LDAP and Elasticsearch Integration
Powerful performance with an easy integration, powered by Telegraf, the open source data connector built by InfluxData.
This is not the recommended configuration for real-time query at scale. For query and compression optimization, high-speed ingest, and high availability, you may want to consider LDAP and InfluxDB.
5B+
Telegraf downloads
#1
Time series database
Source: DB Engines
1B+
Downloads of InfluxDB
2,800+
Contributors
Table of Contents
Powerful Performance, Limitless Scale
Collect, organize, and act on massive volumes of high-velocity data. Any data is more valuable when you think of it as time series data. with InfluxDB, the #1 time series platform built to scale with Telegraf.
See Ways to Get Started
Input and output integration overview
The LDAP plugin collects monitoring metrics from LDAP servers, including OpenLDAP and 389 Directory Server. This plugin is essential for tracking the performance and health of LDAP services, enabling administrators to gain insights into their directory operations.
The Telegraf Elasticsearch Plugin seamlessly sends metrics to an Elasticsearch server. The plugin handles template creation and dynamic index management, and supports various Elasticsearch-specific features to ensure data is formatted correctly for storage and retrieval.
Integration details
LDAP
This plugin gathers metrics from LDAP servers’ monitoring backend, specifically from the cn=Monitor entries. It supports two prominent LDAP implementations: OpenLDAP and 389 Directory Server (389ds). With a focus on collecting various operational metrics, the LDAP plugin enables administrators to monitor performance, connection status, and server health in real-time, which is vital for maintaining robust directory services. By allowing customizable connection parameters and security configurations, such as TLS support, the plugin ensures compliance with best practices for security and performance. Metrics gathered can be instrumental in identifying trends, optimizing server configurations, and enforcing service-level agreements with stakeholders.
Elasticsearch
This plugin writes metrics to Elasticsearch, a distributed, RESTful search and analytics engine capable of storing large amounts of data in near real-time. It is designed to handle Elasticsearch versions 5.x through 7.x and utilizes its dynamic template features to manage data type mapping properly. The plugin supports advanced features such as template management, dynamic index naming, and integration with OpenSearch. It also allows configurations for authentication and health monitoring of the Elasticsearch nodes.
Configuration
LDAP
[[inputs.ldap]]
## Server to monitor
## The scheme determines the mode to use for connection with
## ldap://... -- unencrypted (non-TLS) connection
## ldaps://... -- TLS connection
## starttls://... -- StartTLS connection
## If no port is given, the default ports, 389 for ldap and starttls and
## 636 for ldaps, are used.
server = "ldap://localhost"
## Server dialect, can be "openldap" or "389ds"
# dialect = "openldap"
# DN and password to bind with
## If bind_dn is empty an anonymous bind is performed.
bind_dn = ""
bind_password = ""
## Reverse the field names constructed from the monitoring DN
# reverse_field_names = false
## Optional TLS Config
## Set to true/false to enforce TLS being enabled/disabled. If not set,
## enable TLS only if any of the other options are specified.
# tls_enable =
## Trusted root certificates for server
# tls_ca = "/path/to/cafile"
## Used for TLS client certificate authentication
# tls_cert = "/path/to/certfile"
## Used for TLS client certificate authentication
# tls_key = "/path/to/keyfile"
## Password for the key file if it is encrypted
# tls_key_pwd = ""
## Send the specified TLS server name via SNI
# tls_server_name = "kubernetes.example.com"
## Minimal TLS version to accept by the client
# tls_min_version = "TLS12"
## List of ciphers to accept, by default all secure ciphers will be accepted
## See https://pkg.go.dev/crypto/tls#pkg-constants for supported values.
## Use "all", "secure" and "insecure" to add all support ciphers, secure
## suites or insecure suites respectively.
# tls_cipher_suites = ["secure"]
## Renegotiation method, "never", "once" or "freely"
# tls_renegotiation_method = "never"
## Use TLS but skip chain & host verification
# insecure_skip_verify = false
Elasticsearch
[[outputs.elasticsearch]]
## The full HTTP endpoint URL for your Elasticsearch instance
## Multiple urls can be specified as part of the same cluster,
## this means that only ONE of the urls will be written to each interval
urls = [ "http://node1.es.example.com:9200" ] # required.
## Elasticsearch client timeout, defaults to "5s" if not set.
timeout = "5s"
## Set to true to ask Elasticsearch a list of all cluster nodes,
## thus it is not necessary to list all nodes in the urls config option
enable_sniffer = false
## Set to true to enable gzip compression
enable_gzip = false
## Set the interval to check if the Elasticsearch nodes are available
## Setting to "0s" will disable the health check (not recommended in production)
health_check_interval = "10s"
## Set the timeout for periodic health checks.
# health_check_timeout = "1s"
## HTTP basic authentication details.
## HTTP basic authentication details
# username = "telegraf"
# password = "mypassword"
## HTTP bearer token authentication details
# auth_bearer_token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9"
## Index Config
## The target index for metrics (Elasticsearch will create if it not exists).
## You can use the date specifiers below to create indexes per time frame.
## The metric timestamp will be used to decide the destination index name
# %Y - year (2016)
# %y - last two digits of year (00..99)
# %m - month (01..12)
# %d - day of month (e.g., 01)
# %H - hour (00..23)
# %V - week of the year (ISO week) (01..53)
## Additionally, you can specify a tag name using the notation {{tag_name}}
## which will be used as part of the index name. If the tag does not exist,
## the default tag value will be used.
# index_name = "telegraf-{{host}}-%Y.%m.%d"
# default_tag_value = "none"
index_name = "telegraf-%Y.%m.%d" # required.
