{"id":6977,"date":"2020-09-22T23:25:04","date_gmt":"2020-09-22T20:25:04","guid":{"rendered":"https:\/\/kifarunix.com\/?p=6977"},"modified":"2024-03-14T22:53:21","modified_gmt":"2024-03-14T19:53:21","slug":"monitor-openvpn-connections-with-prometheus-and-grafana","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/monitor-openvpn-connections-with-prometheus-and-grafana\/","title":{"rendered":"Monitor OpenVPN Connections with Prometheus and Grafana"},"content":{"rendered":"\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1900\" height=\"629\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2020\/09\/openvpn-connections-grafana-dashboards.png\" alt=\"Monitor OpenVPN Connections with Prometheus and Grafana\" class=\"wp-image-6984\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2020\/09\/openvpn-connections-grafana-dashboards.png?v=1600805614 1900w, https:\/\/kifarunix.com\/wp-content\/uploads\/2020\/09\/openvpn-connections-grafana-dashboards-768x254.png?v=1600805614 768w, https:\/\/kifarunix.com\/wp-content\/uploads\/2020\/09\/openvpn-connections-grafana-dashboards-1536x508.png?v=1600805614 1536w\" sizes=\"(max-width: 1900px) 100vw, 1900px\" \/><\/figure>\n\n\n\n<p>Welcome to our tutorial on how to monitor OpenVPN connections with Prometheus and Grafana. <a href=\"https:\/\/grafana.com\/docs\/\" target=\"_blank\" rel=\"noreferrer noopener\">Grafana<\/a>&nbsp;is a data visualization and monitoring tool and supports time series datastores such as Graphite, InfluxDB, Prometheus, Elasticsearch. <a href=\"https:\/\/github.com\/prometheus\" target=\"_blank\" rel=\"noreferrer noopener\">Prometheus<\/a> on the other hand is an open-source systems and service monitoring tool. It collects metrics from configured targets via HTTP calls at given intervals, evaluates rule expressions, displays the results, and can trigger alerts if some conditions are met. Grafana can be used to achieve better visualization of the metrics collected by the Prometheus. In this setup, however, we will learn how to collect OpenVPN connection metrics using Prometheus and visualize then on Grafana.<\/p>\n\n\n\n<div class=\"wp-block-rank-math-toc-block\" id=\"rank-math-toc\"><h2>Table of Contents<\/h2><nav><ul><li><a href=\"#monitoring-open-vpn-connections-with-prometheus-and-grafana\">Monitoring OpenVPN Connections with Prometheus and Grafana<\/a><ul><li><a href=\"#install-prometheus-on-linux\">Install Prometheus on Linux<\/a><\/li><li><a href=\"#install-grafana-on-linux\">Install Grafana on Linux<\/a><\/li><li><a href=\"#integrating-grafana-with-prometheus\">Integrating Grafana with Prometheus<\/a><\/li><li><a href=\"#install-and-setup-open-vpn-server\">Install and Setup OpenVPN Server<\/a><\/li><li><a href=\"#install-open-vpn-prometheus-node-exporter-on-the-open-vpn-server\">Install OpenVPN Prometheus Node Exporter on the OpenVPN Server<\/a><ul><li><a href=\"#install-go\">Install Go<\/a><\/li><li><a href=\"#download-open-vpn-exporter\">Download OpenVPN Exporter<\/a><\/li><li><a href=\"#install-open-vpn-exporter\">Install OpenVPN Exporter<\/a><\/li><li><a href=\"#run-open-vpn-exporter-in-standalone-mode\">Run OpenVPN Exporter in Standalone mode<\/a><\/li><li><a href=\"#running-open-vpn-exporter-as-a-service\">Running OpenVPN Exporter as a Service<\/a><\/li><\/ul><\/li><li><a href=\"#configure-prometheus-to-scrape-open-vpn-metrics\">Configure Prometheus to Scrape OpenVPN metrics;<\/a><\/li><li><a href=\"#verify-prometheus-open-vpn-exporter-target\">Verify Prometheus OpenVPN Exporter Target<\/a><\/li><li><a href=\"#monitoring-open-vpn-connections\">Monitoring OpenVPN Connections<\/a><ul><li><a href=\"#create-open-vpn-node-exporter-visualization-on-grafana\">Create OpenVPN Node Exporter Visualization on Grafana<\/a><\/li><\/ul><\/li><li><a href=\"#other-related-tutorials\">Other Related Tutorials<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"monitoring-open-vpn-connections-with-prometheus-and-grafana\">Monitoring OpenVPN Connections with Prometheus and Grafana<\/h2>\n\n\n\n<p>In this tutorial, we are using an Ubuntu 20.04 systems for demo labs. Feel free to use other OSes.