some grafana dashboard fields are empty

[arifroni]

Hello

I followed the instruction and i had to make some changes. I am using unbound with adguard in a proxmox LXC.

1. i used amd64 binary from here
2. i changed the prometheus-unbound-exporter.service like this

But i dont get all the fields. Since i am not using any blocklists, i expected some empty box, but all.

Any idea what could be the issue?

[ar51an]

1) The unbound-exporter is working fine, that is why you are seeing the stats in your screenshot. If you are not using blocklist, ~only panel that would be empty is the first panel in the second row~. If you want, you can remove it and resize/adjust subsequent panles in second row. (as shown below)

2) All other panels that are not showing any data in your screenshot are populated through loki and unbound log. Did you install the Loki and Promtail? Did you enable the unbound logging? As mentioned under the Loki section in the instructions, since you are on amd64 so get amd64 deb files for loki and promtail from below links: https://github.com/grafana/loki/releases/download/v2.8.4/loki_2.8.4_amd64.deb https://github.com/grafana/loki/releases/download/v2.8.4/promtail_2.8.4_amd64.deb What is the output of below cmds: sudo systemctl status loki sudo systemctl status promtail ls -l /var/log/unbound/

[arifroni]

thanks for your reply. I have installed right deb file, i think :) unbound.conf

here are the outputs:

could it be that the log file has permission issue? thats why unbound cant export log file to that directory?

[ar51an]

Seems like you are running the distro version of Unbound, it runs as chroot by apparmor.

Modify apparmor policy profile for unbound: sudo nano \etc\apparmor.d\usr.sbin.unbound (Location of usr.sbin.unbound may vary depending on your distro)

Add below line at the end of the file before closing curly bracket: /var/log/unbound/unbound.log rw,

Reload apparmor policy profile for unbound: sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.unbound (Provide the correct location of the policy profile that you used in the first step)

Restart unbound / Reboot machine, verify that /var/log/unbound/ dir contains unbound.log

[arifroni]

Any idea what could be the problem here?

[ar51an]

Try below:

sudo nano /etc/apparmor.d/local/usr.sbin.unbound (It will create the file if it does not exist)

Add below line: /var/log/unbound/unbound.log rw,

sudo apparmor_parser -r /etc/apparmor.d/usr.sbin.unbound (It should apply the changes from /etc/apparmor.d/local/usr.sbin.unbound to main profile /etc/apparmor.d/usr.sbin.unbound)

[ar51an]

Closing due to no activity.

[arifroni]

Hi, i couldnt check in the last days. but still i have same error.

[ar51an]

Seems like you are running a privileged lxc container.

Try to change the apparmor profile to unconfined. Then run the unbound command mentioned in the previous message.

• Add to the .conf file for container:

  lxc.apparmor.profile:unconfined lxc.cap.drop:

If above does not work then you may need to change it to unconfined in the compose file.

security_opt:
- apparmor:unconfined

[arifroni]

after adding the lines in lxc conf file, apparmor_parser -r /etc/apparmor.d/usr.sbin.unbound works without any error. but unbound is not starting anymore.

[arifroni]

update: after deleting 2 lines from conf file of the lxc, unbound starts again. i created the unbound.log file manually and since then i can see some of the fields are populated. except marked boxes.

[ar51an]

after adding the lines in lxc conf file, apparmor_parser -r /etc/apparmor.d/usr.sbin.unbound works without any error. but unbound is not starting anymore.

I know you reverted the changes. Just mentioning, it may be helpful to you in future. The above error in the screenshot tells nothing it is just the last status. Actual error happened before that. You should find the actual error to figure out what went wrong with below cmd: sudo journalctl -u unbound -n 200 -f

[ar51an]

update: after deleting 2 lines from conf file of the lxc, unbound starts again. i created the unbound.log file manually and since then i can see some of the fields are populated. except marked boxes.

Are the bottom 4 panels (that shows domains requested) populated properly? Give it half an hour to have enough data for grafana. These two panels are linked with the unbound blocked count, since you are not using the unbound blocklist you might not see anything in these two panels.

[arifroni]

Thanks a lot for all your help :). I will take a look on the error. As for the 2 missing box (Queries & Queries), it make sense that i wont see them. I didnt realize it shows blocked website data. Domain requests panels show data, but 2 not 4. I guess missing panels are related to blocked domains. clients are always 127.0.0.1, because adguard is requesting, right?

[ar51an]

Yes right two bottom panels are also populated with blocked domains (did not realize in my first comment). Check the dashboard v2.2 screenshot at: https://github.com/ar51an/unbound-dashboard/blob/main/screenshots/screenshots.md

clients are always 127.0.0.1, because adguard is requesting, right?

Check the output of: cat /etc/resolv.conf It should have the DNS server IP as nameserver <IP> only.

OR

dig google.com Check the third last line (could vary on your system) that starts with SERVER: <IP>. IP should be your DNS server IP.

What are the Client IPs it shows in Adguard logs? (Actual client IPs OR 127.0.0.1)

Bottom line is either Adgurad is not forwarding client IPs to unbound (should be some setting or configuration to enable it) OR you need to set DNS server IP under LAN DNS server on your router.

[arifroni]

output: i can see local ips in adguard. I found this option in adguard, that maybe has something to do with ip forwarding (i am far from expert on this topic as you can imagine :D) But turning it on makes no difference.