Make it easier to configure legacy vs new options (#7406)

* Make it easier to configure legacy vs new options Co-authored-by: Ofek Lev <[email protected]>
DataDog · Aug 25, 2020 · bf2f895 · bf2f895
1 parent 00261f8
commit bf2f895
Show file tree

Hide file tree

Showing 3 changed files with 61 additions and 19 deletions.
diff --git a/win32_event_log/datadog_checks/win32_event_log/check.py b/win32_event_log/datadog_checks/win32_event_log/check.py
@@ -36,6 +36,16 @@ class Win32EventLogCheck(AgentCheck):
         'ntlm': win32evtlog.EvtRpcLoginAuthNTLM,
     }
 
+    LEGACY_PARAMS = (
+        'host',
+        'log_file',
+        'source_name',
+        'type',
+        'event_id',
+        'message_filters',
+        'event_format',
+    )
+
     # https://docs.microsoft.com/en-us/windows/win32/wes/eventmanifestschema-leveltype-complextype#remarks
     #
     # From
@@ -115,6 +125,12 @@ def __init__(self, name, init_config, instances):
         if is_affirmative(self.instance.get('tag_sid', self.init_config.get('tag_sid', False))):
             self._collectors.append(self.collect_sid)
 
+        for legacy_param in self.LEGACY_PARAMS:
+            if legacy_param in self.instance:
+                self.log.warning(
+                    "%s config option is ignored unless running legacy mode. Please remove it", legacy_param
+                )
+
     def check(self, _):
         for event in self.consume_events():
             try:
@@ -400,7 +416,7 @@ def get_session_struct(self):
         if auth_type not in self.LOGIN_FLAGS:
             raise ConfigurationError('Invalid `auth_type`, must be one of: {}'.format(', '.join(self.LOGIN_FLAGS)))
 
-        user = self.instance.get('user')
+        user = self.instance.get('user', self.instance.get('username'))
         domain = self.instance.get('domain')
         password = self.instance.get('password')
 

diff --git a/win32_event_log/datadog_checks/win32_event_log/data/conf.yaml.example b/win32_event_log/datadog_checks/win32_event_log/data/conf.yaml.example
@@ -228,35 +228,45 @@ instances:
     ##
     ## Setting this option to `false` is only supported on Agent versions 7 and above.
     #
-    # legacy_mode: true
+    legacy_mode: false
+
+    ## @param tags - list of key:value elements - optional
+    ## List of tags to attach to every metric, event, and service check emitted by this Integration.
+    ##
+    ## Learn more about tagging: https://docs.datadoghq.com/tagging/
+    #
+    # tags:
+    #   - <KEY_1>:<VALUE_1>
+    #   - <KEY_2>:<VALUE_2>
 
     ## @param host - string - optional - default: localhost
     ## By default, the local machine's event logs are captured. To capture a remote
     ## machine's event logs, specify the machine name (DCOM has to be enabled on
     ## the remote machine).
+    ##
+    ## Note: This is only used when `legacy_mode` is set to `true`.
     #
     # host: <REMOTE_HOSNAME>
 
-    ## @param username - string - optional
-    ## If authentication is needed, specify a `username` here.
-    #
-    # username: <USERNAME>
-
     ## FILTERS
-    ## At least one filter is required:
+    ## When running legacy_mode least one filter is required:
     ## `log_file`, `source_name`, `type`, `event_id`, `message_filters`
 
     ## @param log_file - list of strings - optional
     ## The `log_file` filter instructs the check to only capture events
     ## that belong to one of the specified LogFiles (Application, System, Setup, Security,
     ## or application-specific LogFile).
+    ##
+    ## Note: This is only used when `legacy_mode` is set to `true`.
     #
     # log_file:
     #   - <LOG_FILE>
 