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"install-prometheus-on-linux\">Install Prometheus on Linux<\/h3>\n\n\n\n<p>We have covered the installation of Prometheus on various Linux distros. Check the link below;<\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/?s=install+prometheus\" target=\"_blank\" rel=\"noreferrer noopener\">How to install Prometheus on Linux<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"install-grafana-on-linux\">Install Grafana on Linux<\/h3>\n\n\n\n<p>Follow the link below to install Grafana on Ubuntu 20.04;<\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/?s=install+grafana\" target=\"_blank\" rel=\"noreferrer noopener\">Installing Grafana on Linux<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"integrating-grafana-with-prometheus\"><a href=\"#integrating-grafana-with-prometheus\">Integrating Grafana with Prometheus<\/a><\/h3>\n\n\n\n<p>Once both Grafana and Prometheus are in place, you can then configure Grafana to fetch the metrics from Prometheus.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">systemctl status grafana-server<\/pre>\n\n\n\n<pre class=\"scroll-box\"><code>\u25cf grafana-server.service - Grafana instance\n     Loaded: loaded (\/lib\/systemd\/system\/grafana-server.service; enabled; preset: enabled)\n     Active: active (running) since Wed 2023-10-04 12:49:42 EDT; 1h 32min ago\n       Docs: http:\/\/docs.grafana.org\n   Main PID: 7738 (grafana)\n      Tasks: 13 (limit: 2304)\n     Memory: 104.7M\n        CPU: 12.320s\n     CGroup: \/system.slice\/grafana-server.service\n             \u2514\u25007738 \/usr\/share\/grafana\/bin\/grafana server --config=\/etc\/grafana\/grafana.ini --pidfile=\/run\/grafana\/grafana-server.pid --packaging=deb cfg:default.paths.logs=\/var\/log\/grafana cfg:default.paths.da>\n\nOct 04 13:53:38 debian grafana[7738]: logger=infra.usagestats t=2023-10-04T13:53:38.916154214-04:00 level=info msg=\"Usage stats are ready to report\"\nOct 04 14:02:04 debian grafana[7738]: logger=cleanup t=2023-10-04T14:02:04.896372831-04:00 level=info msg=\"Completed cleanup jobs\" duration=4.398529ms\nOct 04 14:02:05 debian grafana[7738]: logger=plugins.update.checker t=2023-10-04T14:02:05.88565459-04:00 level=info msg=\"Update check succeeded\" duration=50.850455ms\nOct 04 14:02:05 debian grafana[7738]: logger=grafana.update.checker t=2023-10-04T14:02:05.902361256-04:00 level=info msg=\"Update check succeeded\" duration=85.026378ms\nOct 04 14:12:04 debian grafana[7738]: logger=cleanup t=2023-10-04T14:12:04.896987922-04:00 level=info msg=\"Completed cleanup jobs\" duration=5.046391ms\nOct 04 14:12:05 debian grafana[7738]: logger=plugins.update.checker t=2023-10-04T14:12:05.875549982-04:00 level=info msg=\"Update check succeeded\" duration=40.340424ms\nOct 04 14:12:05 debian grafana[7738]: logger=grafana.update.checker t=2023-10-04T14:12:05.944168833-04:00 level=info msg=\"Update check succeeded\" duration=127.7065ms\nOct 04 14:22:04 debian grafana[7738]: logger=cleanup t=2023-10-04T14:22:04.897011702-04:00 level=info msg=\"Completed cleanup jobs\" duration=5.058188ms\nOct 04 14:22:05 debian grafana[7738]: logger=plugins.update.checker t=2023-10-04T14:22:05.890626668-04:00 level=info msg=\"Update check succeeded\" duration=54.886718ms\nOct 04 14:22:06 debian grafana[7738]: logger=grafana.update.checker t=2023-10-04T14:22:06.056406747-04:00 level=info msg=\"Update check succeeded\" duration=239.460727ms\n<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\">systemctl status prometheus<\/pre>\n\n\n\n<pre class=\"scroll-box\"><code>\u25cf prometheus.service - Prometheus Time Series Collection and Processing Server\n     Loaded: loaded (\/etc\/systemd\/system\/prometheus.service; enabled; preset: enabled)\n     Active: active (running) since Wed 2023-10-04 01:00:45 EDT; 13h ago\n   Main PID: 3799 (prometheus)\n      Tasks: 8 (limit: 2304)\n     Memory: 40.3M\n        CPU: 35.758s\n     CGroup: \/system.slice\/prometheus.service\n             \u2514\u25003799 \/usr\/local\/bin\/prometheus --config.file \/etc\/prometheus\/prometheus.yml --storage.tsdb.path \/var\/lib\/prometheus\/ --web.console.templates=\/etc\/prometheus\/consoles --web.console.libraries=\/etc\/>\n\nOct 04 11:00:31 debian prometheus[3799]: ts=2023-10-04T15:00:31.446Z caller=compact.go:523 level=info component=tsdb msg=\"write block\" mint=1696420814817 maxt=1696428000000 ulid=01HBXK8SG0E5S4VY6QQB9HDCE2 durat>\nOct 04 11:00:31 debian prometheus[3799]: ts=2023-10-04T15:00:31.455Z caller=head.go:1298 level=info component=tsdb msg=\"Head GC completed\" caller=truncateMemory duration=6.076588ms\nOct 04 13:00:31 debian prometheus[3799]: ts=2023-10-04T17:00:31.537Z caller=compact.go:523 level=info component=tsdb msg=\"write block\" mint=1696428014817 maxt=1696435200000 ulid=01HBXT4GR22C4686R8A29QMEB2 durat>\nOct 04 13:00:31 debian prometheus[3799]: ts=2023-10-04T17:00:31.546Z caller=head.go:1298 level=info component=tsdb msg=\"Head GC completed\" caller=truncateMemory duration=5.807451ms\nOct 04 13:00:31 debian prometheus[3799]: ts=2023-10-04T17:00:31.546Z caller=checkpoint.go:100 level=info component=tsdb msg=\"Creating checkpoint\" from_segment=2 to_segment=3 mint=1696435200000\nOct 04 13:00:31 debian prometheus[3799]: ts=2023-10-04T17:00:31.948Z caller=head.go:1266 level=info component=tsdb msg=\"WAL checkpoint complete\" first=2 last=3 duration=401.376996ms\nOct 04 13:00:33 debian prometheus[3799]: ts=2023-10-04T17:00:33.528Z caller=compact.go:464 level=info component=tsdb msg=\"compact blocks\" count=3 mint=1696399214817 maxt=1696420800000 ulid=01HBXT4JTDAED396N41PR>\nOct 04 13:00:33 debian prometheus[3799]: ts=2023-10-04T17:00:33.645Z caller=db.go:1619 level=info component=tsdb msg=\"Deleting obsolete block\" block=01HBXCD285ARQGJY48DC3GZNSY\nOct 04 13:00:33 debian prometheus[3799]: ts=2023-10-04T17:00:33.779Z caller=db.go:1619 level=info component=tsdb msg=\"Deleting obsolete block\" block=01HBWYNKR37MXZNMD2H2CM402X\nOct 04 13:00:33 debian prometheus[3799]: ts=2023-10-04T17:00:33.915Z caller=db.go:1619 level=info component=tsdb msg=\"Deleting obsolete block\" block=01HBX5HB00BYDWY4CV9Y38ESB1\n<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\">ss -altnp | grep -E \":3000|:9090\"<\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>LISTEN 0      4096               *:3000            *:*    users:((\"grafana\",pid=7738,fd=11))\nLISTEN 0      4096               *:9090            *:*    users:((\"prometheus\",pid=3799,fd=7))<\/code><\/pre>\n\n\n\n<p>To integrate Grafana with Prometheus, you need to add Prometheus data source to Grafana.<\/p>\n\n\n\n<p>This can be done by logging into Grafana web interface and navigating to&nbsp;<strong>Connections<\/strong> (under the menu)&nbsp;&gt;&nbsp;<strong>Datasources<\/strong>;<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1469\" height=\"665\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/10\/grafana-data-sources.png\" alt=\"Grafana data source settings\" class=\"wp-image-18935\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/10\/grafana-data-sources.png?v=1696444081 1469w, https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/10\/grafana-data-sources-768x348.png?v=1696444081 768w\" sizes=\"(max-width: 1469px) 100vw, 1469px\" \/><\/figure>\n\n\n\n<p>Click&nbsp;<strong>Add data source<\/strong><\/p>\n\n\n\n<p>You can as well click <strong>Add new connection<\/strong> and select your data source.<\/p>\n\n\n\n<p>From the data source types, select <strong>Prometheus<\/strong>.<\/p>\n\n\n\n<p>This opens up Prometheus datasource configuration page.<\/p>\n\n\n\n<p>Enter the Prometheus server URL. If you are running Grafana and Prometheus on the same server, use the address&nbsp;<strong>http:\/\/localhost:9090<\/strong>&nbsp;otherwise, use the address&nbsp;<strong>http:\/\/&lt;prometheus-server-IP&gt;:9090<\/strong>.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1468\" height=\"800\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2020\/09\/grafana-prometheus-data-source.png\" alt=\"\" class=\"wp-image-18936\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2020\/09\/grafana-prometheus-data-source.png?v=1696444374 1468w, https:\/\/kifarunix.com\/wp-content\/uploads\/2020\/09\/grafana-prometheus-data-source-768x419.png?v=1696444374 768w\" sizes=\"(max-width: 1468px) 100vw, 1468px\" \/><\/figure>\n\n\n\n<p>Scroll down the page and click&nbsp;<strong>Save &amp; Test<\/strong>.