Greatly trim what netstat collector exposes by default

[brian-brazil]

Netstat is 40% of the metrics on my laptop, many of which
are highly detailed information about IP internals in the kernel.
~300 such metrics on every machine in your fleet is excessive,
so focus on key metrics by default, overridable by the user.

Fixes #515

@SuperQ I think we should aim for about 20-30 metrics from this collector, I've selected what I think are the main ones but there's undoubtedly more. Unfortunately these metrics have basically no documentation, so I'm working off experience.

[discordianfish]

Yeah it's annoying that these are not well documented, guess we won't get around tweaking this once we realize something is needed that got disabled. So LGTM for now.

[SuperQ]

How about keeping IP/IP6 In/Out Octets?

[brian-brazil]

My thought was that we already have that from netdev.

[SuperQ]

But we don't get IP vs IP6 from netdev.

[SuperQ]

Let's also keep Udp Udp6 In/Out Datagrams.

[SuperQ]

There a few overall error counters that might be useful:

node_netstat_Icmp6_InErrors
node_netstat_Icmp_InErrors
node_netstat_Tcp_InErrs
node_netstat_Udp6_InErrors
node_netstat_UdpLite6_InErrors
node_netstat_UdpLite_InErrors
node_netstat_Udp_InErrors

[SuperQ]

Udp/Udp6 NoPorts is a counter of packets that don't hit a UDP listener. A good indicator of spammy / scanning traffic. Possibly worth including.

[brian-brazil]

We're at 31 now, so that's probably enough.

[SuperQ]

LGTM

[swade1987]

Does this mean metrics such as the following no longer exist in any capacity ...

node_netstat_TcpExt_ListenOverflows
node_netstat_TcpExt_TCPTimeouts
node_netstat_Tcp_AttemptFails
node_netstat_Tcp_OutSegs

[hoffie]

Does this mean metrics such as the following no longer exist in any capacity ...

I don't think so. As Brian noted ("overridable by the user"), this can still be configured:

# The following command line is from --help with your cited metrics added to the whitelist:
$ ./node_exporter --collector.netstat.fields="^(.*_(InErrors|InErrs)|Ip_Forwarding|Ip(6|Ext)_(InOctets|OutOctets)|Icmp6?_(InMsgs|OutMsgs)|TcpExt_(Listen.*|Syncookies.*|TCPTimeouts)|Tcp_(ActiveOpens|PassiveOpens|RetransSegs|CurrEstab|AttemptFails|OutSegs)|Udp6?_(InDatagrams|OutDatagrams|NoPorts))$" &
$ curl -s localhost:9100/metrics | grep -P '^[^#]+(ListenOverflows|TCPTimeouts|AttemptFails|OutSegs)'
node_netstat_TcpExt_ListenOverflows 0
node_netstat_TcpExt_TCPTimeouts 2
node_netstat_Tcp_AttemptFails 556
node_netstat_Tcp_OutSegs 302001

This PR is just about changing the defaults (node_netstat_TcpExt_ListenOverflows still seems to be part of the defaults, btw).