search

prometheus / snmp_exporter

SNMP Exporter for Prometheus
Apache License 2.0
1.71k stars 631 forks source link

curl to pfsense server timed out #1250

Closed Cparker96 closed 1 month ago

Cparker96 commented 1 month ago

My pfsense server is acting as a gateway between my AWS account and another AWS account and I'd like to scrape metrics of the different interfaces that I want to monitor. Was trying to follow this guide and got about 99% of it completed except there's probably a misconfig somewhere in my process to be able to run snmp_exporter. Both servers are on the same VPC.

Host operating system:

prometheus EC2 - ubuntu 22.04 pfsense EC2 - ubuntu 22.04

snmp_exporter version: output of snmp_exporter -version

v0.18.0

What did you do that produced an error?

curl http://<interface-ip>:9116/snmp?module=pfsense\&target=<interface-ip> curl: (28) Failed to connect to <interface-ip> port 9116 after 134523 ms: Connection timed out

What did you expect to see?

interface metrics flowing into snmp_exporter and querying with PromQL

What did you see instead?

prometheus and pfsense are both privately hosted. Able to ping the pfsense server from prometheus. Able to run snmpwalk -v 1 -c <my-secure-string> <interface-ip> and get metrics immediately. Able to generate a new snmp.yml through the generator util and adding in the MIB files from the pfsense box.

snmp_exporter is running as a daemon service on prometheus and looks like:

[Unit]
Description=SNMP Exporter
[After=network-online.target](http://after=network-online.target/)

[Service]
User=prometheus
Group=prometheus
Restart=on-failure
RestartSec=10
ExecStart=/etc/snmp_exporter/snmp_exporter --config.file=/etc/snmp_exporter/snmp.yml

[Install]
[WantedBy=multi-user.target](http://wantedby=multi-user.target/)

snmp.yaml looks like this with the walk OIDs and metrics metadata generated successfully:

auths:
  public_v1:
  community: <my-secure-string>
  security_level: noAuthNoPriv
  auth_protocol: MD5
  priv_protocol: DES
  version: 1

modules:
  pfsense:
    walk:
        ...

prometheus.yml file pfsense section looks like this:

- job_name: 'snmp_pfsense'
      static_configs:
      - targets:
            - '<interface-ip>'
      metrics_path: '/snmp'
      params:
          module: ['pfsense']
          relabel_configs:
               - source_labels: [__address__]
                 target_label: __param_target
               - source_labels: [__param_target]
                 target_label: instance
               - target_label: __address__
                 replacement: <interface-ip>:9116

prometheus UI looks like this - what am i missing?? Screenshot 2024-09-30 145102

pfsense firewall page looks like this - using 'Any' as the source to validate before I slim it down: Screenshot 2024-09-30 144933

bastischubert commented 1 month ago

are you able to curl the endpoint locally from the pfsense (curl localhost:9116) ?