Docker OPNSense dashboard on DS920+ ( SOLVED )

[ghost]

Hello,

I followed the documentation and there are 2 things to adjust:

Configuring Graylog: Then download the database file, replace YOUR_LICENSE_KEY with the key you generated above.

Problem: Error write 'GeoLite2-Country.mmdb' to '/usr/share/graylog/data/data/'.

Solution: sudo docker exec -it graylog /bin/bash CD /usr/share/graylog/data/data/ chmod 775 GeoLite2-Country.mmdb rm GeoLite2-Country.mmdb

Execute: curl "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key=YOUR_LICENSE_KEY&suffix=tar.gz" -o GeoLite2-Country.tar.gz \ && tar -xzvf GeoLite2-Country.tar.gz \ && mv GeoLite2-Country_*/GeoLite2-Country.mmdb /usr/share/graylog/data/data/

Configure Additional Settings: Now, add your index set from earlier to the "OPNsense / filterlog" stream. Navigate to Streams -> More Actions -> Edit Stream -> select your index set and save.

Problem: Stream 'OPNsense / filterlog' not visible.

Solution: Open content-pack 'OPNSense Dashboard' Click 'Install'

Configure Variables There is no explanation how to change the interfaces, only that you can do it. Maybe some screenshots??

The dashboard is working now and I really like it.

Request:

• How to modify the databases to add support for Docker container monitoring. Earlier I setup Grafana, Prometheus, Node-exporter via this instruction 'https://grafana.com/docs/grafana-cloud/quickstart/docker-compose-linux/' but couldn't make it work with OPNSense Dashboard. How can I make this work side-by-side?

[ghost]

I can't get the worldmap on the opnsense-dashboard working. How do I get the colored pointers on the worldmap?

[ghost]

Solved!

I used the latest docker-compose.yaml file that uses mongodb 6.0.4 and Graylog 5.0.2. I'm running Docker on a Synology DS920+ and Mongodb gives a warning that it needs a CPU with AVX support. The DS920+ does not support this.

The latest version of mongodb that not need a CPU with AVX support is v4.4.18 but can't be used with Graylog 5. The previous version of Graylog v4.3.11 does the trick.

I changed the docker-compose.yml to work with macvlans because I like it this way. Don't forget to change the IP-adresses (DNS-names) in 'OPNSense>Services>Telegraf>Output:Influx v2 URL', 'OPNSense>System>Settings>Logging/Targets:Hostname', 'Grafana>Configuration>Data Sources>ElasticSearch:URL' and 'Grafana>Configuration>Data Sources>InfluxDB:URL'.

version: '3' services: mongodb: container_name: OPNSense-dashboard-Mongodb image: mongo:4.4.18 volumes:

• mongodb_data:/data/db restart: "unless-stopped" environment:
• TZ=Europe/Amsterdam mac_address: 00:11:22:33:44:29 networks: macvlan-bridge: ipv4_address: 10.1.1.229 dns:

• 1.1.1.1

  elasticsearch: container_name: OPNSense-dashboard-Elasticsearch image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2 volumes:

• es_data:/usr/share/elasticsearch/data environment:
• TZ=Europe/Amsterdam
• http.host=0.0.0.0
• transport.host=localhost
• network.host=0.0.0.0
• "ES_JAVA_OPTS=-Xms512m -Xmx512m" restart: "unless-stopped" mac_address: 00:11:22:33:44:30 networks: macvlan-bridge: ipv4_address: 10.1.1.230 dns:

• 1.1.1.1

  graylog: container_name: OPNSense-dashboard-Graylog image: graylog/graylog:4.3.11 volumes:

• graylog_data:/usr/share/graylog/data environment:
• TZ=Europe/Amsterdam
• ROOT_TIMEZONE=Europe/Amsterdam
• GRAYLOG_TIMEZONE=Europe/Amsterdam
• GRAYLOG_PASSWORD_SECRET=XXXXXXXXXXXXXXXXXXXXXXXXXXX
• GRAYLOG_ROOT_PASSWORD_SHA2=XXXXXXXXXXXXXXXXXXXXXXXXXXX
• GRAYLOG_HTTP_EXTERNAL_URI=http://10.1.1.231:9000/ entrypoint: /usr/bin/tini -- wait-for-it 10.1.1.230:9200 -- /docker-entrypoint.sh links:
• mongodb:mongo
• elasticsearch depends_on:
• mongodb
• elasticsearch ports:
• 9000:9000
• 1514:1514/udp
• 1514:1514 restart: "unless-stopped" mac_address: 00:11:22:33:44:31 networks: macvlan-bridge: ipv4_address: 10.1.1.231 dns:

• 1.1.1.1

  influxdb: container_name: OPNSense-dashboard-Influxdb image: influxdb:2.6.1 ports:

• '8086:8086' volumes:
• influxdb2_data:/var/lib/influxdb2 environment:
• TZ=Europe/Amsterdam restart: "unless-stopped" mac_address: 00:11:22:33:44:32 networks: macvlan-bridge: ipv4_address: 10.1.1.232 dns:

• 1.1.1.1

  grafana: container_name: Grafana image: grafana/grafana:9.2.10 ports:

• '3000:3000' volumes:
• grafana_data:/var/lib/grafana depends_on:
• influxdb environment:
• TZ=Europe/Amsterdam
• GF_SECURITY_ADMIN_USER=XXXXXXXXXXXXXXXXXXXXXXXXXXX
• GF_SECURITY_ADMIN_PASSWORD=XXXXXXXXXXXXXXXXXXXXXXXXXXX
• GF_INSTALL_PLUGINS=grafana-worldmap-panel restart: "unless-stopped" mac_address: 00:11:22:33:44:33 networks: macvlan-bridge: ipv4_address: 10.1.1.233 dns:
• 1.1.1.1

volumes: grafana_data: influxdb2_data: graylog_data: es_data: mongodb_data:

networks: macvlan-bridge: external: name: macvlan-bridge