Unbound
Overview
This plugin gathers stats from Unbound - a validating, recursive, and caching DNS resolver.
Configuration
# A plugin to collect stats from the Unbound DNS resolver
[[inputs.unbound]]
## Address of server to connect to, read from unbound conf default, optionally ':port'
## Will lookup IP if given a hostname
server = "127.0.0.1:8953"
## If running as a restricted user you can prepend sudo for additional access:
# use_sudo = false
## The default location of the unbound-control binary can be overridden with:
# binary = "/usr/sbin/unbound-control"
## The default location of the unbound config file can be overridden with:
# config_file = "/etc/unbound/unbound.conf"
## The default timeout of 1s can be overridden with:
# timeout = "1s"
## When set to true, thread metrics are tagged with the thread id.
##
## The default is false for backwards compatibility, and will be changed to
## true in a future version. It is recommended to set to true on new
## deployments.
thread_as_tag = false
Permissions
It's important to note that this plugin references unbound-control, which may require additional permissions to execute successfully. Depending on the user/group permissions of the user executing this plugin, you may need to alter the group membership, set facls, or use sudo.
Group membership (Recommended):
$ groups cua
cua : cua
$ usermod -a -G unbound cua
$ groups cua
cua : cua unbound
Sudo privileges:
If you use this method, you will need the following in your config:
[[inputs.unbound]]
use_sudo = true
You will also need to update your sudoers file:
$ visudo
# Add the following line:
Cmnd_Alias UNBOUNDCTL = /usr/sbin/unbound-control
cua ALL=(ALL) NOPASSWD: UNBOUNDCTL
Defaults!UNBOUNDCTL !logfile, !syslog, !pam_session
Please use the solution you see as most appropriate.