Grafana Dashboard using Telegraf with additional plugins
-
I want to share the Grafana dashboard I've been building. It utilizes pfSense with the Telegraf package. I've been using github to track all of my changes and manage the plugins.
The dashboard is build using variables so there should be no need to adjust any of the queries for your system. Just make sure to select the proper datasource when you import the dashboard. I've also included some additional plugins to get more information. All of this is documented in my github page as well as instructions to set everything up.
If you have any other data points to add I would be very interested in adding them. Ideally, just fork the repo and submit a merge request.
Setup info:
Repo URL: https://github.com/VictorRobellini/pfSense-DashboardSee the GitHub page for version information
Thanks
-
nice
-
First off, this is an awesome dashboard, as someone who recently moved from UNIFI UDMP / PiHole to pfSense the only thing I am really missing is the pretty dashboards I used to see, I already have a system performance dashboard up but I would really like to see some of the security options you have laid out.
Would it be possible to show the top DNS clients as well as top allowed DNS requests, I always liked seeing this in PiHole and it was very useful when trying to find out who was being too chatty with my DNS servers.
Awesome work, I am going to start implementing this right away!
EDIT : wow this works like a charm, great instructions!
-
Looks great, thanks for sharing. Will have a go at this myself.
-
@bigjohns97 I don't know if that information is even being logged. I believe the dnsbl.log only logs what has been blocked. You could maybe get that data from Unbound. It would require additional logging, but even then I don't know if you would be able to differentiate between a blocked vs allowed domain. If you have a datasource, I'll take a look but I don't know if there is one.
-
Any idea why I would be getting the following when trying the telegraf_gateways.py option?
[inputs.exec] Error in plugin: exec: fork/exec /usr/local/bin/telegraf_gateways.py: no such file or directory for command '/usr/local/bin/telegraf_gateways.py'
-
Hi
Do you have at option on dashboard to calculate files count in specific folder?
-
@Vikonder Building shell based plugins is really easy. Just look at the temperature plugin.
Something like this will do it, all you need to do is wrap it in a shell script and replace the hostname with a variable like I did in the temperature script.
find /var -d -print0 -exec sh -c "ls -1 {} | wc -l " \; | xargs printf 'files,host=hostname,directory=directory=%s filecount=%s\n'
-
@bigjohns97 Have you tried executing it from a shell on it's own?
-
@VictorRobellini yes actually messing with it right now, was able to get a little further by updating the referenced python version in the script to 3.7 which seems to be the version included 2.4.5 of pfSense. Doing this I now get this when running via command line.
File "./telegraf_gateways.py", line 17
print "gateways,gateway_name=" + values[0] + " rtt=" + str(int(values[1])/100.0) +
^
SyntaxError: invalid syntax -
@bigjohns97 If you transferred this from a windows box, you may want to check your carriage returns.
-
@VictorRobellini I checked that, all clear.
I'll keep looking.
EDIT : I thought you were talking about the added junk that sometimes gets added to files when going back and forth through windows and linux, I don't see any of that when I vi the interfaces script (I do see it in the telegraf.conf file BTW but only with the entries from the extra config section of the GUI).
Are you saying that should be in there or that it shouldn't?
-
@bigjohns97 said in Grafana Dashboard using Telegraf with additional plugins:
On linux you can run "cat -A filename'. I don't think the cat in pfSense has the same capability. When in doubt, just the tr command against the file, all it should be doing is replacing the carriage returns, so running it on a valid file will have no impact. Even running it multuple times will have no impact. -
@VictorRobellini does that script work for you? if so, what version of pfSense are you running?
My research tells me that it will have to be re-written due to some new way that python converts certain data to bytes before sending, but I am not very knowledgeable about this stuff. I posted something to the github link from the original author to see if he knows what might be the issue.
-
https://gist.github.com/fastjack/a0feb792a9655da7aa3e2a7a1d9f812f
Looks like FastJack uploaded an edited version that works with PFS 2.4.5 that comes with python 3.7
-
@bigjohns97 Awesome! I'll update the repo shortly.
-
@bigjohns97 Thanks again, I've updated the repo with some basic instructions. How are you showing the measurements in the dashbord? When I tried converting from microseconds to milliseconds things didn't look right.
-
@VictorRobellini said in Grafana Dashboard using Telegraf with additional plugins:
@bigjohns97 Thanks again, I've updated the repo with some basic instructions. How are you showing the measurements in the dashbord? When I tried converting from microseconds to milliseconds things didn't look right.
I am using the default microseconds, I don't specify an ip address so it uses my WAN default gateway which does show in microseconds which I think is nice.
I really don't need to see 1ms it's more useful to 4-8 microseconds even though the difference is very small, kinda lets you know when you start reaching the limits of your connection.
BTW it looks like the graph will switch back to milliseconds as soon as the value gets that high and then it goes back to micro once things calm down.
-
I'm not sure if it's something on my system, but I needed to modify the telegraf_gateways.py script.
Changed this:
print("gateways,gateway_name="+values[0]+" rtt="+str(int(values[1])/100.0)+ \ ",rttsd="+str(int(values[2])/100.0)+",loss="+str(int(values[3]))+"i")
to this:
print("gateways,gateway_name="+values[0]+" rtt="+str(int(values[1])/1.0)+ \ ",rttsd="+str(int(values[2])/1.0)+",loss="+str(int(values[3]))+"i")
The figures displayed are now correct and match what is displayed on the pfsense dashboard.
- Green is my ISP connection, sits at ~10ms.
- Yellow is a VPN tunnel to the other side of the world and ~400ms is about right.
-
@JohnKap after actually pinging the address from a machine that shows below 1ms you are correct, I never went and actually checked the accuracy of this.
LOL at me thinking I had 8 microseconds to my first hop
-
@JohnKap I never understood the reason to /100. I just never took the time to dig deeper.
Thank you
-
Thanks for this Dashboard. I am just starting to have a play around with it and now have most things working.
My setup is IGB0.10 is my WAN and have this set in the variable
I have IGB1 and my LAN, IGB2 as my 10GB LAN, IGB1.30 as my IP Phone network and IGB1.40 as my Guest network.The WAN shows but in and out look the same on the graph but show different values.
For the LAN it only shows IGB0 and OPVNS1. Not sure where all the other LANS are or why it does not display them.This is my first look at Telegraf and InfluxDB so am a complete noob at it.
-
@veldthui I'm not sure I understand what's going on. Can you post a screenshot?
-
Attached is an image of the lower part which should show the WAN and LANs. It shows the WAN but does not look right and does not show the correct LANs
-
@veldthui Can you share how you have the interfaces defined in the grafana variable config?
-
@VictorRobellini Okay I worked out that the WAN only had one of the values multiplied by 8 to change it to bytes. Changed the other and it looks okay now.
Below is the definition which is how it was downloaded. If I add a $ to igb1, igb2, and igb3 I can then see the igb1.30 and igb1.40 networks but not igb1 and igb0.10 should not be in the list as that is the WAN.
-
@veldthui said in Grafana Dashboard using Telegraf with additional plugins:
What is your Regex?
What adapter(s) is your WAN?
What adapters to you want displayed?Please take a look at the github page. There's plenty written up in the Readme
-
The regex is as above. My WAN is on the IGB0 adapter as VLAN 10 which shows as igb0.10.
I want to display this as the WAN which it is doing. For the LAN I want to display igb1, igb1.30, igb1.40, and igb2.
igb3 and igb4 are not in use at present but may be in future. I have read the readme file but it does not explain it very well. I have only very basic understanding of regex as well -
@veldthui said in Grafana Dashboard using Telegraf with additional plugins:
The content of the "Regex" field is the same as what I have posted to github and it does not match what you are saying.
Please review the content on Github, specifically the section titled, Configuration
If the instructions are unclear, please let me know what I can add to make them better. -
Okay I think I have finally worked it out. my regex now looks like /^(?!igb0)/ to filter out everything on igb0 and leave the rest showing. Appears to have worked.
Thanks for the help. -
any chance of an idiots guide (me = dummy) to installing this lot?
Tried from your Github page and first problem was the docker-compose example threw errors. So gave up. -
@oldfart The docker-compose is just a quick way to setup influx and grafana using docker and docker-compose. There are tutorials on the internet that show how to set this up, a quick google search will turn up plenty of resources, for example: https://www.homelabrat.com/influxdb-homelab-dashboard/
-
-
@VictorRobellini Basically this link covers all needed components setup ?
-
Hi Guys,
I have built pfsense with grafana etc. However I am trying to figure it out how to setup addons,
https://forum.netgate.com/topic/152132/grafana-dashboard-using-telegraf-with-additional-plugins
"Does /usr/local/bin/python3.7 exist on your pfSense system? If so, use this telegraf_gateways-3.7.py"
How could I upload this file to pfesense? as I do not see it in pfsense file hierarchy. Thanks for help
-
"Does /usr/local/bin/python3.7 exist on your pfSense system? If so, use this telegraf_gateways-3.7.py"
The addons can be downloaded from the repo - look under plugins. https://github.com/VictorRobellini/pfSense-Dashboard
How could I upload this file to pfesense? as I do not see it in pfsense file hierarchy. Thanks for help
use an FTP program - my preference is Filezilla.
Make sure you set the permissions as per instructions - https://github.com/VictorRobellini/pfSense-Dashboard#plugins
-
Looks like this is still working under the new P1 release - just a heads up! :)
-
Hi, my dears friends, i´m searching for a visualizer or dashboard
to view live firewall activity.Does this tool or utility exist?
thanks
Grafana its like a dashboard to see Active Users
Uptime
CPU Load total
Disk Utilization
Memory Utilization
CPU Utilization per core (Single Graph)
Ram Utilization time graph
Load Average
Load Average Graph
CPU and ACPI Temperature Sensors
pfBlocker IP Stats
pfBlocker DNS Stats
Gateway Response time - dpinger
List of interfaces with IP, MAC, Status and pfSesnse labels thanks to /u/trumee
WAN Statistics - Traffic & Throughput (Identified by dashboard variable)
LAN Statistics - Traffic & Throughput (Identified by dashboard variable)
Unbound stats - Plugin and config included and working but not implemented -
I would highly suggest reading the linked github page on the initial post and then reforming your question.
-
First of all really love your tutorial and work, i have installed all of the stuff, receiving data in influxDB and connected to Grafana and added dashboard.
But,
I am not receiving data from pfblocker, i see such as dnsbl log on influxdb but when i expand that o don't see anyting. I am using pfblocker-ng Devel
On the Grafana dashboard i see only data from Disk Utlizization. On influxDB i see well CPU/Memory etc..
I have uploaded the telegraf plugins using Wincp and gived 0555 permissions using Wincscp.
What is really my problem too look up?