While monitoring home network is not something that's really needed, I find it always comes in handy. If nothing else, you get to see lot of nice colors and numbers flying around. For people like me, I need nothing more as encouragement.
Over time I tried many different systems but lately I fell in love with Grafana combined with InfluxDB. Grafana gives really nice and simple GUI while InfluxDB serves as the database for all the metrics.
I find Grafana hits just a right balance of being simple enough to learn basics but powerful enough that you can get into advanced stuff if you need it. Even better, it fits right into a small network without any adjustments needed to the installation. Yes, you can make it more complex later but starting point is spot on.
InfluxDB makes it really easy to push custom metrics from command line or literally anything that can speak HTTP and I find that really useful in heterogeneous network filled with various IoT devices. While version 2.0 is available, I actually prefer using 1.8 as it's simpler in setup, lighter on resources (important if you run it in virtual machine), and it comes without GUI. Since I only use it as backend, that actually means I have less things to secure.
Installing Grafana on top of Ubuntu Server 20.04 is easy enough.
Terminalsudo apt-get install -y apt-transport-https
wget -4qO - https://packages.grafana.com/gpg.key | sudo apt-key add -
echo "deb https://packages.grafana.com/oss/deb stable main" \
| sudo tee -a /etc/apt/sources.list.d/grafana.list
sudo apt update
sudo apt --yes install grafana
sudo systemctl start grafana-server
sudo systemctl enable grafana-server
sudo systemctl status grafana-server
That's it. Grafana is now listening on port 3000
. If you want it on port 80
, some NAT magic is required.
Terminalsudo apt install --yes netfilter-persistent
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3000
sudo netfilter-persistent save
sudo iptables -L -t nat
With Grafana installed, it's time to get InfluxDB onboard too. Setup is again simple enough.
Terminalwget -4qO - https://repos.influxdata.com/influxdb.key | sudo apt-key add -
echo "deb https://repos.influxdata.com/ubuntu focal stable" \
| sudo tee /etc/apt/sources.list.d/influxdb.list
sudo apt update
sudo apt --yes install influxdb
sudo systemctl start influxdb
sudo systemctl enable influxdb
sudo systemctl status influxdb
Once installation is done, the only remaining task is creating the database. In example I named it "telegraf", but you can select whatever name you want.
Terminalcurl -i -XPOST http://localhost:8086/query --data-urlencode "q=CREATE DATABASE telegraf"
With both installed, we might as well install Telegraf so we can push some stats. Installation is again really similar:
Terminalwget -4qO- https://repos.influxdata.com/influxdb.key | sudo apt-key add -
echo "deb https://repos.influxdata.com/ubuntu focal stable" \
| sudo tee /etc/apt/sources.list.d/influxdb.list
sudo apt-get update
sudo apt-get install telegraf
sudo sed -i 's*# database = "telegraf"$*database = "telegraf"*' /etc/telegraf/telegraf.conf
sudo sed -ri 's*# (urls = \["http://127.0.0.1:8086"\])$*\1*' /etc/telegraf/telegraf.conf
sudo sed -ri 's*# (\[\[inputs.syslog\]\])$*\1*' /etc/telegraf/telegraf.conf
sudo sed -ri 's*# ( server = "tcp://:6514")*\1*' /etc/telegraf/telegraf.conf
sudo systemctl restart telegraf
sudo systemctl status telegraf
And a minor update is needed for rsyslog
daemon in order to forward syslog messages.
Terminalecho '*.notice action(type="omfwd" target="localhost" port="6514"' \
'protocol="tcp" tcp_framing="octet-counted" template="RSYSLOG_SyslogProtocol23Format")' \
| sudo tee /etc/rsyslog.d/99-forward.conf
sudo systemctl restart rsyslog
If you want to accept remove syslog messages, that's also just a command away:
Terminalecho 'module(load="imudp")'$'\n''input(type="imudp" port="514")' \
| sudo tee /etc/rsyslog.d/98-accept.conf
sudo systemctl restart rsyslog
That's it. You have your metric server fully installed and its own metrics are flowing.
And yes, this is not secure and you should look into having TLS enabled at minimum, ideally with proper authentication for all your clients. However, this setup does allow you to dip your toes and see whether you like it or not.
PS: While creating graphs is easy enough, dealing with logs is a bit more complicated. NWMichl Blog has link to really nice dashboard for this purpose.
With influxdb2 you dont even need grafana in many cases, since you can create your dashboard there directly to show the telegraf inputs.