diff mbox series

zabbix_agentd: Add support for kresd metrics

Message ID 20260618180341.35720-2-robin.roevens@disroot.org
State New
Headers
Series zabbix_agentd: Add support for kresd metrics |

Commit Message

Robin Roevens 18 Jun 2026, 5:58 p.m. UTC 
Add new UserParameter ipfire.kresd.stats.get for retrieval of kresd metrics using curl over unix-sockert.
Add curl command to sudoers for Zabbix agent to be able to access the unix-socket.

Signed-off-by: Robin Roevens <robin.roevens@disroot.org>
---
 config/zabbix_agentd/sudoers                   | 1 +
 config/zabbix_agentd/userparameter_ipfire.conf | 3 +++
 2 files changed, 4 insertions(+)
diff mbox series

Patch

diff --git a/config/zabbix_agentd/sudoers b/config/zabbix_agentd/sudoers
index 50a9e69de..13edfcce9 100644
--- a/config/zabbix_agentd/sudoers
+++ b/config/zabbix_agentd/sudoers
@@ -12,3 +12,4 @@  zabbix ALL=(ALL) NOPASSWD: /opt/pakfire/pakfire status, /usr/sbin/fping, /usr/sb
 zabbix ALL=(ALL) NOPASSWD: /usr/local/bin/openvpnctrl rw log, /usr/local/bin/wireguardctrl dump
 zabbix ALL=(ALL) NOPASSWD: /var/ipfire/zabbix_agentd/scripts/ipfire_certificate_detail.sh
 zabbix ALL=(ALL) NOPASSWD: /var/ipfire/zabbix_agentd/scripts/ipfire_services.pl
+zabbix ALL=(ALL) NOPASSWD: /usr/bin/curl -s --unix-socket /var/run/knot-resolver/kres-api.sock http\://localhost/metrics/json
diff --git a/config/zabbix_agentd/userparameter_ipfire.conf b/config/zabbix_agentd/userparameter_ipfire.conf
index e88c20298..a91e305a3 100644
--- a/config/zabbix_agentd/userparameter_ipfire.conf
+++ b/config/zabbix_agentd/userparameter_ipfire.conf
@@ -10,9 +10,12 @@  UserParameter=ipfire.captive.clients,awk -F ',' 'length($2) == 17 {sum += 1} END
 UserParameter=ipfire.services.get,sudo /var/ipfire/zabbix_agentd/scripts/ipfire_services.pl
 # IPS throughput bypassed/scanned/whitelisted in bytes/type (JSON)
 UserParameter=ipfire.ips.throughput.get,sudo /usr/local/bin/getipstat -xm | awk 'BEGIN{ORS="";print "{"}/Chain IPS/{f=1}/BYPASSED/&&f{printf "\"bypassed\":%s",$2}/SCANNED/&&f{printf ",\"scanned\":%s",$2}/WHITELISTED/&&f{printf ",\"whitelisted\":%s",$2}/^$/{f=0}END{print "}"}'
+# Knot DNS resolver statistics 
+UserParameter=ipfire.kresd.stats.get,sudo /usr/bin/curl -s --unix-socket /var/run/knot-resolver/kres-api.sock http://localhost/metrics/json
 # Addon: Guardian: Number of currently blocked IP's
 UserParameter=ipfire.guardian.blocked.count,sudo /usr/local/bin/getipstat | awk 'BEGIN{ORS="";c=0}/Chain GUARDIAN/{f=1}/DROP/&&f{c++}/^$/{f=0}END{print c}'
 #
 # Allow item key to be called with (unused) parameters. This allows the #SINGLETON method of discovering this item only when specific service is active
 Alias=ipfire.ips.throughput.get[]:ipfire.ips.throughput.get
+Alias=ipfire.kresd.stats.get[]:ipfire.kresd.stats.get
 Alias=ipfire.guardian.blocked.count[]:ipfire.guardian.blocked.count
\ No newline at end of file