Monitoring and Reporting¶
There are several ways to configure statistics in Unbound. In this section we’ll cover Munin and Cacti, but there are many other third-party options available as well, using for example Zabbix or Prometheus.
Unbound has an option to enable extended statistics collection. If enabled, more statistics are collected, for example what types of queries are sent to the resolver. Otherwise, only the total number of queries is collected.
Statistics can be printed to the log file using
here we’ll focus on using unbound-control(8) to obtain
statistics on demand. If you set a
statistics-interval, every interval it is
printed to the logfile.
unbound-control, first set it up using the
script. See howto setup unbound. Then you can use the
command to print out the statistics on demand.
Various graphing tools expect the counters to go up over time. Some may expect
counters to be reset to 0 since the previous statistics printout. The
statistics-cumulative option controls the behaviour of Unbound. By default
it is set to
no, which resets values to zero after stat printout.
# enable extended statistics. server: statistics-interval: 0 extended-statistics: yes # set to yes if graphing tool needs it statistics-cumulative: no
Statistics with Munin¶
contrib directory in the source of Unbound is the
plugin script. It can be used with Munin to
monitor the health of an Unbound server.
munin-node with the appropriate package install tool.
The plugin script for Unbound can be copied somewhere on the system (such as in
the unbound directory). Then create symbolic links from
to that file.
$ ln -s /etc/unbound/unbound_munin_ /etc/munin/plugins/unbound_munin_hits
/etc/munin/plugin-conf.d/plugins.conf file you can setup the Munin
plugin for Unbound. Below are the default values. Set the correct values for
your system. The
statefile is a temporary file.
[unbound*] user root env.statefile /usr/local/var/munin/plugin-state/unbound-state env.unbound_conf /usr/local/etc/unbound/unbound.conf env.unbound_control /usr/local/sbin/unbound-control env.spoof_warn 1000 env.spoof_crit 100000 Restart the munin-node daemon. Munin will automatically pick up the new graph and plot it with rrdtool.
Additional graphs are possible, below is a list of them, and examples. Create
(additional) symbolic links to
unbound_munin_ with the names (in bold) of
those graphs to enable their display. Several require that
extended-statistics is enabled in config. Pictures included are samples,
your statistics may look different :-) .
A sharp increase in unwanted traffic indicates a possible spoof run in progress.
You can see that the server was restarted during the day.
The types received are shown.
Usually only IN (internet) class.
Usually only QUERY (normal query).