Strongswan IPSec metrics.

Help
1

Hi,

I’m trying to get a graph going with strongswan metrics.

It is exactly issue #3296 on github, but unfortunately the regex in the sed expression in the code supplied isn’t matching the output from the ipsec statusall command for me at all.

I can run everything but it fails at the first hurdle because nothing matches.

My regex foo isn’t great and after a couple of hours fiddling around trying to make things match I’ve thrown in the towel.

Is there either a working version of this somewhere around that I’m missing, or can I get some help on the matching from someone more skilled that I?

The code in question is

sed -n -e "s|\(.*\){\([0-9]\+\)}:[[:space:]]\+[^,]\+, \([0-9]\+\) bytes_i, \([0-9]\+\) bytes_o, rekeying in \([0-9]\+\) \([[:alpha:]]\+\)$|strongswan_connected_tunnels[\"\2\"]=\"\1\"; strongswan_traffic_in[\"\2\"]=\"\3\"; strongswan_traffic_out[\"\2\"]=\"\4\"; strongswan_rekeying[\"\2\"]=\"\5\"; strongswan_rekeying_units[\"\2\"]=\"\6\"|p"

and I’m trying to match the output

Status of IKE charon daemon (strongSwan 5.6.2, Linux 4.15.0-106-generic, x86_64):
  uptime: 56 days, since Jun 24 14:00:01 2020
  malloc: sbrk 1961984, mmap 0, used 1069856, free 892128
  worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 3
  loaded plugins: charon aesni aes rc2 sha2 sha1 md4 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown eap-mschapv2 xauth-generic counters
Listening IP addresses:
  10.1.10.xx
  103.127.fff.yyy
  172.17.eee.eee
  2404:1ec0::526b:...:0
  172.29.xxx.xxx
Connections:
103.127.ddd.pp:  %any...202.44.78.10  IKEv2, dpddelay=30s
103.127.ddd.aa:   local:  uses pre-shared key authentication
103.127.ddd.aa:   remote: [202.44.000.00] uses pre-shared key authentication
103.127.ddd.aa:   child:  172.17.000.00/32 === 146.178.000.0/24 TUNNEL, dpdaction=restart
103.127.ddd.aaQLD:  %any...202.44.76.10  IKEv2, dpddelay=30s
103.127.ddd.aaQLD:   local:  uses pre-shared key authentication
103.127.ddd.aaQLD:   remote: [202.44.000.00] uses pre-shared key authentication
103.127.ddd.aaQLD:   child:  172.17.000.00/32 === 146.178.000.0/24 TUNNEL, dpdaction=restart
Security Associations (1 up, 0 connecting):
103.127.ddd.aaQLD[243]: ESTABLISHED 7 hours ago, 103.127.000.00[103.127.113.10]...202.000..00.10[202.44.000.00]
103.127.ddd.aaQLD[243]: IKEv2 SPIs: 923c6d67e0058c5b_i* 00f3a8c91ca04c8e_r, rekeying in 5 minutes
103.127.ddd.aaQLD[243]: IKE proposal: AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
103.127.ddd.aaQLD{176}:  INSTALLED, TUNNEL, reqid 1, ESP SPIs: c3914f0f_i 630bbc2d_o
103.127.ddd.aaQLD{176}:  AES_CBC_256/HMAC_SHA2_256_128/MODP_2048, 5743112 bytes_i (27657 pkts, 1s ago), 1180378 bytes_o (19321 pkts, 1s ago), rekeying in 7 hours
103.127.ddd.aaQLD{176}:   172.17.000.00/32 === 146.178.000.00/24

With IP address changed etc.

When I run the chart code, outputting the variables, everything seems to be 0, and as I said, my regex skills are not up to working out why.

Would appreciate any help.

Peter.

2

As I said in the other thread, we are investigating it internally.

Thanks for reporting this. After we fix this, let’s make sure that you have no problems with your charts.

Take care buddy.

3

Yep… the checksum is indeed wrong.
sha256sum netdata-latest.tar.gz gives 30ea5ee82d5a5c6d821d1d01f48523e45744d8f95a95dcb72b450b0e90f27e9c while the sha256sum.txt file has
e4124e3213aa077a25333a359b8235910bcda8cca3c787cbdfb5a2f3cdbac120 *./netdata-latest.tar.gz

Peter.

