To get metrics from your FortiGate in Grafana using Telegraf and InfluxDB. Enable SNMP on your FortiGate Put the following telegraf config in your /etc/telegraf/telegraf.d directory Edit the the agent IP and community string as appropriate # # Retrieves SNMP values from remote agents [[inputs.snmp]] agents = [ "192.168.1.1:161" ] timeout = "10s" retries = 3 version = 2 community = "monitoring" # ## SNMPv3 auth parameters sec_name = "sec_name" auth_protocol = "SHA" # Values: "MD5", "SHA", "" auth_password = "auth_pass" sec_level = "authPriv" # Values: "noAuthNoPriv", "authNoPriv", "authPriv" # #context_name = "" priv_protocol = "AES" # Values: "DES", "AES", "" priv_password = "priv_pass" name = "FortiGate" [[inputs.snmp.field]] name = "hostname" oid = "SNMPv2-MIB::sysName.0" [[inputs.snmp.field]] name = "sysLocation" oid = "SNMPv2-MIB::sysLocation.0" [[inputs.snmp.field]] name = "uptime" oid = "DISMAN-EXPRESSION-MIB::sysUpTimeInstance.0" [[inputs.snmp.field]] name = "fnSysSerial" oid = "FORTINET-CORE-MIB::fnSysSerial.0" [[inputs.snmp.field]] name = "fgSysVersion" oid = "FORTINET-FORTIGATE-MIB::fgSysVersion.0" [[inputs.snmp.field]] name = "fgSysUpTime" oid = "FORTINET-FORTIGATE-MIB::fgSysUpTime.0" [[inputs.snmp.field]] name = "fgSysMemUsage" oid = "FORTINET-FORTIGATE-MIB::fgSysMemUsage.0" [[inputs.snmp.field]] name = "fgSysCpuUsage" oid = "FORTINET-FORTIGATE-MIB::fgSysCpuUsage.0" [[inputs.snmp.field]] name = "fgSysMemCapacity" oid = "FORTINET-FORTIGATE-MIB::fgSysMemCapacity.0" [[inputs.snmp.field]] name = "fgSysDiskUsage" oid = "FORTINET-FORTIGATE-MIB::fgSysDiskUsage.0" [[inputs.snmp.field]] name = "fgSysDiskCapacity" oid = "FORTINET-FORTIGATE-MIB::fgSysDiskCapacity.0" [[inputs.snmp.field]] name = "fgSysSesCount" oid = "FORTINET-FORTIGATE-MIB::fgSysSesCount.0" [[inputs.snmp.field]] name = "fgSysLowMemUsage" oid = "FORTINET-FORTIGATE-MIB::fgSysLowMemUsage.0" [[inputs.snmp.field]] name = "fgSysLowMemCapacity" oid = "FORTINET-FORTIGATE-MIB::fgSysLowMemCapacity.0" # IF-MIB::ifXTable contains newer High Capacity (HC) counters that do not overflow as fast for a few of the ifTable counters [[inputs.snmp.table]] name = "FortiGate-interface" # Interface tag - used to identify interface in metrics database [[inputs.snmp.table.field]] name = "ifName" oid = "IF-MIB::ifName" is_tag = true [[inputs.snmp.table.field]] name = "ifHCOutOctets" oid = "IF-MIB::ifHCOutOctets" [[inputs.snmp.table.field]] name = "ifHCInOctets" oid = "IF-MIB::ifHCInOctets" #FORTINET-FORTIGATE-MIB::fgVdTable [[inputs.snmp.table]] name = "FORTINET-FORTIGATE-MIB::fgVdTable" inherit_tags = [ "hostname" ] oid = "FORTINET-FORTIGATE-MIB::fgVdTable" #FORTINET-FORTIGATE-MIB::fgVdEntName [[inputs.snmp.table.field]] name = "fgVdEntName" oid = "FORTINET-FORTIGATE-MIB::fgVdEntName" is_tag = true #VPN [[inputs.snmp.table]] ## measurement name name = "fgVpnTun" [[inputs.snmp.table.field]] name = "fgVpnTunEntPhase1Name" oid = "FORTINET-FORTIGATE-MIB::fgVpnTunEntPhase1Name" is_tag = true [[inputs.snmp.table.field]] name = "fgVpnTunEntPhase2Name" oid = "FORTINET-FORTIGATE-MIB::fgVpnTunEntPhase2Name" is_tag = true [[inputs.snmp.table.field]] name = "fgVpnTunEntInOctets" oid = "FORTINET-FORTIGATE-MIB::fgVpnTunEntInOctets" [[inputs.snmp.table.field]] name = "fgVpnTunEntOutOctets" oid = "FORTINET-FORTIGATE-MIB::fgVpnTunEntOutOctets" [[inputs.snmp.table.field]] name = "fgVpnTunEntStatus" oid = "FORTINET-FORTIGATE-MIB::fgVpnTunEntStatus" #HA [[inputs.snmp.table]] ## measurement name name = "fgHaStats" [[inputs.snmp.table.field]] name = "fgHaStatsHostname" oid = "FORTINET-FORTIGATE-MIB::fgHaStatsHostname" is_tag = true [[inputs.snmp.table.field]] name = "fgHaStatsSyncStatus" oid = "FORTINET-FORTIGATE-MIB::fgHaStatsSyncStatus" [[inputs.snmp.table.field]] name = "fgHaStatsCpuUsage" oid = "FORTINET-FORTIGATE-MIB::fgHaStatsCpuUsage" [[inputs.snmp.table.field]] name = "fgHaStatsSerial" oid = "FORTINET-FORTIGATE-MIB::fgHaStatsSerial" [[inputs.snmp.table.field]] name = "fgHaStatsMemUsage" oid = "FORTINET-FORTIGATE-MIB::fgHaStatsMemUsage" [[inputs.snmp.table.field]] name = "fgHaStatsNetUsage" oid = "FORTINET-FORTIGATE-MIB::fgHaStatsNetUsage" [[inputs.snmp.table.field]] name = "fgHaStatsSesCount" oid = "FORTINET-FORTIGATE-MIB::fgHaStatsSesCount" [[inputs.snmp.table.field]] name = "fgHaStatsPktCount" oid = "FORTINET-FORTIGATE-MIB::fgHaStatsPktCount" [[inputs.snmp.table.field]] name = "fgHaStatsByteCount" oid = "FORTINET-FORTIGATE-MIB::fgHaStatsByteCount" [[inputs.snmp.table.field]] name = "fgHaStatsIdsCount" oid = "FORTINET-FORTIGATE-MIB::fgHaStatsIdsCount" [[inputs.snmp.table.field]] name = "fgHaStatsAvCount" oid = "FORTINET-FORTIGATE-MIB::fgHaStatsAvCount"

