对于大规模实时查询,这不是推荐的配置。为了获得查询和压缩优化、高速摄取和高可用性,您可能需要考虑 LDAP 和 InfluxDB。
50 亿+
Telegraf 下载量
#1
时间序列数据库
来源:DB Engines
10 亿+
InfluxDB 下载量
2,800+
贡献者
目录
强大的性能,无限的扩展能力
收集、组织和处理海量高速数据。当您将任何数据视为时间序列数据时,它都会变得更有价值。使用 InfluxDB,这个排名第一的时间序列平台旨在与 Telegraf 一起扩展。
查看入门方法
输入和输出集成概述
LDAP 插件从 LDAP 服务器(包括 OpenLDAP 和 389 Directory Server)收集监控指标。此插件对于跟踪 LDAP 服务的性能和健康状况至关重要,使管理员能够深入了解其目录操作。
Telegraf Elasticsearch 插件无缝地将指标发送到 Elasticsearch 服务器。该插件处理模板创建和动态索引管理,并支持各种 Elasticsearch 特定的功能,以确保数据格式正确,以便存储和检索。
集成详情
LDAP
此插件从 LDAP 服务器的监控后端收集指标,特别是来自 cn=Monitor 条目的指标。它支持两个著名的 LDAP 实现:OpenLDAP 和 389 Directory Server (389ds)。LDAP 插件专注于收集各种操作指标,使管理员能够实时监控性能、连接状态和服务器健康状况,这对于维护强大的目录服务至关重要。通过允许自定义连接参数和安全配置(例如 TLS 支持),该插件可确保符合安全性和性能的最佳实践。收集的指标有助于识别趋势、优化服务器配置以及与利益干系人执行服务级别协议。
Elasticsearch
此插件将指标写入 Elasticsearch,Elasticsearch 是一种分布式 RESTful 搜索和分析引擎,能够近乎实时地存储大量数据。它旨在处理 Elasticsearch 5.x 到 7.x 版本,并利用其动态模板功能来正确管理数据类型映射。该插件支持高级功能,例如模板管理、动态索引命名以及与 OpenSearch 的集成。它还允许配置 Elasticsearch 节点的身份验证和运行状况监控。
配置
LDAP
[[inputs.ldap]]
## Server to monitor
## The scheme determines the mode to use for connection with
## ldap://... -- unencrypted (non-TLS) connection
## ldaps://... -- TLS connection
## starttls://... -- StartTLS connection
## If no port is given, the default ports, 389 for ldap and starttls and
## 636 for ldaps, are used.
server = "ldap://localhost"
## Server dialect, can be "openldap" or "389ds"
# dialect = "openldap"
# DN and password to bind with
## If bind_dn is empty an anonymous bind is performed.
bind_dn = ""
bind_password = ""
## Reverse the field names constructed from the monitoring DN
# reverse_field_names = false
## Optional TLS Config
## Set to true/false to enforce TLS being enabled/disabled. If not set,
## enable TLS only if any of the other options are specified.
# tls_enable =
## Trusted root certificates for server
# tls_ca = "/path/to/cafile"
## Used for TLS client certificate authentication
# tls_cert = "/path/to/certfile"
## Used for TLS client certificate authentication
# tls_key = "/path/to/keyfile"
## Password for the key file if it is encrypted
# tls_key_pwd = ""
## Send the specified TLS server name via SNI
# tls_server_name = "kubernetes.example.com"
## Minimal TLS version to accept by the client
# tls_min_version = "TLS12"
## List of ciphers to accept, by default all secure ciphers will be accepted
## See https://pkg.go.dev/crypto/tls#pkg-constants for supported values.
## Use "all", "secure" and "insecure" to add all support ciphers, secure
## suites or insecure suites respectively.
# tls_cipher_suites = ["secure"]
## Renegotiation method, "never", "once" or "freely"
# tls_renegotiation_method = "never"
## Use TLS but skip chain & host verification
# insecure_skip_verify = false
Elasticsearch
[[outputs.elasticsearch]]
## The full HTTP endpoint URL for your Elasticsearch instance
## Multiple urls can be specified as part of the same cluster,
## this means that only ONE of the urls will be written to each interval
urls = [ "http://node1.es.example.com:9200" ] # required.
## Elasticsearch client timeout, defaults to "5s" if not set.
timeout = "5s"
## Set to true to ask Elasticsearch a list of all cluster nodes,
## thus it is not necessary to list all nodes in the urls config option
enable_sniffer = false
## Set to true to enable gzip compression
enable_gzip = false
## Set the interval to check if the Elasticsearch nodes are available
## Setting to "0s" will disable the health check (not recommended in production)
health_check_interval = "10s"
## Set the timeout for periodic health checks.
# health_check_timeout = "1s"
## HTTP basic authentication details.
## HTTP basic authentication details
# username = "telegraf"
# password = "mypassword"
## HTTP bearer token authentication details
# auth_bearer_token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"
## Index Config
## The target index for metrics (Elasticsearch will create if it not exists).
## You can use the date specifiers below to create indexes per time frame.
## The metric timestamp will be used to decide the destination index name
# %Y - year (2016)
# %y - last two digits of year (00..99)
# %m - month (01..12)
# %d - day of month (e.g., 01)
# %H - hour (00..23)
# %V - week of the year (ISO week) (01..53)
## Additionally, you can specify a tag name using the notation {{tag_name}}
## which will be used as part of the index name. If the tag does not exist,
## the default tag value will be used.
# index_name = "telegraf-{{host}}-%Y.%m.%d"
# default_tag_value = "none"
index_name = "telegraf-%Y.%m.%d" # required.