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1441\" height=\"711\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/10\/successful-connection-to-data-source.png\" alt=\"\" class=\"wp-image-18937\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/10\/successful-connection-to-data-source.png?v=1696444420 1441w, https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/10\/successful-connection-to-data-source-768x379.png?v=1696444420 768w\" sizes=\"(max-width: 1441px) 100vw, 1441px\" \/><\/figure>\n\n\n\n<p>The integration is now done!<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"install-and-setup-open-vpn-server\">Install and Setup OpenVPN Server<\/h3>\n\n\n\n<p>We have already covered how to install and configure OpenVPN and OpenVPN clients;<\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/?s=install+openvpn+server\" target=\"_blank\" rel=\"noreferrer noopener\">Install and Setup OpenVPN Server on Linux<\/a><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"install-open-vpn-prometheus-node-exporter-on-the-open-vpn-server\">Install OpenVPN Prometheus Node Exporter on the OpenVPN Server<\/h3>\n\n\n\n<p>Next, you need to install OpenVPN node exporter on the OpenVPN Server.<\/p>\n\n\n\n<p>OpenVPN Exporter for Prometheus is an open source project hosted on Github (<em>currently archived<\/em>) Kumina&#8217;s <a href=\"https:\/\/github.com\/kumina\/openvpn_exporter\" target=\"_blank\" rel=\"noreferrer noopener\">openvpn-exporter<\/a> project. All credit goes back to the creators of this exporter.<\/p>\n\n\n\n<p>You can run the exporter as a <a href=\"https:\/\/github.com\/rossigee\/openvpnas-exporter\/releases\" target=\"_blank\" rel=\"noreferrer noopener\">standalone executable binary<\/a>.<\/p>\n\n\n\n<p>In this setup, we run it as standalone executable binary on a server hosting a OpenVPN server.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"install-go\">Install Go<\/h4>\n\n\n\n<p>This exporter is a go-based. Hence, you need to install go on the OpenVPN server.<\/p>\n\n\n\n<p>Download Go tarball for installation from <a href=\"https:\/\/golang.org\/dl\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go download&#8217;s page<\/a>.<\/p>\n\n\n\n<p>Update the value of VER with the current Go version number.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>VER=1.21.1<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\">wget https:\/\/golang.org\/dl\/go${VER}.linux-amd64.tar.gz<\/pre>\n\n\n\n<p>Extract it into \/usr\/local, creating a Go tree in \/usr\/local\/go.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">tar -C \/usr\/local -xzf go${VER}.linux-amd64.tar.gz<\/pre>\n\n\n\n<p>Add \/usr\/local\/go\/bin to the&nbsp;<code>PATH<\/code>&nbsp;environment variable.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">vim \/etc\/environment<\/pre>\n\n\n\n<p>Add or update the PATH line to look like;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">PATH=\"$PATH:\/usr\/local\/go\/bin\"<\/pre>\n\n\n\n<p>Source the file to effect the changes.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">source \/etc\/environment<\/pre>\n\n\n\n<p>Go should now be on your PATH.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>which go<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>\/usr\/local\/go\/bin\/go<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"download-open-vpn-exporter\">Download OpenVPN Exporter<\/h4>\n\n\n\n<p>Download the current OpenVPN node exporter from the&nbsp;<a href=\"https:\/\/github.com\/kumina\/openvpn_exporter\/releases\" target=\"_blank\" rel=\"noreferrer noopener\">Github releases page<\/a>.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">wget https:\/\/github.com\/kumina\/openvpn_exporter\/archive\/v0.3.0.tar.gz<\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"install-open-vpn-exporter\">Install OpenVPN Exporter<\/h4>\n\n\n\n<p>Extract the exporter to binary path.