5.02021-11-21T21:42:32ZTemplatesApp WireGuardApp WireGuard## Overview
Hi,
I tried to create a template to monitor WireGuard with Zabbix.
WireGuard does not really provide any monitoring tool so I had to do with "wg show" commands.
It's probably not perfect so if you want to help I'm interested.
Template provides 2 discovery rules :
Interfaces Discovery (wg0, wg1...) :
- Items to get active peers, total peers, port used and check firewall mark.
- Triggers to check changes on port, fwmark and numbers of clients.
- Graph to monitor active and total peers (even if connections are never released by WG once established).
Peers Discovery (based on public key) :
I had to truncate keys to 10 characters for easy reading. It should not be a problem because they're random.
- Items to get for each endpoint : allowed IPs, IP address, port used, incoming/outgoing traffic, keepalive status and the last handshake.
- Triggers to track changes on allowed IPs, connection port, IP address, keeaplive status and to monitor high traffic and unreachable endpoint.
- Graph to monitor incoming/outgoing network traffic.
This template may work with previous versions of Zabbix but it was tested for Zabbix 4.0 on a Debian 9.6 server.
Please follow the link for instructions and files.
Have fun !
## Author
Cryptage21
TemplatesWireguardWireGuard Interfaces Discoverywg.list.discovery[INTERFACES]3600sFirewall mark enabled on {#WGINTERFACE}wg.fw.mark[{#WGINTERFACE}]60m7d7dWireguardBOOL_TO_DECIMAL{diff()}=1Firewall mark changed on {#WGINTERFACE} {HOST.NAME} VPNWARNINGActive peers on {#WGINTERFACE}wg.peers.connected[{#WGINTERFACE}]15m30dWireguard{change()}<=-1Less clients connected on {#WGINTERFACE} {HOST.NAME} VPNINFO{change()}>=1More clients connected on {#WGINTERFACE} {HOST.NAME} VPNINFOTotal peers on {#WGINTERFACE}wg.peers.count[{#WGINTERFACE}]30m7d30dWireguard{change()}>=1Peers added on {#WGINTERFACE} {HOST.NAME} VPNINFO{change()}<=-1Peers removed on {#WGINTERFACE} {HOST.NAME} VPNINFOPort used on {#WGINTERFACE}wg.port.used[{#WGINTERFACE}]60m7d7dFLOATWireguardTRIM8{diff()}=1Connection port changed on {#WGINTERFACE} {HOST.NAME} VPNWARNINGPeers on [{#WGINTERFACE}] VPN199C0D- App WireGuardwg.peers.connected[{#WGINTERFACE}]
1F63100- App WireGuardwg.peers.count[{#WGINTERFACE}]
WireGuard Peers Discoverywg.list.discovery[PEERS]3600sEndpoint IP address for peer {#PEER}... on {#INTERFACE}wg.endpoint.address[{#PEER}]15m30d0TEXTWireguard{diff()}=1IP address changed for {#PEER}... peer on {HOST.NAME}INFOAllowed IPs for peer {#PEER}... on {#INTERFACE}wg.endpoint.allowedips[{#PEER}]30m7d0TEXTWireguard{diff()}=1Allowed IPs list altered for {#PEER}... peer on {HOST.NAME}HIGHLast handshake for peer {#PEER}... on {#INTERFACE}wg.endpoint.handshake[{#PEER}]10m7d7dunixtimeWireguard{fuzzytime(1800)}=0Unreachable {#PEER}... peer on {HOST.NAME} for 30 minutesHIGHKeepalive enabled for peer {#PEER}... on {#INTERFACE}wg.endpoint.keepalive[{#PEER}]30m7d30dWireguardBOOL_TO_DECIMAL{diff()}=1Keepalived changed for {#PEER}... peer on {HOST.NAME}WARNINGEndpoint port for peer {#PEER}... on {#INTERFACE}wg.endpoint.port[{#PEER}]15m7d7dWireguard{diff()}=1Connection port changed for {#PEER}... peer on {HOST.NAME}INFOIncoming traffic for peer {#PEER}... on {#INTERFACE}wg.endpoint.transferdown[{#PEER}]5m30dbpsWireguardSIMPLE_CHANGE{change()}>52428800High incoming traffic for {#PEER}... peer on {HOST.NAME}AVERAGEOutgoing traffic for peer {#PEER}... on {#INTERFACE}wg.endpoint.transferup[{#PEER}]5m30dbpsWireguardSIMPLE_CHANGE{change()}>52428800High outgoing traffic for {#PEER}... peer on {HOST.NAME}AVERAGENetwork traffic for {#INTERFACE}-{#PEER} peer199C0D- App WireGuardwg.endpoint.transferdown[{#PEER}]
1F63100- App WireGuardwg.endpoint.transferup[{#PEER}]