From 80e3120d7945786b4c053fc18b6de803d82888c1 Mon Sep 17 00:00:00 2001 From: Viacheslav Hletenko Date: Wed, 4 May 2022 18:07:45 +0000 Subject: monitoring: T4410: Add telegraf output Plugin http for Splunk Ability to send HTTP output to Splunk via telegraf set service monitoring telegraf splunk authentication insecure set service monitoring telegraf splunk authentication token 'xxx' set service monitoring telegraf splunk url 'https://x.x.x.x' --- data/templates/monitoring/telegraf.j2 | 27 +++++++++++++++ .../service_monitoring_telegraf.xml.in | 38 ++++++++++++++++++++++ src/conf_mode/service_monitoring_telegraf.py | 9 +++++ 3 files changed, 74 insertions(+) diff --git a/data/templates/monitoring/telegraf.j2 b/data/templates/monitoring/telegraf.j2 index 336a1d2c4..d1a94366b 100644 --- a/data/templates/monitoring/telegraf.j2 +++ b/data/templates/monitoring/telegraf.j2 @@ -15,14 +15,17 @@ hostname = "" omit_hostname = false {% if influxdb_configured is vyos_defined %} +### InfluxDB2 ### [[outputs.influxdb_v2]] urls = ["{{ url }}:{{ port }}"] insecure_skip_verify = true token = "$INFLUX_TOKEN" organization = "{{ authentication.organization }}" bucket = "{{ bucket }}" +### End InfluxDB2 ### {% endif %} {% if prometheus_client is vyos_defined %} +### Prometheus ### [[outputs.prometheus_client]] ## Address to listen on listen = "{{ prometheus_client.listen_address if prometheus_client.listen_address is vyos_defined else '' }}:{{ prometheus_client.port }}" @@ -35,6 +38,30 @@ {% if prometheus_client.allow_from is vyos_defined %} ip_range = {{ prometheus_client.allow_from }} {% endif %} +### End Prometheus ### +{% endif %} +{% if splunk is vyos_defined %} +### Splunk ### +[[outputs.http]] + ## URL is the address to send metrics to + url = "{{ splunk.url }}" + ## Timeout for HTTP message + # timeout = "5s" + ## Use TLS but skip chain & host verification +{% if splunk.authentication.insecure is vyos_defined %} + insecure_skip_verify = true +{% endif %} + ## Data format to output + data_format = "splunkmetric" + ## Provides time, index, source overrides for the HEC + splunkmetric_hec_routing = true + ## Additional HTTP headers + [outputs.http.headers] + # Should be set manually to "application/json" for json data_format + Content-Type = "application/json" + Authorization = "Splunk {{ splunk.authentication.token }}" + X-Splunk-Request-Channel = "{{ splunk.authentication.token }}" +### End Splunk ### {% endif %} [[inputs.cpu]] percpu = true diff --git a/interface-definitions/service_monitoring_telegraf.xml.in b/interface-definitions/service_monitoring_telegraf.xml.in index 021174701..ff4c8c55f 100644 --- a/interface-definitions/service_monitoring_telegraf.xml.in +++ b/interface-definitions/service_monitoring_telegraf.xml.in @@ -168,6 +168,44 @@ + + + Output plugin Splunk + + + + + HTTP basic authentication parameters + + + + + Authorization token + + + + + Use TLS but skip host validation + + + + + + + + Remote URL [REQUIRED] + + url + Remote URL to Splunk collector + + + ^(http(s?):\/\/.*):(\d*)\/?(.*) + + Incorrect URL format + + + + Remote URL [REQUIRED] diff --git a/src/conf_mode/service_monitoring_telegraf.py b/src/conf_mode/service_monitoring_telegraf.py index 2398b0174..102a87318 100755 --- a/src/conf_mode/service_monitoring_telegraf.py +++ b/src/conf_mode/service_monitoring_telegraf.py @@ -124,6 +124,15 @@ def verify(monitoring): if 'url' not in monitoring: raise ConfigError(f'Monitoring "url" is mandatory!') + # Verify Splunk + if 'splunk' in monitoring: + if 'authentication' not in monitoring['splunk'] or \ + 'token' not in monitoring['splunk']['authentication']: + raise ConfigError(f'Authentication "organization and token" are mandatory!') + + if 'url' not in monitoring['splunk']: + raise ConfigError(f'Monitoring splunk "url" is mandatory!') + return None def generate(monitoring): -- cgit v1.2.3