show last highstate date/time on grid metrics screen; expose maxUploadSize and staleMetricsMs settings on config screen

2026-02-23 23:45:39 +01:00 · 2023-12-29 11:38:42 -05:00
parent fe8f57c43b
commit e075d07f5c
5 changed files with 41 additions and 0 deletions
--- a/salt/telegraf/defaults.yaml
+++ b/salt/telegraf/defaults.yaml
@@ -13,6 +13,7 @@ telegraf:
    eval:
      - checkfiles.sh
      - influxdbsize.sh
+      - lasthighstate.sh
      - oldpcap.sh
      - os.sh
      - raid.sh
@@ -25,6 +26,7 @@ telegraf:
      - checkfiles.sh
      - eps.sh
      - influxdbsize.sh
+      - lasthighstate.sh
      - oldpcap.sh
      - os.sh
      - raid.sh
@@ -36,6 +38,7 @@ telegraf:
      - zeekloss.sh
    manager:
      - influxdbsize.sh
+      - lasthighstate.sh
      - os.sh
      - raid.sh
      - redis.sh
@@ -43,16 +46,19 @@ telegraf:
    managersearch:
      - eps.sh
      - influxdbsize.sh
+      - lasthighstate.sh
      - os.sh
      - raid.sh
      - redis.sh
      - sostatus.sh
    import:
      - influxdbsize.sh
+      - lasthighstate.sh
      - os.sh
      - sostatus.sh
    sensor:
      - checkfiles.sh
+      - lasthighstate.sh
      - oldpcap.sh
      - os.sh
      - raid.sh
@@ -64,6 +70,7 @@ telegraf:
    heavynode:
      - checkfiles.sh
      - eps.sh
+      - lasthighstate.sh
      - oldpcap.sh
      - os.sh
      - raid.sh
@@ -74,22 +81,27 @@ telegraf:
      - zeekcaptureloss.sh
      - zeekloss.sh
    idh:
+      - lasthighstate.sh
      - os.sh
      - sostatus.sh
    searchnode:
      - eps.sh
+      - lasthighstate.sh
      - os.sh
      - raid.sh
      - sostatus.sh
    receiver:
      - eps.sh
+      - lasthighstate.sh
      - os.sh
      - raid.sh
      - redis.sh
      - sostatus.sh
    fleet:
+      - lasthighstate.sh
      - os.sh
      - sostatus.sh
    desktop:
+      - lasthighstate.sh
      - os.sh
      - sostatus.sh
--- a/salt/telegraf/enabled.sls
+++ b/salt/telegraf/enabled.sls
@@ -55,6 +55,7 @@ so-telegraf:
      - /opt/so/log/suricata:/var/log/suricata:ro
      - /opt/so/log/raid:/var/log/raid:ro
      - /opt/so/log/sostatus:/var/log/sostatus:ro
+      - /opt/so/log/salt:/var/log/salt:ro
      {% if DOCKER.containers['so-telegraf'].custom_bind_mounts %}
        {% for BIND in DOCKER.containers['so-telegraf'].custom_bind_mounts %}
      - {{ BIND }}
--- a/salt/telegraf/scripts/lasthighstate.sh
+++ b/salt/telegraf/scripts/lasthighstate.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+#
+# Copyright Security Onion Solutions LLC and/or licensed to Security Onion Solutions LLC under one
+# or more contributor license agreements. Licensed under the Elastic License 2.0 as shown at 
+# https://securityonion.net/license; you may not use this file except in compliance with the
+# Elastic License 2.0.
+
+# if this script isn't already running
+if [[ ! "`pidof -x $(basename $0) -o %PPID`" ]]; then
+
+    LAST_HIGHSTATE_END=$([ -e "/var/log/salt/lasthighstate" ] && date -r /var/log/salt/lasthighstate +%s || echo 0)
+    NOW=$(date +%s)
+    HIGHSTATE_AGE_SECONDS=$((NOW-LAST_HIGHSTATE_END))
+    echo "salt highstate_age_seconds=$HIGHSTATE_AGE_SECONDS"
+
+fi
+
+exit 0