salt-states/containers/files/unpoller.conf

235 lines
10 KiB
Plaintext
Raw Permalink Normal View History

2023-06-27 07:16:37 +00:00
# Unpoller v2 primary configuration file. TOML FORMAT #
###########################################################
[poller]
# Turns on line numbers, microsecond logging, and a per-device log.
# The default is false, but I personally leave this on at home (four devices).
# This may be noisy if you have a lot of devices. It adds one line per device.
debug = false
# Turns off per-interval logs. Only startup and error logs will be emitted.
# Recommend enabling debug with this setting for better error logging.
quiet = false
# Load dynamic plugins. Advanced use; only sample mysql plugin provided by default.
plugins = []
#### OUTPUTS
# If you don't use an output, you can disable it.
[prometheus]
disable = false
# This controls on which ip and port /metrics is exported when mode is "prometheus".
# This has no effect in other modes. Must contain a colon and port.
http_listen = "0.0.0.0:9130"
# Adding an SSL Cert and Cert Key will make Poller listen with SSL/https.
ssl_cert_path = ""
ssl_key_path = ""
# Errors are rare. Setting this to true will report them to Prometheus.
report_errors = false
## Record data for disabled or down (unlinked) switch ports.
dead_ports = false
[influxdb]
disable = true
# InfluxDB does not require auth by default, so the user/password are probably unimportant.
url = "http://127.0.0.1:8086"
user = "unifipoller"
# Password for InfluxDB user (above).
# If the password provided here begins with file:// then the password is read in from
# the file path that follows the file:// prefix. ex: file:///etc/influxdb/passwd.file
pass = "unifipoller"
# Be sure to create this database. See the InfluxDB Wiki page for more info.
db = "unifi"
# If your InfluxDB uses a valid SSL cert, set this to true.
verify_ssl = false
# The UniFi Controller only updates traffic stats about every 30 seconds.
# Setting this to something lower may lead to "zeros" in your data.
# If you're getting zeros now, set this to "1m"
interval = "30s"
## Record data for disabled or down (unlinked) switch ports.
dead_ports = false
# To enable output of UniFi Events to Loki, add a URL; it's disabled otherwise.
# User, pass and tenant_id are optional and most folks wont set them.
# Pick which logs you want per-controller in the [unifi.controller] section.
# This is a new feature. Feedback welcome!
[loki]
disable = false
url = "{{ pillar['containers']['unpoller']['loki_url'] }}"
# The rest of this is advanced & optional. See wiki.
user = ""
pass = ""
verify_ssl = false
tenant_id = ""
interval = "2m"
timeout = "10s"
[datadog]
# How often to poll UniFi and report to Datadog.
interval = "2m"
# To enable this output plugin
enable = false
# Datadog Custom Options
# address to talk to the datadog agent, by default this uses the local statsd UDP interface
# address = "localhost:8125"
# namespace to prepend to all data, default is no additional prefix.
# namespace = ""
# tags to append to all data
# tags = [ "customer:abc_corp" ]
# For more advanced options for very large amount of data collected see the upstream
# github.com/unpoller/unpoller/pkg/datadogunifi repository README.
# Unpoller has an optional web server. To turn it on, set enable to true. If you
# wish to use SSL, provide SSL cert and key paths. This interface is currently
# read-only; it just displays information, like logs, devices and clients.
# Notice: Enabling the web server with many sites will increase memory usage.
# This is a new feature and lacks a UI, enabling only recommended for testing.
[webserver]
enable = false
port = 37288
# The HTML path is different on Windows and BSD/macOS.
html_path = "/usr/lib/unifi-poller/web"
ssl_cert_path = ""
ssl_key_path = ""
# How many events per event group to hold. 200-2000. Use fewer with many sites.
# With 1 site, you'll have a max total of 9 event groups; 1 per plugin, 4 per site.
# Each site adds 1 event group for each of these inputs that is enabled:
# save_ids, save_events, save_anomalies, save_alarms.
max_events = 200
# By default the web interface does not require authentication. You can change
# that by adding a username and password hash (or multiple) below.
# To create a hash, run unifi-poller with the -e CLI argument. See Wiki for more!
[webserver.accounts]
# username = "password-hash"
# captain = "$2a$04$mxw6i0LKH6u46oaLK2cq5eCTAAFkfNiRpzNbz.EyvJZZWNa2FzIlS"
#### INPUTS
[unifi]