4

OK, is the nightly build broken? I’ve just uninstalled netdata, then tried to re-install it and I’m getting

curl -q -sSL --connect-timeout 10 --retry 3 --output /tmp/netdata-kickstart-D57JlysXhW/netdata-latest.tar.gz https://storage.googleapis.com/netdata-nightlies/netdata-latest.tar.gz OK

ABORTED Tarball checksum validation failed. Stopping netdata installation and leaving tarball in /tmp/netdata-kickstart-D57JlysXhW

From running the kickstart file.

5

OK, this may be because I upgraded netdata amoungst all of this… I removed the strongswan.chart.sh and restarted netdata, and still have no graphs… sigh.

6

Ughhh… OK, now netdata is totally broken.

It seemed the chart should work. Debug gives

2020-09-09 10:16:50: charts.d: DEBUG: strongswan: loading module: ‘/opt/netdata/usr/libexec/netdata/plugins.d/…/charts.d/strongswan.chart.sh’ 2020-09-09 10:16:50: charts.d: DEBUG: strongswan: loading module configuration: ‘/opt/netdata/usr/lib/netdata/conf.d/charts.d/strongswan.conf’ 2020-09-09 10:16:50: charts.d: DEBUG: strongswan: loading module configuration: ‘/opt/netdata/etc/netdata/charts.d/strongswan.conf’ 2020-09-09 10:16:50: charts.d: ERROR: strongswan: Got the ipsec command OK 2020-09-09 10:16:50: charts.d: DEBUG: strongswan: module ‘strongswan’ activated 2020-09-09 10:16:50: charts.d: DEBUG: main: activated modules: strongswan 2020-09-09 10:16:50: charts.d: DEBUG: main: requested to run only for: ‘strongswan’ 2020-09-09 10:16:50: charts.d: DEBUG: main: activated charts: strongswan 2020-09-09 10:16:50: charts.d: DEBUG: strongswan: calling ‘strongswan_create()’… CHART strongswan.103_127_113_10_net ‘103.127.113.10_net’ “StrongSwan Tunnel 103.127.113.10 Traffic” “kilobits/s” “103.127.113.10” strongswan.net area 90000 5
DIMENSION in ‘’ incremental 8 1000
DIMENSION out ‘’ incremental -8 1000
CHART strongswan.103_127_113_10_rekeyring ‘103.127.113.10_rekeyring’ “strongswan Tunnel 103.127.113.10 Rekeyring” “seconds” “103.127.113.10” strongswan.rekeyring line 90001 5
DIMENSION rekeyring ‘’ absolute 1 1
CHART strongswan.103_127_113_10qld_net ‘103.127.113.10QLD_net’ “StrongSwan Tunnel 103.127.113.10QLD Traffic” “kilobits/s” “103.127.113.10QLD” strongswan.net area 90000 5
DIMENSION in ‘’ incremental 8 1000
DIMENSION out ‘’ incremental -8 1000
CHART strongswan.103_127_113_10qld_rekeyring ‘103.127.113.10QLD_rekeyring’ “strongswan Tunnel 103.127.113.10QLD Rekeyring” “seconds” “103.127.113.10QLD” strongswan.rekeyring line 90001 5
DIMENSION rekeyring ‘’ absolute 1 1
2020-09-09 10:16:50: charts.d: DEBUG: strongswan: ‘strongswan’ initialized.
2020-09-09 10:16:50: charts.d: DEBUG: main: run_charts=’ strongswan’
CHART netdata.plugin_chartsd_strongswan ‘’ ‘Execution time for strongswan plugin’ ‘milliseconds / run’ charts.d netdata.plugin_charts area 145000 5
DIMENSION run_time ‘run time’ absolute 1 1
2020-09-09 10:16:50: charts.d: DEBUG: strongswan: sleeping for 4.862 seconds.
BEGIN strongswan.103_127_113_10_net
SET in = 0
SET out = 0
END
BEGIN strongswan.103_127_113_10_rekeyring
SET rekeyring = 0
END
BEGIN strongswan.103_127_113_10qld_net
SET in = 0
SET out = 0
END
BEGIN strongswan.103_127_113_10qld_rekeyring
SET rekeyring = 0
END
BEGIN netdata.plugin_chartsd_strongswan
SET run_time = 40
END
2020-09-09 10:16:55: charts.d: DEBUG: strongswan: sleeping for 4.952 seconds.
BEGIN strongswan.103_127_113_10_net 5000000
SET in = 0
SET out = 0
END
BEGIN strongswan.103_127_113_10_rekeyring 5000000
SET rekeyring = 0
END
BEGIN strongswan.103_127_113_10qld_net 5000000
SET in = 0
SET out = 0
END

However, netdata is now showing absolutely nothing… empty graphs from top to bottom.