## Optional Index Config
## Set to true if Telegraf should use the "create" OpType while indexing
# use_optype_create = false
## Optional TLS Config
# tls_ca = "/etc/telegraf/ca.pem"
# tls_cert = "/etc/telegraf/cert.pem"
# tls_key = "/etc/telegraf/key.pem"
## Use TLS but skip chain & host verification
# insecure_skip_verify = false
## Template Config
## Set to true if you want telegraf to manage its index template.
## If enabled it will create a recommended index template for telegraf indexes
manage_template = true
## The template name used for telegraf indexes
template_name = "telegraf"
## Set to true if you want telegraf to overwrite an existing template
overwrite_template = false
## If set to true a unique ID hash will be sent as sha256(concat(timestamp,measurement,series-hash)) string
## it will enable data resend and update metric points avoiding duplicated metrics with different id's
force_document_id = false
## Specifies the handling of NaN and Inf values.
## This option can have the following values:
## none -- do not modify field-values (default); will produce an error if NaNs or infs are encountered
## drop -- drop fields containing NaNs or infs
## replace -- replace with the value in "float_replacement_value" (default: 0.0)
## NaNs and inf will be replaced with the given number, -inf with the negative of that number
# float_handling = "none"
# float_replacement_value = 0.0
## Pipeline Config
## To use a ingest pipeline, set this to the name of the pipeline you want to use.
# use_pipeline = "my_pipeline"
## Additionally, you can specify a tag name using the notation {{tag_name}}
## which will be used as part of the pipeline name. If the tag does not exist,
## the default pipeline will be used as the pipeline. If no default pipeline is set,
## no pipeline is used for the metric.
# use_pipeline = "{{es_pipeline}}"
# default_pipeline = "my_pipeline"
#
# Custom HTTP headers
# To pass custom HTTP headers please define it in a given below section
# [outputs.elasticsearch.headers]
# "X-Custom-Header" = "custom-value"
## Template Index Settings
## Overrides the template settings.index section with any provided options.
## Defaults provided here in the config
# template_index_settings = {
# refresh_interval = "10s",
# mapping.total_fields.limit = 5000,
# auto_expand_replicas = "0-1",
# codec = "best_compression"
# }
输入和输出集成示例
LDAP
-
监控目录性能:使用 LDAP Telegraf 插件持续跟踪和分析已完成的操作数、已启动的连接数和服务器响应时间。通过可视化随时间变化的数据,管理员可以识别目录服务中的性能瓶颈,从而实现主动优化。
-
安全事件警报:将插件与警报系统集成,以便在某些指标(例如
bind_security_errors或unauth_binds)超过预定义阈值时通知管理员。此设置可以通过提供对潜在未授权访问尝试的实时洞察来增强安全监控。 -
容量规划:利用 LDAP 插件收集的指标执行容量规划。分析连接趋势、使用的最大线程数和操作统计信息,以预测未来的资源需求,确保 LDAP 服务器能够处理预期的峰值负载,而不会降低性能。
-
合规性与审计:使用通过此插件获得的操作指标来协助合规性审计。通过定期检查
anonymous_binds和security_errors等指标,组织可以确保其目录服务符合安全策略和法规要求。
Elasticsearch
-
基于时间的索引:使用此插件将指标存储在 Elasticsearch 中,以根据收集时间为每个指标编制索引。例如,CPU 指标可以存储在名为
telegraf-2023.01.01的每日索引中,从而可以轻松进行基于时间的查询和保留策略。 -
动态模板管理:利用模板管理功能自动创建针对您的指标定制的自定义模板。这使您可以定义如何索引和分析不同的字段,而无需手动配置 Elasticsearch,从而确保查询的最佳数据结构。
-
OpenSearch 兼容性:如果您正在使用 AWS OpenSearch,则可以配置此插件以通过激活兼容模式来无缝工作,从而确保您现有的 Elasticsearch 客户端保持功能,并与较新的集群设置兼容。
反馈
感谢您成为我们社区的一份子!如果您有任何一般性反馈或在这些页面上发现任何错误,我们欢迎并鼓励您提出意见。请在 InfluxDB 社区 Slack 中提交您的反馈。
强大的性能,无限的扩展能力
收集、组织和处理海量高速数据。当您将任何数据视为时间序列数据时,它都会变得更有价值。使用 InfluxDB,这个排名第一的时间序列平台旨在与 Telegraf 一起扩展。
查看入门方法
