Skip to main content

WireGuard monitoring with Netdata

WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography.

This module monitors WireGuard VPN network interfaces and peers traffic.

Requirements

  • Grant CAP_NET_ADMIN capability to go.d.plugin.

    sudo setcap CAP_NET_ADMIN+epi <INSTALL_PREFIX>/usr/libexec/netdata/plugins.d/go.d.plugin

Metrics

All metrics have "wireguard." prefix.

MetricScopeDimensionsUnits
device_peersdevicepeerspeers
device_network_iodevicereceive, transmitB/s
peer_network_iopeerreceive, transmitB/s
peer_latest_handshake_agopeertimeseconds

Configuration

No configuration needed.

Troubleshooting

To troubleshoot issues with the wireguard collector, run the go.d.plugin with the debug option enabled. The output should give you clues as to why the collector isn't working.

  • Navigate to the plugins.d directory, usually at /usr/libexec/netdata/plugins.d/. If that's not the case on your system, open netdata.conf and look for the plugins setting under [directories].

    cd /usr/libexec/netdata/plugins.d/
  • Switch to the netdata user.

    sudo -u netdata -s
  • Run the go.d.plugin to debug the collector:

    ./go.d.plugin -d -m wireguard

Was this page helpful?

Contribute