     ## @param source_name - list of strings - optional
     ## The `source_name` filter instructs the check to only capture events
     ## that come from one of the specified SourceNames.
+    ##
+    ## Note: This is only used when `legacy_mode` is set to `true`.
     #
     # source_name:
     #   - <SOURCE_NAME>
@@ -265,6 +275,8 @@ instances:
     ## The `type` filter instructs the check to only capture events
     ## that have one of the specified Types.
     ## Standard values are: Critical, Error, Warning, Information, Audit Success, Audit Failure.
+    ##
+    ## Note: This is only used when `legacy_mode` is set to `true`.
     #
     # type:
     #   - information
@@ -274,6 +286,8 @@ instances:
     ## that have one of the specified EventCodes.
     ## The event ID can be found through http://www.eventid.net/ and viewed in the
     ## Windows Event Viewer.
+    ##
+    ## Note: This is only used when `legacy_mode` is set to `true`.
     #
     # event_id:
     #   - <EVENT_ID>
@@ -286,6 +300,8 @@ instances:
     ##
     ## NOTE: Any filter that starts with "-" is NOT a query, e.g.: '-%success%'
     ## searches for events without 'success' in the message.
+    ##
+    ## Note: This is only used when `legacy_mode` is set to `true`.
     #
     # message_filters:
     #   - <MESSAGE_FILTER>
@@ -295,19 +311,12 @@ instances:
     ## Datadog's event bodies with the specified list of event properties.
     ## If unspecified, the EventLog's `Message` or `InsertionStrings` are used by default.
     ## Available values are: Logfile, SourceName, EventCode, Message, InsertionStrings, TimeGenerated, Type
+    ##
+    ## Note: This is only used when `legacy_mode` is set to `true`.
     #
     # event_format:
     #   - Message
 
-    ## @param tags - list of key:value elements - optional
-    ## List of tags to attach to every metric, event, and service check emitted by this Integration.
-    ##
-    ## Learn more about tagging: https://docs.datadoghq.com/tagging/
-    #
-    # tags:
-    #   - <KEY_1>:<VALUE_1>
-    #   - <KEY_2>:<VALUE_2>
-
 ## Log Section (Available for Agent >=6.0)
 ##
 ## type - mandatory - Type of log input source (tcp / udp / file / windows_event)

diff --git a/win32_event_log/datadog_checks/win32_event_log/legacy/win32_event_log.py b/win32_event_log/datadog_checks/win32_event_log/legacy/win32_event_log.py
@@ -25,11 +25,25 @@ class Win32EventLogWMI(WinWMICheck):
     EXTRA_EVENT_PROPERTIES = ["InsertionStrings", "Message", "Logfile"]
     NAMESPACE = "root\\CIMV2"
     EVENT_CLASS = "Win32_NTLogEvent"
+    NEW_PARAMS = (
+        'tag_sid',
+        'interpret_messages',
+        'path',
+        'start',
+        'query',
+        'filters',
+        'included_messages',
+        'excluded_messages',
+        'domain',
+        'timeout',
+        'payload_size',
+        'bookmark_frequency',
+    )
 
     def __init__(self, name, init_config, instances):
         super(Win32EventLogWMI, self).__init__(name, init_config, instances)
         # Settings
-        self._tag_event_id = is_affirmative(init_config.get('tag_event_id', False))
+        self._tag_event_id = is_affirmative(self.instance.get('tag_event_id', init_config.get('tag_event_id')))
         self._verbose = init_config.get('verbose', True)
         self._default_event_priority = init_config.get('default_event_priority', 'normal')
 
@@ -42,11 +56,14 @@ def __init__(self, name, init_config, instances):
                 'Set `legacy_mode` to `false` and read about the latest options, such as `query`.'
             )
         )
+        for new_param in self.NEW_PARAMS:
+            if new_param in self.instance:
+                self.log.warning("%s config option is ignored when running legacy mode. Please remove it", new_param)
 
     def check(self, instance):
         # Connect to the WMI provider
         host = instance.get('host', "localhost")
-        username = instance.get('username', "")
+        username = self.instance.get('user', self.instance.get('username', ''))
         password = instance.get('password', "")
         instance_tags = instance.get('tags', [])
         notify = instance.get('notify', [])