From 4d59231fb0f38c1f8375badeecb6226f89e54d7a Mon Sep 17 00:00:00 2001
From: Jacob Babor <jacob@babor.tech>
Date: Wed, 10 Jul 2024 00:46:25 -0500
Subject: [PATCH] Add SSH to Prometheus Blackbox

---
 roles/prometheus/templates/blackbox.yml.j2   |  7 +++++++
 roles/prometheus/templates/prometheus.yml.j2 | 18 +++++++++++++++++-
 2 files changed, 24 insertions(+), 1 deletion(-)

diff --git a/roles/prometheus/templates/blackbox.yml.j2 b/roles/prometheus/templates/blackbox.yml.j2
index c08cd8c..0b12e0a 100644
--- a/roles/prometheus/templates/blackbox.yml.j2
+++ b/roles/prometheus/templates/blackbox.yml.j2
@@ -10,3 +10,10 @@ modules:
       valid_http_versions: ["HTTP/1.1", "HTTP/2.0"]
       valid_status_codes: []  # Defaults to 2xx
       method: GET
+  ssh_banner:
+    prober: tcp
+    timeout: 3s
+    tcp:
+      query_response:
+        - expect: "^SSH-2.0-"
+        - send: "SSH-2.0-blackbox-ssh-check"
diff --git a/roles/prometheus/templates/prometheus.yml.j2 b/roles/prometheus/templates/prometheus.yml.j2
index 0dc3464..241ab36 100644
--- a/roles/prometheus/templates/prometheus.yml.j2
+++ b/roles/prometheus/templates/prometheus.yml.j2
@@ -11,7 +11,23 @@ scrape_configs:
       - targets: ['localhost:9090']
 
     # This is shipped by the Ansible role that deploys Prometheus
-  - job_name: "blackbox"
+  - job_name: "blackbox-ssh"
+    metrics_path: /probe
+    params:
+      module: [ssh_banner]
+    static_configs:
+      - targets:
+{% for host in groups['tags_nagios'] %}
+        - "{{ host }}:22"
+{% endfor %}
+    relabel_configs:
+      - source_labels: [__address__]
+        target_label: __param_target
+      - source_labels: [__param_target]
+        target_label: instance
+      - target_label: __address__
+        replacement: blackbox:9115
+  - job_name: "blackbox-http"
     metrics_path: /probe
     params:
       module: [http_2xx]