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>tar xzf v0.3.0.tar.gz<\/code><\/pre>\n\n\n\n<p>Next, build the OpenVPN node exporter;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cd openvpn_exporter-0.3.0\/<\/code><\/pre>\n\n\n\n<p>Set the path to OpenVPN server status log file;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>vim main.go<\/code><\/pre>\n\n\n\n<p>Update the path to OpenVPN status log file, <strong>openvpnStatusPaths<\/strong>.<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>...\n\nfunc main() {\n        var (\n                listenAddress      = flag.String(\"web.listen-address\", \":9176\", \"Address to listen on for web interface and telemetry.\")\n                metricsPath        = flag.String(\"web.telemetry-path\", \"\/metrics\", \"Path under which to expose metrics.\")\n                \/\/ openvpnStatusPaths = flag.String(\"openvpn.status_paths\", \"examples\/client.status,examples\/server2.status,examples\/server3.status\", \"Paths at which OpenVPN places its status files.\")\n                openvpnStatusPaths = flag.String(\"openvpn.status_paths\", \"<strong>\/var\/log\/openvpn\/openvpn-status.log<\/strong>\", \"Paths at which OpenVPN places its status files.\")\n...\n<\/code><\/pre>\n\n\n\n<p>Save and exit the file.<\/p>\n\n\n\n<p>Build the exporter now;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>go build -o \/usr\/local\/bin\/openvpn_exporter main.go<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"run-open-vpn-exporter-in-standalone-mode\">Run OpenVPN Exporter in Standalone mode<\/h4>\n\n\n\n<p>You can run OpenVPN exporter in standalone mode;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>openvpn_exporter --help<\/code><\/pre>\n\n\n\n<pre class=\"scroll-sz\"><code>  -ignore.individuals\n    \tIf ignoring metrics for individuals\n  -openvpn.status_paths string\n    \tPaths at which OpenVPN places its status files. (default \"\/var\/log\/openvpn\/openvpn-status.log\")\n  -web.listen-address string\n    \tAddress to listen on for web interface and telemetry. (default \":9176\")\n  -web.telemetry-path string\n    \tPath under which to expose metrics. (default \"\/metrics\")\n<\/code><\/pre>\n\n\n\n<p>You can run in standalone mode as follows;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>openvpn_exporter<\/code><\/pre>\n\n\n\n<p>Sample output;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>2023\/10\/04 15:42:48 Starting OpenVPN Exporter\n2023\/10\/04 15:42:48 Listen address: :9176\n2023\/10\/04 15:42:48 Metrics path: \/metrics\n2023\/10\/04 15:42:48 openvpn.status_path: \/var\/log\/openvpn\/openvpn-status.log\n2023\/10\/04 15:42:48 Ignore Individuals: false<\/code><\/pre>\n\n\n\n<p>By default, the exporter listens on TCP port 9176, hence you need to open this port on firewall to allow external connections. Refer to your respective system firewall program documentation on how to open a port for external connections.<\/p>\n\n\n\n<p>You can press CTRL+C to stop the exporter\/.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"running-open-vpn-exporter-as-a-service\">Running OpenVPN Exporter as a Service<\/h4>\n\n\n\n<p>Create a systemd service for the OpenVPN Prometheus node exporter.<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>\ncat > \/etc\/systemd\/system\/openvpn_exporter.service << 'EOF'\n[Unit]\nDescription=Prometheus OpenVPN Node Exporter\nWants=network-online.target\nAfter=network-online.target\n\n[Service]\nType=simple\nExecStart=\/usr\/local\/bin\/openvpn_exporter\n\n[Install]\nWantedBy=multi-user.target\nEOF\n<\/code><\/pre>\n\n\n\n<p>Reload the systemd manager configuration.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">systemctl daemon-reload<\/pre>\n\n\n\n<p>Start and enable Node Exporter to run on system boot.