TIG stack is the short for Telegraf, InfluxDB and Grafana. It is a set of tools often used for the purposes of monitoring your infrastructure for health, problems and trends.
Telegraf is a plugin-driven server agent for collecting and sending metrics and events from databases, systems, and IoT sensors.
Telegraf is written in Go and compiles into a single binary with no external dependencies, and requires a very minimal memory footprint.
Collects and send all kinds of data:
- Database: Connect to datasources like MongoDB, MySQL, Redis, and others to collect and send metrics.
- Systems: Collect metrics from your modern stack of cloud platforms, containers, and orchestrators.
- IoT sensors: Collect critical stateful data (pressure levels, temp levels, etc.) from IoT sensors and devices.
InfluxDB is the open source time series database that is part of the TICK (Telegraf, InfluxDB, Chronograf, Kapacitor) stack.
In our setup, we will include Grafana instead of Choronagraf and Kapacitor.
Grafana is an opensource analytics and monitoring solution for every database. It allows you to query, visualize and alert on metrics and logs no matter where they are stored.
In this lab, we are going to install and configure TIG Stack in order to monitor metrics collected from our pfSense Firewall.
- pfSense firewall installation and configuration. IP addressing.
- A CentOS server installed and configured.
- A non-root user on the CentOs machine with sudo privileges
Install Grafana and Influxdb on the CentOS machine
We are going to set up our Grafana and Influxdb on our CentOs machine.
SSH to your CentOS machine and proceed.
Grafana can be installed through two different ways. Either downloading the rpm package or installing via the official grafana yum repository.
In this lab, we are going to install through the yum repository.
We are there going to create a new file in the /etc/yum.repos.d/grafana.repo.
Once done copy and past the following in a terminal:
cat <<EOF | sudo tee /etc/yum.repos.d/grafana.repo [grafana] name=grafana baseurl=https://packages.grafana.com/oss/rpm repo_gpgcheck=1 enabled=1 gpgcheck=1 gpgkey=https://packages.grafana.com/gpg.key sslverify=1 sslcacert=/etc/pki/tls/certs/ca-bundle.crt EOF
We can now install grafana using the following command;
yum -y install grafana
Next, configure the firewall settings to allow port 3000.
firewall-cmd --add-port=3000/tcp --permanent
Reload your firewall
Start and enable the grafana service using the following command;
systemctl start grafana-server
systemctl enable --now grafana-server
Grafana is installed and running successfully. Access the grafana web gui using the following url:
You will be presented with the following screen. The defaul username is admin. You will be asked to change your password.
InfluxDB as well as Telegraf can be installed through the official repository provided by influxdata. We will install influxDB on our CentOS machine while Telegraf is going to be installed on the pfSense firewall through the package manager which will see in a later section.
Create a new file in the directory /etc/yum.repos.d/ called influxdb.repo paste the following in your terminal.
cat <<EOF | sudo tee /etc/yum.repos.d/influxdb.repo [influxdb] name = InfluxDB Repository - RHEL \$releasever baseurl = https://repos.influxdata.com/rhel/\$releasever/\$basearch/stable enabled = 1 gpgcheck = 1 gpgkey = https://repos.influxdata.com/influxdb.key EOF
Install influxdb normally
yum -y install influxdb
Start and enable the influxdb service
systemctl start influxdb
systemctl enable --now influxdb
Configure the firewall settings to allow port 8086 for influxdb
firewall-cmd --add-port=8086/tcp --permanent
Reload the firewall for changes to take effect.
We will now install Telegraf on our pfsense firewall through using the package manager. Telegraf comes in as plugin for pfSense firewall.
In your pfSense firewall dashboard, navigate to System > Package Manager then Available Packages Tab
Search for telegraf and click the install button.
Once done, you can be able to view it in the Installed Packages tab as below;
Configure Telegraf to send data to our influxDB
We can configure Telegraf now in order to send the collected data from pfsense to influxdb.
Navigate to Services > Telegraf. In the fields, put in the below.
- Enable Telegraf – Check the box
- Update Interval – 10 seconds
- Telegraf Output – Choose InfluxDB
- InfluxDB Server – http://172.16.80.40:8086 (where your influxdb was installed)
- InfluxDB Database – pfsensedb (if you didn’t create, it will be created for you)
- InfluxDB Username – influxusername
- InfluxDB Password – strongpass
You can leave the rest of the fields as is.
In our grafana web gui, we are going to configure a datasource.
In the page that appears, we will choose influxdb then configure with the desired settings on the HTTP section. For the Auth we will leave it as is. Input the correct details on the InfluxDB Details
Next we will build a dashboard. We are going to use an already created dashboard which can be imported into grafana.
Get the json file for the dashboard from here which will import into our grafana dashboard.
On the left panel, click the + button then go to Import
You will be presented with the below screen. Click on the Upload .json file button and then navigate to the json file that you downloaded then click Import.
Your dashboard will appear showing some data collected from the pfsense firewall.
We have now come to end of this lab.