Hello,
Is it intentional that the Suricata/IPS processes are not shown in the Process and Process Memory Graphs?
I’ve been trying to troubleshoot higher average CPU usage since March and noticed that there’s no mention of Suricata in these graphs. It’s typically the highest usage, but currently squid is the highest thing I have running.
Thanks!
PS: I’m running a small VM on that IPFire system and qemu isn’t showing up on those graphs, even though there is an item for it listed below the graphs. I would have expected some visible load from it.
Hello dnl,
You can add Suricata to the collectd.custom list. The process is suricata.
https://wiki.ipfire.org/configuration/status/services#add-custom-process
I don’t know anything about qemu. You may want to confirm that qemu is the correct process name with top or htop. If you find it is a different name, you can add it to the collectd.custom list like suricata.
let us know what you find.
EDIT2:
If you confirm that qemu is the correct process name you can monitor with
top -p `pidof qemu`
or this one if qemu uses multiple processes/PIDs:
top -p `pidof qemu | sed 's/ /,/g'`
Maybe qemu uses very little recources.
Thanks @jon I just assumed it would be monitored by default.
Improvement suggestion for the developers:
/etc/collectd.conf.d directory (or /etc/collectd.d if you prefer)/etc/collectd.conf in to the directoryinclude "/etc/collectd.<filename>" entries from bottom of that file and Replace that with include "/etc/collectd.d/*"
I’ve tested this, it works.
This change would make it trivial for IPFire addons to include a file like /etc/collectd.d/<addonname> as a part of the addon. This file could include appropriate process monitoring for the addon and would not require potentially conflicting edits of the /etc/collected.conf file.
Please raise this in the IPFire bugzilla with Improvement Suggestion in the title.
https://wiki.ipfire.org/devel/bugzilla
https://bugzilla.ipfire.org/
Your IPFire people email address and password credentials will also log you into the IPFire Bugzilla.
Thanks. Done: 13074 – Enhancement: Move collectd configuration in subdir so Addons can include monitoring files
you may want to read through all of the posts in this thread:
https://lists.ipfire.org/pipermail/development/2023-January/015247.html