Today I passed the Red Hat RHCSA exam with the maximum 300/300 100% score! 😁 I had a good feeling during the exam, and after about an hour I got the following email from Red Hat. The results of your recent EX200 Red Hat Certified System Administrator Exam are reported below. Passing score: 210 Your score: 300 Result: PASS Congratulations -- you have earned the Red Hat Certified System Administrator certification. Performance on exam objectives: OBJECTIVE: SCORE Understand and use essential tools: 100% Operate running systems: 100% Configure local storage: 100% Create and configure file systems: 100% Deploy, configure and maintain systems: 100% Manage users and groups: 100% Manage security: 100% How I did this? I toke first the RHCSA Rapid Track 4 day course from Red Hat. After that I studied for about 20 hours, doing a lot of labs and using the following resources from Sander van Vugt. But that alone is not really enough, you should also have at least a couple of year experience with Linux and feel comfortable on the command line. ...

I am a big fan of LXD and lot of my ‘home infra’ and VPS’s are all running LXD container. Also I am using LXD at work to create test setup for al sorts of Linux OS’s and applications. Most “free” Linux OS’s are already in the LXD image repository. But sometime’s I need a non free Linux OS. Such as SUSE Linux Enterprise Server, or SLES for short. Off-course I can run this in a VPS just by installing it from an ISO. But this takes too long and uses too much resources. ...

In this post I will show how I use GitLab CICD with Ansible. I’ll show the pipelines and how the merge requests are handled for full control and auditing. GitLab flow The GitLab flow is as following, you have one or more dev/working branches. To push code to the staging environment you do this via an merge request in GitLab, en to get this code in to production. Again via a merge request from the master branch to the production branch. This way we have automation but also control and auditing via merge request. ...

A couple of weeks ago I gave myself a 3d print for a present. 😝 I opted for a Creality Ender 3 pro and order it from Ali Express. With the first print I was amazed how good the quality now is on these budget printers. My last experience with 3d printing was about 10 years ago and the quality was quite different then on budget printers. So I am quite happy with this printer. ...

In this post I show a few of my tip’s for using Varnish for caching and Ghost together. Don’t cache everything Caching is good, but we don’t want to cache everything in ghost, we don’t want to cache the admin and preview pages in ghost. Add the following in the sub vcl_recv part. # Did not cache the admin and preview pages if (req.url ~ "/(admin|p|ghost)/") { return (pass); } restart Varnish to activate the changes. ...

In my previous post I showed how to install ZeroTier on the EdgeRouter, after installing we need to rename the ZeroTier interface to ethx interface to show up in EdgeOS. ZeroTier on a Ubiquiti EdgeRouter With the new EdgeOS version 2 firmware for the EdgeRouter it is now possible to install ZeroTier on this router. Dennis Kruyt Kruyt.org Now I adopted EdgeOS (which is basically VyOS/Vyatta running on the EdgeRouter) to support ZeroTier from the native CLI with tab completion. ...

At my work in the past I needed to trouble shoot and tune MySQL installations. Here are some best practises I have used.

Some option in Linux that can be used for disk related performance tuning.

I’ve been trying to receive an email from Instagram, but it wasn’t coming through. Upon inspecting my mail logs, I encountered the following log message: Sep 13 03:50:51 mailserver postfix/smtpd[28105]: NOQUEUE: reject: RCPT from 66-220-155-156.mail-mail.facebook.com[66.220.155.156]: 550 5.7.1 <[email protected]>: Recipient address rejected: Message rejected due to: domain owner discourages use of this host. Please see http://www.openspf.net/Why?s=helo;id=mx-out.facebook.com;ip=66.220.155.156;[email protected]; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mx-out.facebook.com> This indicates that the email failed due to SPF (Sender Policy Framework) checks. SPF allows email domains to specify which mail hosts are authorized to send emails on their behalf, using the SMTP HELO and MAIL FROM commands. ...