Dans cet exemple, 2 graphiques différents:
- le type de requête sur les 5 dernières minutes
- le type de réponse sur les 5 dernières minutes (très très gourmand en ressources, voir plus bas)
Ces scripts sont de manière générale assez gourmands en ressources. Il est donc prudent de les combiner avec une rotation efficace des logs de Pi-Hole.
Pour le type de requête:
nano /usr/share/munin/plugins/dnsmasq_types#!/bin/bash
log=$(echo -n "/var/log/pihole.log")
time=$(date -d "5 minutes ago" "+%b %e %H:%M")
query=$(grep -waE " query| dnssec-query" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
forwarded=$(grep -wa " forwarded" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
blocked=$(grep -wa "0\.0\.0\.0" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
cached=$(grep -wa " cached" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
local=$(grep -waE " config| /etc/hosts" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
if [ "$1" = "config" ]; then
echo "graph_title DNS Resolutions"
echo "graph_args --base 1000 -A -Y"
echo "graph_category network"
echo "graph_scale no"
echo "blocked.label Blocked"
echo "cached.label Cached"
echo "local.label Local"
echo "forwarded.label Forwarded"
echo "query.label Queries (~total)"
exit 0
fi
echo "cached.value ${cached}"
echo "local.value ${local}"
echo "blocked.value ${blocked}"
echo "query.value ${query}"
echo "forwarded.value ${forwarded}"
Pour le type de réponse:
nano /usr/share/munin/plugins/dnsmasq_queries#!/bin/bash
log=$(echo -n "/var/log/pihole.log")
time=$(date -d "5 minutes ago" "+%b %e %H:%M")
q_a=$(grep -wa "A" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
q_aaaa=$(grep -wa "AAAA" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
q_any=$(grep -wa "ANY" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
q_cname=$(grep -wa "CNAME" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
q_mx=$(grep -wa "MX" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
q_ns=$(grep -wa "NS" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
q_nxdomain=$(grep -wa "NXDOMAIN" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
q_ptr=$(grep -wa "PTR" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
q_sig=$(grep -wa "SIG" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
q_soa=$(grep -wa "SOA" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
q_srv=$(grep -wa "SRV" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
q_txt=$(grep -wa "TXT" ${log} | sed -ne "/^${time}/,\$p" | wc -l)
if [ "$1" = "config" ]; then
echo "graph_title DNS Lookup Types"
echo "graph_args --base 1000 -A -Y"
echo "graph_category network"
echo "graph_scale no"
echo "graph_total Total Records"
echo "q_a.label A"
echo "q_aaaa.label AAAA"
echo "q_any.label ANY"
echo "q_cname.label CNAME"
echo "q_mx.label MX"
echo "q_ns.label NS"
echo "q_nxdomain.label NXDOMAIN"
echo "q_ptr.label PTR"
echo "q_sig.label SIG"
echo "q_soa.label SOA"
echo "q_srv.label SRV"
echo "q_txt.label TXT"
exit 0
fi
echo "q_a.value ${q_a}"
echo "q_aaaa.value ${q_aaaa}"
echo "q_any.value ${q_any}"
echo "q_cname.value ${q_cname}"
echo "q_mx.value ${q_mx}"
echo "q_ns.value ${q_ns}"
echo "q_nxdomain.value ${q_nxdomain}"
echo "q_ptr.value ${q_ptr}"
echo "q_sig.value ${q_sig}"
echo "q_soa.value ${q_soa}"
echo "q_srv.value ${q_srv}"
echo "q_txt.value ${q_txt}"Veiller à ce que les droits soient corrects:
chmod +x /usr/share/munin/plugins/dnsmasq_*
Créer les liens pour activer les 2 plugins dans munin-node:
ln -s /usr/share/munin/plugins/dnsmasq_queries /etc/munin/plugins/dnsmasq_queries
ln -s /usr/share/munin/plugins/dnsmasq_types /etc/munin/plugins/dnsmasq_types
Ajouter une section [dnsmasq*] dans munin-node:
[dnsmasq*]
user root
env.logfile /var/log/pihole.log
Redémarrer munin-node et attendre 5 minutes avant que la section « Network » de la WebUI Munin affiche les graphiques:
service munin-node restart
Attention, le script inventoriant le type de réponses peut finir par disparaitre des graphs Munin car trop gourmand en ressources. En parallèle, le CPU usage va tourner à 50% (pi type A)… Cela se produit avec l’augmentation de la taille du log pihole.log, même avec un logrotate daily. Mais Pi-Hole et Munin peuvent s’exécuter dans d’autres environnements!
Sources: