Hi all,monitoring exim has always been a priority for me, starting 12 years ago with nagios and munin, adding some homegrown code on the way to perform anomaly detection (like an authenticated sender suddenly causing dozens of bounces a minute, great indicator for compromised accounts) one server having twice the volume of its peers or processing almost no messages at all,...).
I've been looking for modern time series databases like carbon, influxdb, prometheus,.. for quite a while, but the database never seems to be the issue, the problem usually seems to collect the metrics. I have to admit, I loved the simplicity of munin-plugins and just won't learn C in order to write plugins for collectd...
However, telegraf https://www.influxdata.com/time-series-platform/telegraf/ now seems to be a capable tool in order to get my metrics by parsing logfiles (logparser-plugin) and would support a wide range of backend data stores. So the "collecting metrics" challenge might be completed after all. I tried to get started with a small configuration for exim https://github.com/pvdh/telegraf-logparser-exim/
The TICK stack looks particularly promising, especially Kapacitor to perform detection and alerts based on the metrics collected by telegraf and stored in influxdb.
What are your experiences? I suppose I'll be investing quite some time in my setup and I want the result to last, so does anybody have different suggestions regarding "how to get metrics from exim in a modern backend, get graphs, detect issues, raise alerts"?
I simply don't want start running in the wrong direction, missing better alternatives. ;-)
And of course, if anyone happens to have a more advanced telegraf configuration than I do, any contribution would be greatly appreciated. ;-)
Best regards, Patrick.
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
