summaryrefslogtreecommitdiff
path: root/data/templates/monitoring
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates/monitoring')
-rw-r--r--data/templates/monitoring/override.conf.j27
-rw-r--r--data/templates/monitoring/syslog_telegraf.j25
-rw-r--r--data/templates/monitoring/systemd_vyos_telegraf_service.j216
-rw-r--r--data/templates/monitoring/telegraf.j2122
4 files changed, 150 insertions, 0 deletions
diff --git a/data/templates/monitoring/override.conf.j2 b/data/templates/monitoring/override.conf.j2
new file mode 100644
index 000000000..f8f150791
--- /dev/null
+++ b/data/templates/monitoring/override.conf.j2
@@ -0,0 +1,7 @@
+[Unit]
+After=vyos-router.service
+ConditionPathExists=/run/telegraf/vyos-telegraf.conf
+[Service]
+Environment=INFLUX_TOKEN={{ authentication.token }}
+CapabilityBoundingSet=CAP_NET_RAW CAP_NET_ADMIN CAP_SYS_ADMIN
+AmbientCapabilities=CAP_NET_RAW CAP_NET_ADMIN
diff --git a/data/templates/monitoring/syslog_telegraf.j2 b/data/templates/monitoring/syslog_telegraf.j2
new file mode 100644
index 000000000..cdcbd92a4
--- /dev/null
+++ b/data/templates/monitoring/syslog_telegraf.j2
@@ -0,0 +1,5 @@
+# Generated by /usr/libexec/vyos/conf_mode/service_monitoring_telegraf.py
+
+$ModLoad omuxsock
+$OMUxSockSocket /run/telegraf/telegraf_syslog.sock
+*.notice :omuxsock:
diff --git a/data/templates/monitoring/systemd_vyos_telegraf_service.j2 b/data/templates/monitoring/systemd_vyos_telegraf_service.j2
new file mode 100644
index 000000000..234ef5586
--- /dev/null
+++ b/data/templates/monitoring/systemd_vyos_telegraf_service.j2
@@ -0,0 +1,16 @@
+[Unit]
+Description=The plugin-driven server agent for reporting metrics into InfluxDB
+Documentation=https://github.com/influxdata/telegraf
+After=network.target
+
+[Service]
+EnvironmentFile=-/etc/default/telegraf
+User=telegraf
+ExecStart=/usr/bin/telegraf -config /run/telegraf/vyos-telegraf.conf -config-directory /etc/telegraf/telegraf.d $TELEGRAF_OPTS
+ExecReload=/bin/kill -HUP $MAINPID
+Restart=on-failure
+RestartForceExitStatus=SIGPIPE
+KillMode=control-group
+
+[Install]
+WantedBy=multi-user.target
diff --git a/data/templates/monitoring/telegraf.j2 b/data/templates/monitoring/telegraf.j2
new file mode 100644
index 000000000..a732fb5de
--- /dev/null
+++ b/data/templates/monitoring/telegraf.j2
@@ -0,0 +1,122 @@
+# Generated by /usr/libexec/vyos/conf_mode/service_monitoring_telegraf.py
+
+[agent]
+ interval = "15s"
+ round_interval = true
+ metric_batch_size = 1000
+ metric_buffer_limit = 10000
+ collection_jitter = "5s"
+ flush_interval = "15s"
+ flush_jitter = "0s"
+ precision = ""
+ debug = false
+ quiet = false
+ logfile = ""
+ hostname = ""
+ omit_hostname = false
+{% if azure_data_explorer is vyos_defined %}
+### Azure Data Explorer ###
+[[outputs.azure_data_explorer]]
+ ## The URI property of the Azure Data Explorer resource on Azure
+ endpoint_url = "{{ azure_data_explorer.url }}"
+
+ ## The Azure Data Explorer database that the metrics will be ingested into.
+ ## The plugin will NOT generate this database automatically, it's expected that this database already exists before ingestion.
+ database = "{{ azure_data_explorer.database }}"
+ metrics_grouping_type = "{{ azure_data_explorer.group_metrics }}"
+
+ ## Name of the single table to store all the metrics (Only needed if metrics_grouping_type is "SingleTable").
