monitoring: T4410: Add telegraf output Plugin http for Splunk

Ability to send HTTP output to Splunk via telegraf set service monitoring telegraf splunk authentication insecure set service monitoring telegraf splunk authentication token 'xxx' set service monitoring telegraf splunk url 'https://x.x.x.x'
author: Viacheslav Hletenko <v.gletenko@vyos.io> 2022-05-04 18:07:45 +0000
committer: Viacheslav Hletenko <v.gletenko@vyos.io> 2022-05-05 11:55:01 +0000
commit: 80e3120d7945786b4c053fc18b6de803d82888c1 (patch)
tree: 7f69be19431550ab59a0843ec1acc598f3ccf040
parent: 0400f96c003ca0472a9e1786b5af20e4207b9e59 (diff)
download: vyos-1x-80e3120d7945786b4c053fc18b6de803d82888c1.tar.gz
vyos-1x-80e3120d7945786b4c053fc18b6de803d82888c1.zip
3 files changed, 74 insertions, 0 deletions
diff --git a/data/templates/monitoring/telegraf.j2 b/data/templates/monitoring/telegraf.j2
index 336a1d2c4..d1a94366b 100644
--- a/data/templates/monitoring/telegraf.j2
+++ b/data/templates/monitoring/telegraf.j2
@@ -15,14 +15,17 @@
   hostname = ""
   omit_hostname = false
 {% if influxdb_configured is vyos_defined %}
+### InfluxDB2 ###
 [[outputs.influxdb_v2]]
   urls = ["{{ url }}:{{ port }}"]
   insecure_skip_verify = true
   token = "$INFLUX_TOKEN"
   organization = "{{ authentication.organization }}"
   bucket = "{{ bucket }}"
+### End InfluxDB2 ###
 {% endif %}
 {% if prometheus_client is vyos_defined %}
+### Prometheus ###
 [[outputs.prometheus_client]]
   ## Address to listen on
   listen = "{{ prometheus_client.listen_address if prometheus_client.listen_address is vyos_defined else '' }}:{{ prometheus_client.port }}"
@@ -35,6 +38,30 @@
 {%     if prometheus_client.allow_from is vyos_defined %}
   ip_range = {{ prometheus_client.allow_from }}
 {%     endif %}
+### End Prometheus ###
+{% endif %}
+{% if splunk is vyos_defined %}
+### Splunk ###
+[[outputs.http]]
+  ## URL is the address to send metrics to
+  url = "{{ splunk.url }}"
+  ## Timeout for HTTP message
+  # timeout = "5s"
+  ## Use TLS but skip chain & host verification
+{%     if splunk.authentication.insecure is vyos_defined %}
+  insecure_skip_verify = true
+{%     endif %}
+  ## Data format to output
+  data_format = "splunkmetric"
+  ## Provides time, index, source overrides for the HEC
+  splunkmetric_hec_routing = true
+  ## Additional HTTP headers
+   [outputs.http.headers]
+   # Should be set manually to "application/json" for json data_format
+     Content-Type = "application/json"
+     Authorization = "Splunk {{ splunk.authentication.token }}"
+     X-Splunk-Request-Channel = "{{ splunk.authentication.token }}"
+### End Splunk ###
 {% endif %}
 [[inputs.cpu]]
     percpu = true
diff --git a/interface-definitions/service_monitoring_telegraf.xml.in b/interface-definitions/service_monitoring_telegraf.xml.in
index 021174701..ff4c8c55f 100644
--- a/interface-definitions/service_monitoring_telegraf.xml.in
+++ b/interface-definitions/service_monitoring_telegraf.xml.in
@@ -168,6 +168,44 @@
                   </leafNode>
                 </children>
               </node>
+              <node name="splunk">
+                <properties>
+                  <help>Output plugin Splunk</help>
+                </properties>
+                <children>
+                  <node name="authentication">
+                    <properties>
+                      <help>HTTP basic authentication parameters</help>
+                    </properties>
+                    <children>
+                      <leafNode name="token">
+                        <properties>
+                          <help>Authorization token</help>
+                        </properties>
+                      </leafNode>
+                      <leafNode name="insecure">
+                        <properties>
+                          <help>Use TLS but skip host validation</help>
+                          <valueless/>
+                        </properties>
+                      </leafNode>
+                    </children>
+                  </node>
+                  <leafNode name="url">
+                    <properties>
+                      <help>Remote URL [REQUIRED]</help>
+                      <valueHelp>
+                        <format>url</format>
+                        <description>Remote URL to Splunk collector</description>
+                      </valueHelp>
+                      <constraint>
+                        <regex>^(http(s?):\/\/.*):(\d*)\/?(.*)</regex>
+                      </constraint>
+                      <constraintErrorMessage>Incorrect URL format</constraintErrorMessage>
+                    </properties>
+                  </leafNode>
+                </children>
+              </node>
               <leafNode name="url">
                 <properties>
                   <help>Remote URL [REQUIRED]</help>
diff --git a/src/conf_mode/service_monitoring_telegraf.py b/src/conf_mode/service_monitoring_telegraf.py
index 2398b0174..102a87318 100755
--- a/src/conf_mode/service_monitoring_telegraf.py
+++ b/src/conf_mode/service_monitoring_telegraf.py
@@ -124,6 +124,15 @@ def verify(monitoring):
         if 'url' not in monitoring:
             raise ConfigError(f'Monitoring "url" is mandatory!')
 
+    # Verify Splunk
+    if 'splunk' in monitoring:
+        if 'authentication' not in monitoring['splunk'] or \
+           'token' not in monitoring['splunk']['authentication']:
+            raise ConfigError(f'Authentication "organization and token" are mandatory!')
+
+        if 'url' not in monitoring['splunk']:
+            raise ConfigError(f'Monitoring splunk "url" is mandatory!')
+
     return None
 
 def generate(monitoring):
author	Viacheslav Hletenko <v.gletenko@vyos.io>	2022-05-04 18:07:45 +0000
committer	Viacheslav Hletenko <v.gletenko@vyos.io>	2022-05-05 11:55:01 +0000
commit	80e3120d7945786b4c053fc18b6de803d82888c1 (patch)
tree	7f69be19431550ab59a0843ec1acc598f3ccf040
parent	0400f96c003ca0472a9e1786b5af20e4207b9e59 (diff)
download	vyos-1x-80e3120d7945786b4c053fc18b6de803d82888c1.tar.gz vyos-1x-80e3120d7945786b4c053fc18b6de803d82888c1.zip