Revision as of 14:11, 19 January 2018

Notes

Netdata Wiki

From the Netdata wiki security page: https://github.com/firehol/netdata/wiki/netdata-security

netdata is a monitoring system. It should be protected, the same way you protect all your admin apps. We assume netdata will be installed privately, for your eyes only.

How to protect a netdata instance from the internet?

As the wiki says: "netdata is a distributed application. Most likely you will have many installations of it. Since it is distributed and you are expected to jump from server to server, there is very little usability to add authentication local on each netdata."

To provide athentication, netdata wiki recommends exposing netdata on a private network interface.

To expose netdata to a private LAN or virtual network by binding to a particular network interface:

[web]
    bind to = 10.1.1.1:19999 localhost:19999

You can also bind netdata to multiple IP addresses and ports. Hostnames will be resolved.

The wiki also notes that virtual management and administration LANs can be created using tools like tincd or gvpe

Digital Ocean guide

Digital Ocean guide to setting up a secure Netdata instance served up via Nginx: https://www.digitalocean.com/community/tutorials/how-to-set-up-real-time-performance-monitoring-with-netdata-on-ubuntu-16-04

Flags

Netdata/Security: Difference between revisions

From charlesreid1

Revision as of 14:11, 19 January 2018

Contents

Notes

Netdata Wiki

Digital Ocean guide

Flags

@@ Line 23: / Line 23: @@
 You can also bind netdata to multiple IP addresses and ports. Hostnames will be resolved.
+The wiki also notes that virtual management and administration LANs can be created using tools like tincd or gvpe
 ==Digital Ocean guide==