Now what?

7

OK, looks like I was barking up the wrong tree entirely.

I just ran the original sed command (worked out I could just pull it out and run it as is) and it worked as required… sigh… so, back to the drawing board and have a look at where the real problem is :).

Sorry for wasting so much of everone’s time (including mine), and apologies to the original author of the script.

8

No worries, just make sure to keep us posted. I will be genuinely happy if do find the solution and share it back, I will certainly learn a thing or two about regex :medal_military:

9

Thanks @OdysLam, I’ll have a look and see if I can make any progress. I thought I did have the regex right, but it seems it breaks as part of sed (although that’s more than likely because I have no clue). I’ll have a look at the tutorial and see if I can even work out what the original one was meant to be doing.

10

Hey @pnunn,

I think they only way forward to experiment with regex. Here is a cool resource to improve your skills: https://regexone.com/

Keep us posted!

Cheers :slight_smile:

11

Hi @zack. Not pushing, just wondering if you have any more thoughts on this? Anything I can do to help push this forward (other than learning regex better :slight_smile: ).

12

Thanks zack, I’ve tried doing that for a few days :slight_smile: but my regex foo is pretty low. I’ll keep lookiig though. Thanks for the help.

13

Ok, I think it’s most likely the regex. The way I would debug it (I’ll try to have some more in-depth look at this one), is with one of the online regex calculators with some sample input, rather than testing the whole script.

14

I added the line twice, and now the error is ‘no tunnels found’ which I think means the regex is failing.

If its any help, the full code is here

# no need for shebang - this file is loaded from charts.d.plugin

# netdata
# real-time performance and health monitoring, done right!
# (C) 2018 Costa Tsaousis <costa@tsaousis.gr>
# GPL v3+
#
# from github.com/netdata/netdata/issues/3296
# Install  in /usr/libexec/netdata/charts.d/strongswan.chart.sh
# Then sudo su -s /bin/bash netdata
# /usr/libexec/netdata/plugins.d/charts.d.plugin debug 1 strongswan
#
#

# _update_every is a special variable - it holds the number of seconds
# between the calls of the _update() function
strongswan_update_every=1

# the priority is used to sort the charts on the dashboard
# 1 = the first chart
strongswan_priority=90000

# set to 1, to run ipsec with sudo
strongswan_sudo=1

# global variables to store our collected data

# [TUNNELID] = TUNNELNAME
# here we track the *latest* established tunnels
declare -A strongswan_connected_tunnels=()

# [TUNNELID] = VALUE
# here we track values of all established tunnels (not only the latest)
# as detected by: ipsec whack --trafficstatus
declare -A strongswan_traffic_in=()
declare -A strongswan_traffic_out=()
declare -A strongswan_rekeying=()
declare -A strongswan_rekeying_units=()

# [TUNNELNAME] = CHARTID
# here we remember CHARTIDs of all tunnels
# we need this to avoid converting tunnel names to chart IDs on every iteration
declare -A strongswan_tunnel_charts=()

# run the ipsec command
strongswan_ipsec() {
  if [ ${strongswan_sudo} -ne 0 ]
    then
    sudo -n "${IPSEC_CMD}" "${@}"
    return $?
  else
    "${IPSEC_CMD}" "${@}"
    return $?
  fi

declare -A strongswan_rekeying_units=()

# [TUNNELNAME] = CHARTID
# here we remember CHARTIDs of all tunnels
# we need this to avoid converting tunnel names to chart IDs on every iteration
declare -A strongswan_tunnel_charts=()

# run the ipsec command
strongswan_ipsec() {
  if [ ${strongswan_sudo} -ne 0 ]
    then
    sudo -n "${IPSEC_CMD}" "${@}"
    return $?
  else
    "${IPSEC_CMD}" "${@}"
    return $?
  fi                                                                                                                                             }

# fetch latest values - fill the arrays
strongswan_get() {
  # do all the work to collect / calculate the values
  # for each dimension

  # empty the variables
  strongswan_traffic_in=()
  strongswan_traffic_out=()
  strongswan_rekeying=()
  strongswan_rekeying_units=()
  strongswan_connected_tunnels=()

