pfSense graphs in Grafana

Using Grafana with pfSense

Grafana Dashboard

Update: 2018/09/13
pfSense has a plugin for telegraf which can be installed from the gui. I recommend this method rather than what I figured out below. I’m leaving these notes for manual installation reference.

2017/12/09
I put this guide together using information from various other blogs. This is current as of December 2017 and using pfSense 2.4.2. For this tutorial, you’ll need your IP or hostname of your influxdb data source and your username and password.

The data flow is as follows:

pfSense -> Telegraf (gather metrics) -> InfluxDB (store metrics) -> Grafana (render graphs)

Step 1 - Install Telegraf on pfSense

ssh in to pfsense and select option 8 to get a shell

1
ssh pfsense-01.chrisbergeron.com

Download telegraf:

1
pkg add wget https://pkg.freebsd.org/freebsd:11:x86:64/latest/All/telegraf-1.4.4.txz

Enable telegraf:

1
echo 'telegraf_enable=YES' >> /etc/rc.conf

Edit the telegraf config file:

1
2
cd /usr/local/etc
vi telegraf.conf

Step 2 - Configure Telegraf

Make the following changes:

1
2
3
4
5
6
7
8
9
10
[[outputs.influxdb]]
urls = ["https://10.5.5.40:8089"]
...
database = "pfsense"
...
username = "your_username"
password = "your_password"

[[inputs.net]]
interfaces = ["igb0", "igb1", "igb2", "ovpns1"]

You’ll have to modify the inputs for your own setup. In this example, I’ll be monitoring an OpenVPN tunnel and 3 interfaces: WAN, LAN and backup WAN.

Step 3 - Start Telegraf

Finally, start telegraf:

1
2
cd /usr/local/etc/rc.d
./telegraf start

You won’t need to restart anything on the pfSense box. If you have any issues, you can look at the log file (/var/log/telegraf.log). In a future blog post I’ll show how to create a data source in Grafana using the influx source and building a basic graph.

I’m mainly graphing bandwidth, but you can graph any of the following:

  • cpu
  • disk
  • diskio
  • net
  • processes
  • swap
  • system

One of the hurdles I encountered when building the dashboard panels is that Telegraf is reporting counters (or accumulators), so you have to massage the data to get anything useful. The trick here is to use the DERIVATIVE function in the panel configuration. This gives you the delta for a time series so you can actually see what is being sent or received:

Panel configuration with Derivative metric

Another thing I found useful was to add the MATH paramenter as: “*-1” (multiply by negative one) for sent data. This inverts the sent data into the negative which makes the graph easier to view at a glance.

Technology used:

GrafanaInfluxDBpfSenseTelegraf
Author

Chris Bergeron

Posted on

09-13-2018

Updated on

05-02-2021

Licensed under

Comments