+{% if azure_data_explorer.table is vyos_defined and azure_data_explorer.group_metrics == 'SingleTable' %}
+ table_name = "{{ azure_data_explorer.table }}"
+{% endif %}
+### End Azure Data Explorer ###
+{% endif %}
+{% if influxdb_configured is vyos_defined %}
+### InfluxDB2 ###
+[[outputs.influxdb_v2]]
+ urls = ["{{ url }}:{{ port }}"]
+ insecure_skip_verify = true
+ token = "$INFLUX_TOKEN"
+ organization = "{{ authentication.organization }}"
+ bucket = "{{ bucket }}"
+### End InfluxDB2 ###
+{% endif %}
+{% if prometheus_client is vyos_defined %}
+### Prometheus ###
+[[outputs.prometheus_client]]
+ ## Address to listen on
+ listen = "{{ prometheus_client.listen_address if prometheus_client.listen_address is vyos_defined else '' }}:{{ prometheus_client.port }}"
+ metric_version = {{ prometheus_client.metric_version }}
+{% if prometheus_client.authentication.username is vyos_defined and prometheus_client.authentication.password is vyos_defined %}
+ ## Use HTTP Basic Authentication
+ basic_username = "{{ prometheus_client.authentication.username }}"
+ basic_password = "{{ prometheus_client.authentication.password }}"
+{% endif %}
+{% if prometheus_client.allow_from is vyos_defined %}
+ ip_range = {{ prometheus_client.allow_from }}
+{% endif %}
+### End Prometheus ###
+{% endif %}
+{% if splunk is vyos_defined %}
+### Splunk ###
+[[outputs.http]]
+ ## URL is the address to send metrics to
+ url = "{{ splunk.url }}"
+ ## Timeout for HTTP message
+ # timeout = "5s"
+ ## Use TLS but skip chain & host verification
+{% if splunk.authentication.insecure is vyos_defined %}
+ insecure_skip_verify = true
+{% endif %}
+ ## Data format to output
+ data_format = "splunkmetric"
+ ## Provides time, index, source overrides for the HEC
+ splunkmetric_hec_routing = true
+ ## Additional HTTP headers
+ [outputs.http.headers]
+ # Should be set manually to "application/json" for json data_format
+ Content-Type = "application/json"
+ Authorization = "Splunk {{ splunk.authentication.token }}"
+ X-Splunk-Request-Channel = "{{ splunk.authentication.token }}"
+### End Splunk ###
+{% endif %}
+[[inputs.cpu]]
+ percpu = true
+ totalcpu = true
+ collect_cpu_time = false
+ report_active = false
+[[inputs.disk]]
+ ignore_fs = ["devtmpfs", "devfs"]
+[[inputs.diskio]]
+[[inputs.mem]]
+[[inputs.net]]
+[[inputs.system]]
+[[inputs.netstat]]
+[[inputs.processes]]
+[[inputs.kernel]]
+[[inputs.interrupts]]
+[[inputs.linux_sysctl_fs]]
+[[inputs.systemd_units]]
+[[inputs.conntrack]]
+ files = ["ip_conntrack_count","ip_conntrack_max","nf_conntrack_count","nf_conntrack_max"]
+ dirs = ["/proc/sys/net/ipv4/netfilter","/proc/sys/net/netfilter"]
+[[inputs.ethtool]]
+ interface_include = {{ interfaces_ethernet }}
+[[inputs.ntpq]]
+ dns_lookup = true
+[[inputs.internal]]
+[[inputs.nstat]]
+[[inputs.syslog]]
+ server = "unixgram:///run/telegraf/telegraf_syslog.sock"
+ best_effort = true
+ syslog_standard = "RFC3164"
+{% if influxdb_configured is vyos_defined %}
+[[inputs.exec]]
+ commands = [
+ "{{ custom_scripts_dir }}/show_firewall_input_filter.py",
+ "{{ custom_scripts_dir }}/show_interfaces_input_filter.py",
+ "{{ custom_scripts_dir }}/vyos_services_input_filter.py"
+ ]
+ timeout = "10s"
+ data_format = "influx"
+{% endif %}