  # convert the ipsec command output to a shell script
  # and source it to get the values
  source <(
    strongswan_ipsec statusall | \
      sed -n -e "s|\(.*\){\([0-9]\+\)}:[[:space:]]\+ .* \([0-9]\+\) bytes_i .* \([0-9]\+\) bytes_o .* rekeying in \([0-9]\+\) \([[:alpha:]]\+\)|strongswan_connected_tunnels[\"\2\"]=\"\1\"; strongswan_traffic_in[\"\2\"]=\"\3\"; strongswan_traffic_out[\"\2\"]=\"\4\"; strongswan_rekeying[\"\2\"]=\"\5\"; strongswan_rekeying_units[\"\2\"]=\"\6\"|p"
    #sed -n -e "s|\(.*\){\([0-9]\+\)}:[[:space:]]\+[^,]\+, \([0-9]\+\) bytes_i, \([0-9]\+\) bytes_o, rekeying in \([0-9]\+\) \([[:alpha:]]\+\)$|strongswan_connected_tunnels[\"\2\"]=\"\1\"; strongswan_traffic_in[\"\2\"]=\"\3\"; strongswan_traffic_out[\"\2\"]=\"\4\"; strongswan_rekeying[\"\2\"]=\"\5\"; strongswan_rekeying_units[\"\2\"]=\"\6\"|p"
  ) || return 1

  # check we got some data

  [ ${#strongswan_connected_tunnels[@]} -eq 0 ] && error "No tunnels found" && return 1
  return 0
}

# _check is called once, to find out if this chart should be enabled or not
strongswan_check() {
  # this should return:
  #  - 0 to enable the chart
  #  - 1 to disable the chart

  require_cmd ipsec || return 1

  error "Got the ipsec command OK"
  # make sure it is strongswan
  if [ -z "$(ipsec --version | grep -i strongswan)" ]
  then
      error "ipsec command is not StrongSwan. Disabling StrongSwan plugin."
      return 1
  fi

  # check that we can collect data
  strongswan_get || return 1

  return 0
}

# create the charts for an ipsec tunnel
strongswan_create_one() {
  local n="${1}" name

  name="${strongswan_connected_tunnels[${n}]}"

  [ ! -z "${strongswan_tunnel_charts[${name}]}" ] && return 0

  strongswan_tunnel_charts[${name}]="$(fixid "${name}")"

  cat <<EOF
CHART strongswan.${strongswan_tunnel_charts[${name}]}_net '${name}_net' "StrongSwan Tunnel ${name} Traffic" "kilobits/s" "${name}" strongswan.net area $((strongswan_priority)) $strongswan_update_every
DIMENSION in '' incremental 8 1000
DIMENSION out '' incremental -8 1000
CHART strongswan.${strongswan_tunnel_charts[${name}]}_rekeyring '${name}_rekeyring' "strongswan Tunnel ${name} Rekeyring" "seconds" "${name}" strongswan.rekeyring line $((strongswan_priority + 1)) $strongswan_update_every
DIMENSION rekeyring '' absolute 1 1
EOF

  return 0

}

# _create is called once, to create the charts
strongswan_create() {
  local n
  for n in "${!strongswan_connected_tunnels[@]}"
  do
    strongswan_create_one "${n}"
  done
  return 0
}
                                                                                                                                                 # send the values to netdata for an ipsec tunnel
strongswan_update_one() {
  local n="${1}" microseconds="${2}" name id rekeyring

  name="${strongswan_connected_tunnels[${n}]}"
  id="${strongswan_tunnel_charts[${name}]}"

  [ -z "${id}" ] && strongswan_create_one "${n}"

  rekeyring=$(( ${strongswan_re/keying[${n}]} ))
  case "${strongswan_rekeying_units[${n}]}" in
    seconds) ;;
    minutes) rekeyring=$((rekeyring * 60)) ;;
    default) echo >&2 "STRONGSWAN: hey I don't know how to convert units '${strongswan_rekeying_units[${n}]}' to seconds"
  esac
  [ ${rekeyring} -lt 0 ] && rekeyring=0

    # write the result of the work.
  cat <<VALUESEOF
BEGIN strongswan.${id}_net ${microseconds}
SET in = ${strongswan_traffic_in[${n}]}
SET out = ${strongswan_traffic_out[${n}]}
END
BEGIN strongswan.${id}_rekeyring ${microseconds}
SET rekeyring = ${rekeyring}
END
VALUESEOF
}

# _update is called continiously, to collect the values
strongswan_update() {
  # the first argument to this function is the microseconds since last update
  # pass this parameter to the BEGIN statement (see bellow).

