Cannot enable basic auth on Windows-Exporter to secure node between Windows and Prometheus

Question

As a test environment to monitor status of Windows Servers (CPU, Disk usage, Memory,.network etc) I have placed two testing nodes with Windows-Exporter configured on custom port:15000

Next, I have created proper jobs for each separate Windows instances and created dashboard in Grafana.

The problem is that I'm looking for securing nodes so only Prometheus server can access node output and all other computers in same.network get deny access to node website.

I have tried to install Windows Node with setting:

msiexec /i windows_exporter-0.19.0-amd64.msi LISTEN_PORT="15000" EXTRA_FLAGS="--web.config.file=C:\Configuration\web.yml"

As well as with different configurations of " and ' in commandline for EXTRA_FLAGS parameter - yet it seems they are being ignored. The only parameter working fine is change of listen port.

I have followed instructions provided at https://prometheus.io/docs/guides/basic-auth/ to set up basic auth.

Web.yml looks like this:

 basic_auth:
      username: 'scrapper'
      password: '$2a$14$AWpxyT1KcRPSE07IfmqTqOZznpMfGwxHP8uPVQV8G0qdjggND3hgC'

However, after installation with msiexec - entry in Windows services for windows_exporter is without web.config.file entry:

"C:\Program Files\windows_exporter\windows_exporter.exe" --log.format logger:eventlog?name=windows_exporter --telemetry.addr 0.0.0.0:15000

I have tried to edit service entry with sc command but it broke node completely, making me rolling back to unprotected access to node.

Does basic auth work on windows-exporter same way as on node-exporter for Linux OSes? Or is there other possible way to secure access to node exposed data without need to install IIS?

Answer 1

I have never worked with node exporter in Windows, but in Linux, your Web.yml configuration file should be as follows:

 basic_auth_users:
        <string>: <secret>

like this: basic_auth_users: scrapper: $2a$14$AWpxyT1KcRPSE07IfmqTqOZznpMfGwxHP8uPVQV8G0qdjggND3hgC