I’m using unbound(8) on OpenBSD to block Ads. In the logs, I can see which domains were queried and blocked ; but I like to have a more graphical overview of whats happening over weeks. So I stole a few ideas from the Pi-Hole Web Interface, routed the logs to InfluxDB via syslog-ng and rendered statistics using Grafana.
While experimenting with Telegraf, SNMP and InfluxDB, I ended up filling some measurements with tags and fields that have the same name. InfluxDB works nicely with such user-case by adding numbers (in format “_###”) to those keys. But that’s a mess to deal with when using Grafana. And a mess in general.
I’ve enabled an OpenBSD unbound(8) daemon that is used as a central DNS cache resolver. Now I needed to know what it was doing and how it performed. The question was answered grabbing statistics from unbound and render them using Grafana.
The whole monitoring stack is composed of Net-SNMP, Telegraf and InfluxDB for the metrics part ; and syslogd(8), Logstash and Elasticsearch for the logs part. Of course, most of those run on OpenBSD (6.3) ; except Telegraf, which is not available (yet).
I regularly check my pf(4) activity using pfctl(8) and pflogd(8). I already monitored pf using collectd(1) and rrdtool. This time, I wanted to use my already configured InfluxDB/Grafana system. The thing is, Telegraf is not (yet) available in OpenBSD 6.3. So I used a Telegraf container to remotely poll OpenBSD using the native SNMP OPENBSD-PF-MIB.
Once upon a time, the collectd database was hosted on the dagobah InfluxDB 1.4.x server. Then came the moment when it had to be migrated to the hoth server. The backup and restore process happened this way…