  strongswan_get || return 1

  local n
  for n in "${!strongswan_connected_tunnels[@]}"
  do
    strongswan_update_one "${n}" "${@}"
  done

  return 0
}

And the output of ipsec statusall looks like

Status of IKE charon daemon (strongSwan 5.6.2, Linux 4.15.0-106-generic, x86_64):
  uptime: 61 days, since Jun 24 14:00:01 2020
  malloc: sbrk 2084864, mmap 0, used 1075984, free 1008880
  worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 3
  loaded plugins: charon aesni aes rc2 sha2 sha1 md4 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown eap-mschapv2 xauth-generic counters
Listening IP addresses:
  10.1.10.1
  103.127.113.10
  172.17.133.60
  2404:1ec0::526b:8dff:fe6b:822c
  172.29.105.1
Connections:
103.127.113.10:  %any...202.44.78.10  IKEv2, dpddelay=30s
103.127.113.10:   local:  uses pre-shared key authentication
103.127.113.10:   remote: [202.44.78.10] uses pre-shared key authentication
103.127.113.10:   child:  172.17.133.60/32 === 146.178.211.0/24 TUNNEL, dpdaction=restart
103.127.113.10QLD:  %any...202.44.76.10  IKEv2, dpddelay=30s
103.127.113.10QLD:   local:  uses pre-shared key authentication
103.127.113.10QLD:   remote: [202.44.76.10] uses pre-shared key authentication
103.127.113.10QLD:   child:  172.17.133.60/32 === 146.178.211.0/24 TUNNEL, dpdaction=restart
Security Associations (1 up, 0 connecting):
103.127.113.10QLD[270]: ESTABLISHED 48 minutes ago, 103.127.113.10[103.127.113.10]...202.44.76.10[202.44.76.10]
103.127.113.10QLD[270]: IKEv2 SPIs: 7211bc73a380440f_i* 894e4ce0b070d54b_r, rekeying in 6 hours
103.127.113.10QLD[270]: IKE proposal: AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
103.127.113.10QLD{194}:  INSTALLED, TUNNEL, reqid 1, ESP SPIs: c2c4cfee_i bb285571_o
103.127.113.10QLD{194}:  AES_CBC_256/HMAC_SHA2_256_128/MODP_2048, 16685412 bytes_i (102530 pkts, 2s ago), 4405446 bytes_o (71910 pkts, 0s ago), rekeying in 4 hours
103.127.113.10QLD{194}:   172.17.133.60/32 === 146.178.211.0/24

I’d really love to get this working, would make netdata my total solution if I could.

Thanks for following along so far.

15

Sorry, hit return before I finished and can’t seem to edit the one above.

The rekeying time seems to be funky or missing though, so maybe the regex is still at fault.

When I run it without the debugger though I get this in the error.log

 2020-08-25 01:57:41: go.d INFO: discovery[file manager] instance is started
   4 2020-08-25 01:57:41: go.d INFO: discovery[file reader] instance is started
   3 sudo: unable to change to root gid: Operation not permitted
   2 sudo: unable to initialize policy plugin
   1 2020-08-25 11:57:41: charts.d: ERROR: strongswan: No tunnels found
674  2020-08-25 11:57:41: charts.d: ERROR: strongswan: module's 'strongswan' check() function reports failure.                                      1 2020-08-25 11:57:41: charts.d: FATAL: main: No charts to collect data from.
   2 2020-08-25 11:57:41: netdata INFO  : PLUGINSD[charts.d] : called DISABLE. Disabling it.
   3 2020-08-25 11:57:41: netdata INFO  : PLUGINSD[charts.d] : PARSER ended
   4 2020-08-25 11:57:41: netdata ERROR : PLUGINSD[charts.d] : '/opt/netdata/usr/libexec/netdata/plugins.d/charts.d.plugin' (pid 104042) disconne     cted after 0 successful data collections (ENDs). (errno 22, Invalid argument)
   5 2020-08-25 11:57:41: netdata INFO  : PLUGINSD[charts.d] : '/opt/netdata/usr/libexec/netdata/plugins.d/charts.d.plugin' (pid 104042) does not      generate useful output but it reports success (exits with 0). Will not start it again - it is now disabled..

Which looking at it now would seem to perhaps be a permissions error.

I do have

 netdata ALL = (root) NOPASSWD: /usr/sbin/ipsec statusall

in /etc/sudoers (but only once, for some reason some of the articles I’ve seen have this line twice).

