Cool Solution - Grafana
From Univention Wiki
Grafana offers an open source dashboards for visualizing your data. It can be used, for example, for visualizing data from ElasticSearch.
Set the Repository
Add the Grafana GPG Key
wget -qO - https://packagecloud.io/gpg.key | sudo apt-key add -
Add the repository
echo "deb https://packagecloud.io/grafana/stable/debian/ stretch main" | tee -a /etc/apt/sources.list.d/elastic-5.x.list
Install Grafana using apt
apt-get update && apt-get install grafana
Start Grafana and add it to the autostart list,
systemctl daemon-reload systemctl start grafana-server systemctl enable grafana-server.service
Open the Firewall
The user can reach Grafana by default using the port 3000. This port has to be opened in the firewall using the following ucr command
ucr set security/packetfilter/tcp/3000/all=ACCEPT \ security/packetfilter/tcp/3000/all/en="Grafana"
Restart the univention Firewall
systemctl restart univention-firewall
Grafana LDAP Integration
The LDAP integration makes use of the memberOf overlay, please see the documentation about activating it.
To enable the LDAP integration open the configuration file, for example with nano.
Search for the LDAP authentication using CTRL-w and type "ldap" before pressing return.
Here set activate the integration by setting the enabled variable and allow_sign_up to true.
Close the file by pressing CTRL-O followed by CTRL-X
The following script configures the actual LDAP integration to match your system. Please note that it will change your Domain Admins to be Grafana Admins and your Domain Users to be Editors. You might want to adapt it to your specific environment.
cat >/etc/grafana/ldap.toml <<_EOL_ [[servers]] host = "$(ucr get ldap/server/name)" port = $(ucr get ldap/server/port) use_ssl = false start_tls = true ssl_skip_verify = false root_ca_cert = "/etc/univention/ssl/ucsCA/CAcert.pem" bind_dn = "$(ucr get ldap/hostdn)" bind_password = "$(cat /etc/machine.secret)" search_filter = "(&(uid=%s)(univentionObjectType=users/user))" search_base_dns = ["$(ucr get ldap/base)"] # Specify names of the ldap attributes your ldap uses [servers.attributes] name = "givenName" surname = "sn" username = "uid" member_of = "memberOf" email = "mailPrimaryAddress" # Map ldap groups to grafana org roles [[servers.group_mappings]] group_dn = "cn=Domain Admins,cn=groups,$(ucr get ldap/base)" org_role = "Admin" [[servers.group_mappings]] group_dn = "cn=Domain Users,cn=groups,$(ucr get ldap/base)" org_role = "Editor" [[servers.group_mappings]] group_dn = "*" org_role = "Viewer" _EOL_
Now restart Grafana again.
systemctl restart grafana-server
Grafana utilizes multiple plugins to import and visualize data. Navigate your web browser to
http://<ip of your server>:3000
The default username is admin and the password likewise is admin
Please ensure, that you have configured not only ElasticSearch but also, that you have already collected Data in the Database.
The index in our example is composed out of the [filebeat-6.2.3-]YYYY.MM.DD. For the Pattern select Daily. Leave the Time field name and select version 5.6+. Most beats for ElasticSearch write every minute. Thus 1m in Min interval should be sufficient. If you are monitoring some servers more frequently, you might want to change it to something different, e.g., 10s.
You can find more indices with following command
curl -XGET 'localhost:9200/_cat/indices?v'
Depending on how much data you have in your database, you might need to wait a couple of minutes before you can start creating a new Dashboard. To create a dashboard merely select the desired components and drag them into the Dashboard.