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">systemctl enable --now openvpn_exporter.service<\/pre>\n\n\n\n<p>Check the status;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">systemctl status openvpn_exporter<\/pre>\n\n\n\n<pre class=\"scroll-box\"><code>\u25cf openvpn_exporter.service - Prometheus OpenVPN Node Exporter\n     Loaded: loaded (\/etc\/systemd\/system\/openvpn_exporter.service; enabled; preset: enabled)\n     Active: active (running) since Wed 2023-10-04 15:43:42 EDT; 6s ago\n   Main PID: 9415 (openvpn_exporte)\n      Tasks: 4 (limit: 2304)\n     Memory: 4.9M\n        CPU: 7ms\n     CGroup: \/system.slice\/openvpn_exporter.service\n             \u2514\u25009415 \/usr\/local\/bin\/openvpn_exporter\n\nOct 04 15:43:42 debian openvpn_exporter[9415]: 2023\/10\/04 15:43:42 Listen address: :9176\nOct 04 15:43:42 debian openvpn_exporter[9415]: 2023\/10\/04 15:43:42 Metrics path: \/metrics\nOct 04 15:43:42 debian openvpn_exporter[9415]: 2023\/10\/04 15:43:42 openvpn.status_path: \/var\/log\/openvpn\/openvpn-status.log\nOct 04 15:43:42 debian openvpn_exporter[9415]: 2023\/10\/04 15:43:42 Ignore Individuals: false\nOct 04 15:43:42 debian systemd[1]: Started openvpn_exporter.service - Prometheus OpenVPN Node Exporter.\n<\/code><\/pre>\n\n\n\n<p>Your OpenVPN connection status should be scrapped automatically.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"configure-prometheus-to-scrape-open-vpn-metrics\">Configure Prometheus to Scrape OpenVPN metrics;<\/h3>\n\n\n\n<p>Configure Prometheus to scrape OpenVPN Node exporter metrics;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">vim \/etc\/prometheus\/prometheus.yml<\/pre>\n\n\n\n<p>Update the config appropriately. See we added Prometheus scrape job for the OpenVPN exporter.<\/p>\n\n\n\n<pre class=\"scroll-box\"><code>...\n  # The job name is added as a label `job=<job_name>` to any timeseries scraped from this config.\n  - job_name: 'prometheus'\n\n    # metrics_path defaults to '\/metrics'\n    # scheme defaults to 'http'.\n\n    static_configs:\n    - targets: ['localhost:9090']\n<strong>  ## Add OpenVPNAS Exporter\n  - job_name: 'openvpn-metrics'\n    scrape_interval: 5s\n    static_configs:\n      - targets: ['192.168.56.125:9176']<\/strong><\/job_name>\n<\/code><\/pre>\n\n\n\n<p>Save and exit the file.<\/p>\n\n\n\n<p>Restart Prometheus;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">systemctl restart prometheus<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"verify-prometheus-open-vpn-exporter-target\">Verify Prometheus OpenVPN Exporter Target<\/h3>\n\n\n\n<p>Check the Prometheus Target, <code><strong>http:\/\/server-IP:9090\/targets<\/strong><\/code>.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1470\" height=\"657\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/10\/openvpn-metrics-node-exporter-target.png\" alt=\"\" class=\"wp-image-18938\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/10\/openvpn-metrics-node-exporter-target.png?v=1696448972 1470w, https:\/\/kifarunix.com\/wp-content\/uploads\/2023\/10\/openvpn-metrics-node-exporter-target-768x343.png?v=1696448972 768w\" sizes=\"(max-width: 1470px) 100vw, 1470px\" \/><\/figure>\n\n\n\n<p>You can click metrics path to view the metrics.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"monitoring-open-vpn-connections\">Monitoring OpenVPN Connections<\/h3>\n\n\n\n<p>Assuming you have already integrated Grafana with Prometheus data source, proceed as follows.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"create-open-vpn-node-exporter-visualization-on-grafana\">Create OpenVPN Node Exporter Visualization on Grafana<\/h4>\n\n\n\n<p>You can create your own visualization dashboards or utilize the community created dashboards.<\/p>\n\n\n\n<p>For example, we use <a href=\"https:\/\/grafana.com\/grafana\/dashboards\/10562\" target=\"_blank\" rel=\"noreferrer noopener\">Grafana OpenVPN node exporter visualization dashboard from the Grafana community<\/a>.<\/p>\n\n\n\n<p>To import this dashboard, navigate to <code><strong>http:\/\/grafana-server-IP:3000\/dashboard\/import<\/strong><\/code>.<\/p>\n\n\n\n<p>Paste the dashboard ID or JSON file, load and import it.<\/p>\n\n\n\n<p>Ensure you also choose <strong>Prometheus<\/strong> as data source.<\/p>\n\n\n\n<p>For instance, we took the the community dashboard from <strong><code><a rel=\"noreferrer noopener\" href=\"https:\/\/grafana.com\/grafana\/dashboards\/10562\" target=\"_blank\">https:\/\/grafana.com\/grafana\/dashboards\/10562<\/a><\/code><\/strong> and modified it to fit our needs.