14 Říj
2025
14 Říj
'25
13:38
Hello,
I'm doing tests of filtering DNS with RPZ lists. Now, I would like to collect stats
and metrics about blocked requests (blocked domains, sources IP, count of blocked
requests...).
In journalctl I have logs like this : "[rules ] => local data applied, user:
xxx.xxx.xxx.xxx, name: blocked-domain.tld." Main infos I want to collect exist.
Is there a way to do this with Prometheus format metrics + Grafana ? I didn't really
find anything in documentation.
Thank you so much if you have a tip to help me.
15 Říj
15 Říj
9:30
Hello.
On 14/10/2025 13.38, Stephane Paillet wrote:
I'm doing tests of filtering DNS with RPZ lists.
Now, I would like to collect stats and metrics about blocked requests (blocked domains,
sources IP, count of blocked requests...).
In journalctl I have logs like this : "[rules ] => local data applied, user:
xxx.xxx.xxx.xxx, name: blocked-domain.tld." Main infos I want to collect exist.
Is there a way to do this with Prometheus format metrics + Grafana ? I didn't really
find anything in documentation.
No, we don't collect these counts so far.
And I don't expect we could expose them as metrics in a straightforward
way, as there might be like millions of different domains in your
blocklists and the user count could be way too large, too. Maybe
prometheus could be OK with exposing just some changing set of top
names/users, but we currently don't even have suitable data structures
for that internally.
--Vladimir
10:28
Thank you so much for your answer.
The point was mainly to know if it's possible to collect informations
about users requests trying to join domains in the blocklist. Not
necessarily connexions details.
Have a nice days.
--Stephane
Le 15/10/2025 à 09:30, Vladimír Čunát a écrit :
Hello.
On 14/10/2025 13.38, Stephane Paillet wrote:
I'm doing tests of filtering DNS with RPZ
lists. Now, I would like to collect stats and metrics about blocked requests (blocked
domains, sources IP, count of blocked requests...).
In journalctl I have logs like this : "[rules ] => local data applied, user:
xxx.xxx.xxx.xxx, name: blocked-domain.tld." Main infos I want to collect exist.
Is there a way to do this with Prometheus format metrics + Grafana ? I didn't really
find anything in documentation.
No, we don't collect these counts so far.
And I don't expect we could expose them as metrics in a
straightforward way, as there might be like millions of different
domains in your blocklists and the user count could be way too large,
too. Maybe prometheus could be OK with exposing just some changing
set of top names/users, but we currently don't even have suitable data
structures for that internally.
--Vladimir
15
days inactive
16
days old
knot-resolver-users@lists.nic.cz
2 comments
2 participants
participants (2)
-
Stephane Paillet -
Vladimír Čunát