search

acouvreur / ssh-log-to-influx

Send SSH authentication logs to influxdb with geohashing IP
GNU General Public License v3.0
101 stars 25 forks source link

Please add proper documentation how to setup #164

Closed yatadev closed 3 years ago

yatadev commented 3 years ago

I have a running Grafana instance and i added your stuff from your docker-compose.standalone.yml.

However i have no idea how to connect to the influxDB in Grafana, i have tried root:root as credentials and so on but i always get Status 400 back.

I have also no idea if i should use InfluxQL or Flux, or how the datasouce config should look like.

Also your container does not connect to influx: A 401 Unauthorized error occurred: {"code":"unauthorized","message":"Unauthorized"}

Here are the relevant parts of my compose file:

  grafana:
    image: grafana/grafana
    container_name: grafana
    depends_on:
      - prometheus
      - cadvisor
      - node-exporter
    volumes:
      - grafana-storage:/var/lib/grafana
    env_file:
      - grafana.env
    networks:
      - traefik-network
      - default
    user: "472"
    labels:
      - "traefik.http.routers.grafana.rule=Host(`grafana.domain.io`)"
      - "traefik.http.routers.grafana.service=grafana"
      - "traefik.http.services.grafana.loadbalancer.server.port=3000"
      - "traefik.docker.network=traefik-network"
      - 'traefik.enable=true'
      - 'traefik.http.routers.grafana.entrypoints=https'
      - 'traefik.http.routers.grafana.tls=true'
      - 'traefik.http.routers.grafana.tls.certresolver=le'
      - "traefik.http.routers.grafana.middlewares=chain-authelia@file"
    restart: unless-stopped

  #----------------------------------------------#
  # InfluxDB : time series database
  #----------------------------------------------#
  influxdb:
    image: influxdb:latest
    volumes:
      - ./influxdb:/var/lib/influxdb

  #----------------------------------------------#
  # ssh-log (fail2ban) to influxdb
  #----------------------------------------------#
  ssh-log-to-influx:
    image: acouvreur/ssh-log-to-influx:latest
    restart: unless-stopped
    environment:
      - INFLUX_HOST=influxdb
      - INFLUX_DB=telegraf
#    ports:
#      - 7070:7070/tcp

volumes:
  grafana-storage:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: /data/docker/monitoring/grafana
acouvreur commented 3 years ago

Hi you can see all configuration in grafana/provisioning which show how to setup the database and the dashboard. I fixed the influx version to 1.8 because :latest is now >2.x.x which seems to not be working anymore.