Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Loki support to Telegraf interface #4407

Open
pcarinhas opened this issue Dec 16, 2024 · 5 comments
Open

Add Loki support to Telegraf interface #4407

pcarinhas opened this issue Dec 16, 2024 · 5 comments

Comments

@pcarinhas
Copy link

Important notices

Is your feature request related to a problem? Please describe.

Getting metrics/logs into Loki is a pain. We can write our own configuration file for Telegraf, but that
is probematic and goes against the OpnSense way.

Describe the solution you like

Add Loki support to the Telegraf plugin, and ensure it has options to include the Loki bearer_token so that
it is secure.

Describe alternatives you considered

Writing a custom Telegraf configuration file and inserting that into the OpnSense directly. Its probably not a stable way to go. Other solution is to create a Fluent-bit package (I created a separate feature request for this).

Additional context
Loki is lightweight and powerful on its own. It provides a general and scalable way to monitor both logs and metrics. Its worthwhile to have Loki support inside of OpnSense.
@AdSchellevis AdSchellevis transferred this issue from opnsense/core Dec 16, 2024
@AdSchellevis
Copy link
Member

moved to #4407, please open future plugin tickets in this repository

@pcarinhas
Copy link
Author

Thank, I will.

Also, there are several ways to authenticate to Loki, many use Nginx and basic auth, but a bearer token can be used as well:

Bearer Token

[[outputs.loki]]
  endpoint = "https://your_loki_server:3100/loki/api/v1/push"
  headers = [
    {"Authorization": "Bearer your_token"}
  ]
  labels = ["job=pfsense"]

Basic Auth

[[outputs.loki]]
  endpoint = "https://your_loki_server:3100/loki/api/v1/push"
  username = "your_username"
  password = "your_password"
  labels = ["job=pfsense"]

@pcarinhas
Copy link
Author

One more comment. It may be enough, in the short run, to provide a custom configuration textbox in the outputs section of the configuration, that writes the appropriate place.

@AdSchellevis
Copy link
Member

One more comment. It may be enough, in the short run, to provide a custom configuration textbox in the outputs section of the configuration, that writes the appropriate place.

Although I'm not involved in development of this plugin, free text unvalidated input doesn't meet the bar (https://docs.opnsense.org/development/guidelines/basics.html#safeguard-user-input)

@mimugmail
Copy link
Member

Its not that hard, do you want to try it on your own?

https://github.com/opnsense/plugins/pull/3607/files

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pcarinhas @AdSchellevis @mimugmail