16

It is Netdata support for ipsec strongswan · Issue #3296 · netdata/netdata · GitHub

I’m finding that it is still failing when run on netdata but when the sed script is run on my ubuntu box it seems to be setting the variables correctly (or atleast I think it is).

It seems that the vairables are all piling up on top of each other rather than being set individually if that makes sense.

When I run it under debug I get this…

2020-08-25 11:53:44: charts.d: DEBUG: strongswan: loading module: '/opt/netdata/usr/libexec/netdata/plugins.d/../charts.d/strongswan.chart.sh'
2020-08-25 11:53:44: charts.d: DEBUG: strongswan: loading module configuration: '/opt/netdata/usr/lib/netdata/conf.d/charts.d/strongswan.conf'
2020-08-25 11:53:44: charts.d: DEBUG: strongswan: loading module configuration: '/opt/netdata/etc/netdata/charts.d/strongswan.conf'
2020-08-25 11:53:44: charts.d: ERROR: strongswan: Got the ipsec command OK
2020-08-25 11:53:44: charts.d: DEBUG: strongswan: module 'strongswan' activated
2020-08-25 11:53:44: charts.d: DEBUG: main: activated modules:  strongswan
2020-08-25 11:53:44: charts.d: DEBUG: main: requested to run only for: 'strongswan'
2020-08-25 11:53:44: charts.d: DEBUG: main: activated charts: strongswan
2020-08-25 11:53:44: charts.d: DEBUG: strongswan: calling 'strongswan_create()'...
CHART strongswan.103_127_113_10qld_net '103.127.113.10QLD_net' "StrongSwan Tunnel 103.127.113.10QLD Traffic" "kilobits/s" "103.127.113.10QLD" strongswan.net area 90000 5
DIMENSION in '' incremental 8 1000
DIMENSION out '' incremental -8 1000
CHART strongswan.103_127_113_10qld_rekeyring '103.127.113.10QLD_rekeyring' "strongswan Tunnel 103.127.113.10QLD Rekeyring" "seconds" "103.127.113.10QLD" strongswan.rekeyring line 90001 5
DIMENSION rekeyring '' absolute 1 1
2020-08-25 11:53:44: charts.d: DEBUG: strongswan: 'strongswan' initialized.
2020-08-25 11:53:44: charts.d: DEBUG: main: run_charts=' strongswan'
CHART netdata.plugin_chartsd_strongswan '' 'Execution time for strongswan plugin' 'milliseconds / run' charts.d netdata.plugin_charts area 145000 5
DIMENSION run_time 'run time' absolute 1 1
2020-08-25 11:53:44: charts.d: DEBUG: strongswan: sleeping for 0.849 seconds.
BEGIN strongswan.103_127_113_10qld_net
SET in = 14701071
SET out = 3914193
END
BEGIN strongswan.103_127_113_10qld_rekeyring
SET rekeyring = 0
END
BEGIN netdata.plugin_chartsd_strongswan
SET run_time = 20
END
2020-08-25 11:53:45: charts.d: DEBUG: strongswan: sleeping for 4.969 seconds.
BEGIN strongswan.103_127_113_10qld_net 4990000
SET in = 14703477
SET out = 3915748
END
BEGIN strongswan.103_127_113_10qld_rekeyring 4990000
SET rekeyring = 0
END
BEGIN netdata.plugin_chartsd_strongswan 4990000
SET run_time = 30
END
2020-08-25 11:53:50: charts.d: DEBUG: strongswan: sleeping for 4.969 seconds.

So it seems that some of it is working (the tunnel name, the first in and out are OK). I’m not sure the rekey

17

Which git issue do you mean? Also, what do you have in the debug log now?

18

OK, worked out the Regex and debug shows what looks to be real data coming in now.

It should be

\(.*\){\([0-9]\+\)}:[[:space:]]\+ .* \([0-9]\+\) bytes_i .* \([0-9]\+\) bytes_o .* rekeying in \([0-9]\+\) \([[:alpha:]]\+\)

So running it under debug shows variables being set. How do I now get it to run as part of the dashboard? I followed the directions on the git issue, but so far no sign of any chart.

Peter.

1 Like
19

I have removed the -n (quiet) from the sed command. It’s now outputting

/dev/fd/63: line 1: syntax error near unexpected token (' 
/dev/fd/63: line 1: Status of IKE charon daemon (strongSwan 5.6.2, Linux 4.15.0-106-generic, x86_64):'

Not sure which ( its talking about though.