<\/p>\n\n\n\n<p>The dashboard requires pie-chart plugin.<\/p>\n\n\n\n<p>Install Grafana Pie Chart Plugin by executing the command below;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">grafana-cli plugins install grafana-piechart-panel<\/pre>\n\n\n\n<p>Restart Grafana;<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>systemctl restart grafana-server.service<\/code><\/pre>\n\n\n\n<p>After modifying the above dashboard, this is how our simple OpenVPN connections dashboard looks like;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1900\" height=\"629\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2020\/09\/openvpn-connections-grafana-dashboards.png\" alt=\"\" class=\"wp-image-6984\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2020\/09\/openvpn-connections-grafana-dashboards.png?v=1600805614 1900w, https:\/\/kifarunix.com\/wp-content\/uploads\/2020\/09\/openvpn-connections-grafana-dashboards-768x254.png?v=1600805614 768w, https:\/\/kifarunix.com\/wp-content\/uploads\/2020\/09\/openvpn-connections-grafana-dashboards-1536x508.png?v=1600805614 1536w\" sizes=\"(max-width: 1900px) 100vw, 1900px\" \/><\/figure>\n\n\n\n<p>The JSON file for the above dashboard is provided below (modified version of dashboard <strong><code><a href=\"https:\/\/grafana.com\/grafana\/dashboards\/10562\" target=\"_blank\" rel=\"noreferrer noopener\">10562<\/a><\/code><\/strong>, all credit goes back to original author).<\/p>\n\n\n\n<p>You can as well modify it to suit your needs.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"other-related-tutorials\">Other Related Tutorials<\/h3>\n\n\n\n<p><a rel=\"noreferrer noopener\" href=\"https:\/\/kifarunix.com\/install-and-configure-prometheus-on-centos-8\/\" target=\"_blank\">Install and Configure Prometheus on CentOS 8<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/install-and-configure-prometheus-on-fedora-29-fedora-28\/\" target=\"_blank\" rel=\"noreferrer noopener\">Install and Configure Prometheus on Fedora 29\/Fedora 28<\/a><\/p>\n\n\n\n<p><a rel=\"noreferrer noopener\" href=\"https:\/\/kifarunix.com\/install-and-configure-prometheus-on-debian-9\/\" target=\"_blank\">Install and Configure Prometheus on Debian 9<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/monitor-squid-logs-with-grafana-and-graylog\/\" target=\"_blank\" rel=\"noreferrer noopener\">Monitor Squid logs with Grafana and Graylog<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/install-and-setup-tig-stack-on-fedora-30\/\">Install and Setup TIG Stack on Fedora 30<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Welcome to our tutorial on how to monitor OpenVPN connections with Prometheus and Grafana. Grafana&nbsp;is a data visualization and monitoring tool and supports time series<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[121,301,72,294],"tags":[2216,2212,1382,1617,1194,1612,2214,283,2213],"class_list":["post-6977","post","type-post","status-publish","format-standard","hentry","category-howtos","category-grafana","category-monitoring","category-prometheus","tag-grafana-monitoring","tag-grafana-openvpn-connections","tag-install-grafana-centos-8","tag-install-grafana-ubuntu-20-04","tag-install-prometheus-centos-8","tag-install-prometheus-on-ubuntu-20-04","tag-monitor-openvpn-with-prometheus-and-grafana","tag-openvpn","tag-prometheus-openvpn-node-exporter","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50"],"_links":{"self":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/6977"}],"collection":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/comments?post=6977"}],"version-history":[{"count":11,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/6977\/revisions"}],"predecessor-version":[{"id":21508,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/6977\/revisions\/21508"}],"wp:attachment":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media?parent=6977"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/categories?post=6977"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/tags?post=6977"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}