Metrics.LogState(loglist.FormatLogName(log), state) } } @@ -209,22 +211,39 @@ func (mgr *Manager) monitorJob(msg monitor.Event) error { if err := mgr.SetMonitorState(msg.State.LogID, msg.State); err != nil { return err } - mgr.Metrics.LogState(msg.State) for _, err := range msg.Errors { mgr.errorJob(err) } + + // no metrics update if the log has just been removed (final event) + name, err := mgr.Storage.LogList.LogName(msg.State.SignedTreeHead.LogID) + if err == nil { + mgr.Metrics.LogState(name, msg.State) + } return nil } func (mgr *Manager) alertJob() error { + // See if there are any new unexpected certificates alerts, err := mgr.Index.TriggerAlerts() if err != nil { return err } for _, alert := range alerts { - mgr.Logger.Noticef("certificate mis-issuance? No allowlisting for %s\n", alert.StoredAt) + mgr.Logger.Noticef("unexpected certificate: no allowlisting for crt_sans=\"%s\", see log_id=\"%x\" log_index=\"%d\"\n", strings.Join(alert.SANs, " "), alert.LogID, alert.LogIndex) + } + + // Update metrics for the current unexpected certificates + alerting := mgr.Storage.Index.Alerting() + var names []string + for _, alert := range alerting { + name, err := mgr.Storage.LogList.LogName(alert.LogID) + if err != nil { + name = "historic log" + } + names = append(names, name) } - mgr.Metrics.CertificateAlert(mgr.Storage.Index.Alerting()) + mgr.Metrics.UnexpectedCertificateCount(names, mgr.Storage.Index.Alerting()) return nil } |