## Optional Index Config
## Set to true if Telegraf should use the "create" OpType while indexing
# use_optype_create = false
## Optional TLS Config
# tls_ca = "/etc/telegraf/ca.pem"
# tls_cert = "/etc/telegraf/cert.pem"
# tls_key = "/etc/telegraf/key.pem"
## Use TLS but skip chain & host verification
# insecure_skip_verify = false
## Template Config
## Set to true if you want telegraf to manage its index template.
## If enabled it will create a recommended index template for telegraf indexes
manage_template = true
## The template name used for telegraf indexes
template_name = "telegraf"
## Set to true if you want telegraf to overwrite an existing template
overwrite_template = false
## If set to true a unique ID hash will be sent as sha256(concat(timestamp,measurement,series-hash)) string
## it will enable data resend and update metric points avoiding duplicated metrics with different id's
force_document_id = false
## Specifies the handling of NaN and Inf values.
## This option can have the following values:
## none -- do not modify field-values (default); will produce an error if NaNs or infs are encountered
## drop -- drop fields containing NaNs or infs
## replace -- replace with the value in "float_replacement_value" (default: 0.0)
## NaNs and inf will be replaced with the given number, -inf with the negative of that number
# float_handling = "none"
# float_replacement_value = 0.0
## Pipeline Config
## To use a ingest pipeline, set this to the name of the pipeline you want to use.
# use_pipeline = "my_pipeline"
## Additionally, you can specify a tag name using the notation {{tag_name}}
## which will be used as part of the pipeline name. If the tag does not exist,
## the default pipeline will be used as the pipeline. If no default pipeline is set,
## no pipeline is used for the metric.
# use_pipeline = "{{es_pipeline}}"
# default_pipeline = "my_pipeline"
#
# Custom HTTP headers
# To pass custom HTTP headers please define it in a given below section
# [outputs.elasticsearch.headers]
# "X-Custom-Header" = "custom-value"
## Template Index Settings
## Overrides the template settings.index section with any provided options.
## Defaults provided here in the config
# template_index_settings = {
# refresh_interval = "10s",
# mapping.total_fields.limit = 5000,
# auto_expand_replicas = "0-1",
# codec = "best_compression"
# }
Input and output integration examples
LDAP
-
Monitoring Directory Performance: Use the LDAP Telegraf plugin to continuously track and analyze the number of operations completed, initiated connections, and server response times. By visualizing this data over time, administrators can identify performance bottlenecks in directory services, enabling proactive optimization.
-
Alerting on Security Events: Integrate the plugin with an alerting system to notify administrators when certain metrics, such as
bind_security_errorsorunauth_binds, exceed predefined thresholds. This setup can enhance security monitoring by providing real-time insights into potential unauthorized access attempts. -
Capacity Planning: Leverage the metrics collected by the LDAP plugin to perform capacity planning. Analyze connection trends, maximum threads in use, and operational statistics to forecast future resource needs, ensuring the LDAP server can handle expected peak loads without degrading performance.
-
Compliance and Auditing: Use the operational metrics obtained via this plugin to assist in compliance audits. By regularly checking metrics like
anonymous_bindsandsecurity_errors, organizations can ensure that their directory services adhere to security policies and regulatory requirements.
Elasticsearch
-
Time-based Indexing: Use this plugin to store metrics in Elasticsearch to index each metric based on the time collected. For example, CPU metrics can be stored in a daily index named
telegraf-2023.01.01, allowing easy time-based queries and retention policies. -
Dynamic Templates Management: Utilize the template management feature to automatically create a custom template tailored to your metrics. This allows you to define how different fields are indexed and analyzed without manually configuring Elasticsearch, ensuring an optimal data structure for querying.
-
OpenSearch Compatibility: If you are using AWS OpenSearch, you can configure this plugin to work seamlessly by activating compatibility mode, ensuring your existing Elasticsearch clients remain functional and compatible with newer cluster setups.
Feedback
Thank you for being part of our community! If you have any general feedback or found any bugs on these pages, we welcome and encourage your input. Please submit your feedback in the InfluxDB community Slack.
Powerful Performance, Limitless Scale
Collect, organize, and act on massive volumes of high-velocity data. Any data is more valuable when you think of it as time series data. with InfluxDB, the #1 time series platform built to scale with Telegraf.
See Ways to Get Started
Related Integrations
Related Integrations
HTTP and InfluxDB Integration
The HTTP plugin collects metrics from one or more HTTP(S) endpoints. It supports various authentication methods and configuration options for data formats.
View IntegrationKafka and InfluxDB Integration
This plugin reads messages from Kafka and allows the creation of metrics based on those messages. It supports various configurations including different Kafka settings and message processing options.
View IntegrationKinesis and InfluxDB Integration
The Kinesis plugin allows for reading metrics from AWS Kinesis streams. It supports multiple input data formats and offers checkpointing features with DynamoDB for reliable message processing.
View Integration
