One9twO

Depending on which version of node exporter you are using, one of the following options will work.

Node exporter version go1.14.4

/usr/local/bin/node_exporter \
--collector.systemd \
--collector.system.unit-whitelist=(graylog-server|mongod|elasticsearch).service

Node exporter version go1.15.8

Since the option “collector.system.unit-whitelist” was deprecated, the syntax has changed to “collector.systemd.unit-include”.

Note that there might be a bug in this version such that it won’t work if you put an equal (=) sign before the value:

/usr/local/bin/node_exporter \
--collector.systemd \
--collector.systemd.unit-include "(graylog-server|mongod|elasticsearch).service"

--

--

PAM, or Linux Pluggable Authentication Modules

PAM stacks are not very easy to read. If you made a change but didn’t test it well, it might not work as expected. Or worse, you may end up exposing a vulnerability in your authentication mechanisms.

Here are my notes about the 3 terms in the PAM stack:

required: keeps going (despite success or failure).

sufficient: it stops (disregards what’s below it) when succeeds. It will only be successful if no previous ‘required’ items have failed.

requisite: if this fails, stops and return failure

--

--

One9twO

One9twO

A dev, ops, devops, sec. A pragmatic engineer.