# Setting this to true and providing default credentials allows you to skip
# configuring controllers in this config file. Instead you configure them in
# your prometheus.yml config. Prometheus then sends the controller URL to
# Unpoller when it performs the scrape. This is useful if you have many,
# or changing controllers. See wiki for more.
dynamic = false
# The following section contains the default credentials/configuration for any
# dynamic controller (see above section), or the primary controller if you do not
# provide one and dynamic is disabled. In other words, you can just add your
# controller here and delete the following section. The internal defaults are
# shown below. Any missing values will assume these displayed defaults.
[unifi.defaults]
# URL for the UniFi Controller. Do not add any paths after the host:port.
# Do not use port 8443 if you have a UDM; just use "https://ip".
url = "{{ pillar['containers']['unpoller']['unifi_url'] }}"
# Make a read-only user in the UniFi Admin Settings, allow it access to all sites.
user = "{{ pillar['containers']['unpoller']['unifi_user'] }}"
# Password for UniFi controller user (above).
# If the password provided here begins with file:// then the password is read in from
# the file path that follows the file:// prefix. ex: file:///etc/unifi/password.file
# ex: file:///etc/unifi/passwd.file, windows: file://C:\\UserData\\Unifi\\Passwd.txt
pass = "{{ pillar['containers']['unpoller']['unifi_pass'] }}"
# If the controller has more than one site, specify which sites to poll here.
# Set this to ["default"] to poll only the first site on the controller.
# A setting of ["all"] will poll all sites; this works if you only have 1 site too.
sites = ["all"]
# Specify a timeout, leave missing to declare infinite wait. This determines the maximum
# time to wait for a response from the unifi controller on any API request.
# timeout = 60s
# Enable collection of site data. This data powers the Network Sites dashboard.
# It's not valuable to everyone and setting this to false will save resources.
save_sites = true
# Hash, with md5, client names and MAC addresses. This attempts to protect
# personally identifiable information. Most users won't want to enable this.
hash_pii = false
# Enable collection of Intrusion Detection System Data (InfluxDB/Loki only).
# Only useful if IDS or IPS are enabled on one of the sites. This may store
# a lot of information. Only recommended for testing and debugging. There
# may not be any dashboards to display this data. It can be used for annotations.
# Enable this only if using InfluxDB or Loki. This will leak PII data!
save_ids = false
# Enable collection of UniFi Events (InfluxDB/Loki only).
# This may store a lot of information. Only recommended for testing and debugging.
# There are no dashboards to display this data. It can be used for annotations.
# This is a new (June, 2020) feature. Please provide feedback if you try it out!
# Enable this only if using InfluxDB or Loki. This will leak PII data!
save_events = true
# Enable collection of UniFi Alarms (InfluxDB/Loki only).
# There are no dashboards to display this data. It can be used for annotations.
# This is a new (June, 2020) feature. Please provide feedback if you try it out!
# Enable this only if using InfluxDB or Loki. This will leak PII data!
save_alarms = true
# Enable collection of UniFi Anomalies (InfluxDB/Loki only).
# There are no dashboards to display this data. It can be used for annotations.
# This is a new (June, 2020) feature. Please provide feedback if you try it out!
# Enable this only if using InfluxDB or Loki.
save_anomalies = true
# Enable collection of Deep Packet Inspection data. This data breaks down traffic
# types for each client and site, it powers a dedicated DPI dashboard.
# Enabling this adds roughly 150 data points per client. That's 6000 metrics for
# 40 clients. This adds a little bit of poller run time per interval and causes
# more API requests to your controller(s). Don't let these "cons" sway you:
# it's cool data. Please provide feedback on your experience with this feature.
save_dpi = false
## Enabling save_rogue stores even more data in your time series databases.
## This saves neighboring access point metrics in a dedicated table or namespace.
save_rogue = false
# If your UniFi controller has a valid SSL certificate (like lets encrypt),
# you can enable this option to validate it. Otherwise, any SSL certificate is
# valid. If you don't know if you have a valid SSL cert, then you don't have one.
verify_ssl = false
## You may provide a list of SSL cert files (PEM format) that you expect your
## controller to use. As long as one of the certs you provide here shows up in
## the cert trust chain the controller presents it will be accepted and allowed.
## These files may be re-read while poller is running.
## Example: ssl_cert_paths = ["/path/to/cert.pem", "/another/cert.pem"]
ssl_cert_paths = []
# The following is optional and used for configurations with multiple UniFi controllers.
# You may repeat the following [[unifi.controller]] section as many times as needed to
# poll multiple controllers. Uncomment the entire section including [[unifi.controller]].
# Omitted variables will have their values taken from the defaults, above.
#
#[[unifi.controller]]
# url = "https://127.0.0.1:8443"
# user = "unifipoller"
# pass = "unifipoller"
# sites = ["all"]
# save_sites = true
# hash_pii = false
# save_ids = false
# save_events = false
# save_alarms = false
# save_anomalies = false
# save_dpi = false
# save_rogue = false
# verify_ssl = false
# ssl_cert_paths = []