Telegraf container setup with syslog receiver input plugin
Introduction
I discovered that a smart power strip could communicate with a syslog server, but couldn’t find documentation for this feature. This provided an excellent opportunity to set up a Telegraf container as a syslog server to see what the device would send. This setup could potentially be used for the Unifi Network Application as well.
Telegraf from InfluxData is a server agent for collecting metrics from sensors and systems, and writing them to InfluxDB or other outputs.
The plan was as follows:
- Adjust the firewall to allow the IoT device to communicate from the IoT VLAN to the Telegraf Syslog Plugin via UDP port 6514 in the Server VLAN.
- Set up Telegraf with the syslog plugin as input and a file as output in influx format (InfluxDB can be set as output later).
- Test the syslog server via the command line with tcpdump and logger, as the IoT device initially did not write anything to the syslog server.
- View the Telegraf output in influx data format.
I won’t describe adding the firewall rule, but you can read more about the firewall setup and the Unifi Network Application here.
Setup
-
Create the folders needed by the container
Run the following commands inside your home folder:
# Open your terminal applicationcd ~mkdir -p telegraf/configcd telegraf -
Create the configuration
Save the following script as
config/telegraf.conf:config/telegraf.conf # To create this script use your text editor application, for example Nano# The syslog plugin listens for syslog messages transmitted over a Unix Domain socket[[inputs.syslog]]## Protocol, address and port to host the syslog receiver.server = "udp://:6514"# Send telegraf metrics to file(s)[[outputs.file]]## Files to write to, "stdout" is a specially handled file.files = ["stdout", "/tmp/metrics.out"]## Data format to output.data_format = "influx" -
Create the script needed to run the container
Save the following script as
telegraf_run.sh:telegraf_run.sh # To create this script use your text editor application, for example Nanodocker run -d \--name=telegraf \--hostname=telegraf \-p 6514:6514/udp \-v $PWD/config/telegraf.conf:/etc/telegraf/telegraf.conf:ro \-e TZ=Europe/Amsterdam \--restart unless-stopped \telegraf# IMPORTANT: Please read the instructions belowInstructions:
- Optional Replace
dockerwithpodmanif needed - Required Replace port number
6514(on the left side of:) with a port number that is available if needed - Optional Replace
$PWD/config/telegraf.confwith the location of your Telegraf configuration if needed - Required Replace
Europe/Amsterdamwith your own timezone
- Optional Replace
-
Run the script to create the container
Run the following command:
# Open your terminal applicationsudo sh telegraf_run.shThe image
telegrafis automatically pulled and the container is created. -
Check the results
If needed you can check if the container is running properly.
Then I configured the IoT device with the syslog server:
- IP address of Telegraf (the docker host)
- Port 6514 (udp)
Make sure the container is started and run the following commands:
# Open your terminal applicationsudo docker exec -it telegraf /bin/bash# Now you are in the container, and you can view the output with:cat /tmp/metrics.outFor me the file was empty and this was because the IoT device had not sent anything. So I tested the Telegraf syslog server with the
loggercommand with which you can send syslog messages to the server yourself. The output ofmetrics.outthen looks like this:/tmp/metrics.out syslog,appname=admin,facility=user,host=telegraf,hostname=vm,severity=notice timestamp=1657970416034287000i,message="test",version=1i,timeQuality_tzKnown="1",timeQuality_isSynced="1",timeQuality_syncAccuracy="539010",facility_code=1i,severity_code=5i 1657970416034809769Now everything works the output can be modified to InfluxDB.
No comments found for this note.
Join the discussion for this note on Github. Comments appear on this page instantly.