PF Input Plugin
This plugin gathers information from the FreeBSD or OpenBSD pf firewall like
the number of current entries in the table, counters for the number of searches,
inserts, and removals to tables using the pfctl command.
This plugin requires the pfctl binary to be executable by Telegraf. It
requires read access to the device file /dev/pf.
Introduced in: Telegraf v1.5.0 Tags: system, network OS support: freebsd
Global configuration options
Plugins support additional global and plugin configuration settings for tasks such as modifying metrics, tags, and fields, creating aliases, and configuring plugin ordering. See CONFIGURATION.md for more details.
Configuration
# Gather counters from PF
[[inputs.pf]]
## PF require root access on most systems.
## Setting 'use_sudo' to true will make use of sudo to run pfctl.
## Users must configure sudo to allow telegraf user to run pfctl with no password.
## pfctl can be restricted to only list command "pfctl -s info".
use_sudo = falsePermissions
You have several options to grant Telegraf the permissions to run pfctl:
- Run telegraf as root. This is strongly discouraged.
- Change the ownership and permissions for
/dev/pfto allow being read by the Telegraf user. This is discouraged. - Configure sudo to allow running
pfctlas root by the Telegraf user. This is the most restrictive option, but require sudo setup. - Add the Telegraf user to the
proxygroup as/dev/pf.
For the sudo option you may add the following to the sudo configuration:
telegraf ALL=(root) NOPASSWD: /sbin/pfctl -s infoMetrics
- pf
- entries (integer, count)
- searches (integer, count)
- inserts (integer, count)
- removals (integer, count)
- match (integer, count)
- bad-offset (integer, count)
- fragment (integer, count)
- short (integer, count)
- normalize (integer, count)
- memory (integer, count)
- bad-timestamp (integer, count)
- congestion (integer, count)
- ip-option (integer, count)
- proto-cksum (integer, count)
- state-mismatch (integer, count)
- state-insert (integer, count)
- state-limit (integer, count)
- src-limit (integer, count)
- synproxy (integer, count)
Example Output
> pfctl -s info
Status: Enabled for 0 days 00:26:05 Debug: Urgent
State Table Total Rate
current entries 2
searches 11325 7.2/s
inserts 5 0.0/s
removals 3 0.0/s
Counters
match 11226 7.2/s
bad-offset 0 0.0/s
fragment 0 0.0/s
short 0 0.0/s
normalize 0 0.0/s
memory 0 0.0/s
bad-timestamp 0 0.0/s
congestion 0 0.0/s
ip-option 0 0.0/s
proto-cksum 0 0.0/s
state-mismatch 0 0.0/s
state-insert 0 0.0/s
state-limit 0 0.0/s
src-limit 0 0.0/s
synproxy 0 0.0/spf,host=columbia entries=3i,searches=2668i,inserts=12i,removals=9i 1510941775000000000Was this page helpful?
Thank you for your feedback!
Support and feedback
Thank you for being part of our community! We welcome and encourage your feedback and bug reports for Telegraf and this documentation. To find support, use the following resources:
Customers with an annual or support contract can contact InfluxData Support.