deepblue/pfSense-Dashboard
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added change info

Browse Source 
Updated change info
Updated troubleshooting info
This commit is contained in:
VictorRobellini 2021-03-06 13:49:37 -05:00 committed by GitHub
parent 8583dda3c0
commit a38c5b0751
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 34 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
README.md
View File

@ -1,26 +1,3 @@
# Heads up!
In the recent commits I updated the telegraf config to use the [Tails Input Plugin](https://github.com/influxdata/telegraf/tree/master/plugins/inputs/tail) in place of the [Logparser Input Plugin](https://github.com/influxdata/telegraf/tree/master/plugins/inputs/logparser) since it's been deprecated.
I renamed many of the columns to reflect [what's being logged by pfBlockerNG-devel](https://github.com/pfsense/FreeBSD-ports/blob/232722ac52edaeede58b551e7e2efb690ce1023d/net/pfSense-pkg-pfBlockerNG-devel/files/usr/local/pkg/pfblockerng/pfblockerng.inc#L4597). As a result, the measurements ip_block_log and dnsbl_log have been replaced with tail_ipblock and tail_dnsbl respectively.
I dropped the old measurements
bash-4.4# influx
Connected to http://localhost:8086 version 1.8.3
InfluxDB shell version: 1.8.3
> auth
username: admin
password:
> use pfsense
Using database pfsense
> drop measurement ip_block_log
> drop measurement dnsbl_log
If you cannot live without this data, you could use the panels [from this commit](https://github.com/VictorRobellini/pfSense-Dashboard/blob/0df10172506242105891a81f5076019b5a5867b0/pfSense-Grafana-Dashboard.json) and not update the config. Read my note about the Logparser Input Plugin above!
You could convert the Logparser config to Tail (read the Logparser docs - it looks simple). I wanted to go the csv route and add an index or two.
I'm sure you can even rename the measurements, columns and update the tags, but that's beyond my influx capabilities.
## What's Monitored ## What's Monitored
- Active Users - Active Users
- Uptime - Uptime
@ -47,6 +24,36 @@ I'm sure you can even rename the measurements, columns and update the tags, but
Grafana 7.4.3 Grafana 7.4.3
Influxdb 1.8.3 Influxdb 1.8.3
## Heads up!
In the recent commits I updated the telegraf config to use the [Tails Input Plugin](https://github.com/influxdata/telegraf/tree/master/plugins/inputs/tail) in place of the [Logparser Input Plugin](https://github.com/influxdata/telegraf/tree/master/plugins/inputs/logparser) since it's been deprecated.
I renamed many of the columns to reflect [what's being logged by pfBlockerNG-devel](https://github.com/pfsense/FreeBSD-ports/blob/232722ac52edaeede58b551e7e2efb690ce1023d/net/pfSense-pkg-pfBlockerNG-devel/files/usr/local/pkg/pfblockerng/pfblockerng.inc#L4597) and fixed some parsing bugs that cause lines to be skipped due to inconsistent log formatting. As a result, the measurements ip_block_log and dnsbl_log have been replaced with tail_ip_block_log and tail_dnsbl_log respectively.
I dropped the old measurements
bash-4.4# influx
Connected to http://localhost:8086 version 1.8.3
InfluxDB shell version: 1.8.3
> auth
username: admin
password:
> use pfsense
Using database pfsense
> drop measurement ip_block_log
> drop measurement dnsbl_log
If you cannot live without this data, you could use the panels [from this commit](https://github.com/VictorRobellini/pfSense-Dashboard/blob/0df10172506242105891a81f5076019b5a5867b0/pfSense-Grafana-Dashboard.json) and not update the config. Read my note about the Logparser Input Plugin above!
If you want to load the complete logs files, you could probably change the telegraf config to:
from_beginning = false
to
from_beginning = true
I'm sure you can even rename the measurements, columns and update the tags, but that's beyond my influx capabilities.
### docker-compose example with persistent storage ### docker-compose example with persistent storage
##### I've recently migrated my stack to Kubernetes, the image versions are updated but the docker-compose is untested. ##### I've recently migrated my stack to Kubernetes, the image versions are updated but the docker-compose is untested.
```docker-compose ```docker-compose
@ -150,7 +157,7 @@ To troubleshoot plugins further, add the following lines to the agent block in /
logfile = "/var/log/telegraf/telegraf.log" logfile = "/var/log/telegraf/telegraf.log"
#### Restarting Telegraf #### Restarting Telegraf
# ps -aux | grep -i telegraf # ps aux | grep '[t]elegraf.conf'
# kill -HUP <pid of telegraf proces> # kill -HUP <pid of telegraf proces>
Now go read /var/log/telegraf/telegraf.log Now go read /var/log/telegraf/telegraf.log
@ -183,12 +190,13 @@ When in doubt, run a few queries to see if the data you are looking for is being
interface interface
mem mem
net net
netstat
pf pf
processes processes
swap swap
system system
tail_dnsbl tail_dnsbl_log
tail_ipblock tail_ip_block_log
temperature temperature
> select * from system limit 20 > select * from system limit 20
name: system name: system