Loki conntrack
conntrack
This dashboard uses Loki to display information about the network connections of a gateway.
In the gateway, the following systemd unit has been defined.
vcarceler@cirdan-2204:~$ cat /etc/systemd/system/conntrack-to-journal.service
[Unit]
Description=Send to journal DESTROY events for nat flows
After=network.target
[Service]
Type=simple
# Needs:
#
# echo 1 >/proc/sys/net/netfilter/nf_conntrack_acct
# echo 1 >/proc/sys/net/netfilter/nf_conntrack_timestamp
#
# Increased buffer-size
ExecStart=/bin/sh -c '/usr/sbin/conntrack -E -e DESTROY --buffer-size 21299200 | /usr/bin/sed "s/\[DESTROY\] /\[DESTROY\] prot=/;s/src=/srca=/;s/src=/srcb=/;s/dst=/dsta=/;s/dst=/dstb=/;s/sport=/sporta=/;s/sport=/sportb=/;s/dport=/dporta=/;s/dport=/dportb=/;s/packets=/packetsa=/;s/packets=/packetsb=/;s/bytes=/bytesa=/;s/bytes=/bytesb=/"'
TimeoutSec = 2
Restart = on-failure
RestartSec = 10
[Install]
WantedBy=multi-user.target
vcarceler@cirdan-2204:~$This unit uses conntrack to log a line to the journal every time conntrack closes a connection. We use sed to rename the fields src, dst, sport, dport, … for both flows.
We enable accounting and timestamp in sysctl.conf.
net.netfilter.nf_conntrack_acct = 1
net.netfilter.nf_conntrack_timestamp = 1Data source config
Collector type:
Collector plugins:
Collector config:
Dashboard revisions
Upload an updated version of an exported dashboard.json file from Grafana
| Revision | Decscription | Created | |
|---|---|---|---|
| Download |
Sign up for Grafana Cloud
Get up and running in minutes with the Grafana Cloud free tier, which includes free forever 10k metrics, 50GB logs, 50GB traces, 500 VUh, and more.
Get this dashboard
Data source:
Dependencies: