Freeradius Stats and Totals

Hi All,

so creating alerts on freeradius is somewhat not possible. Because the Freeradius Extend command pulls data as follow.

FreeRADIUS-Total-Access-Requests = 1365514
FreeRADIUS-Total-Access-Accepts = 58858
FreeRADIUS-Total-Access-Rejects = 1293575
FreeRADIUS-Total-Access-Challenges = 0
FreeRADIUS-Total-Auth-Responses = 1352433
FreeRADIUS-Total-Auth-Duplicate-Requests = 6459
FreeRADIUS-Total-Auth-Malformed-Requests = 0
FreeRADIUS-Total-Auth-Invalid-Requests = 0
FreeRADIUS-Total-Auth-Dropped-Requests = 13077
FreeRADIUS-Total-Auth-Unknown-Types = 0
FreeRADIUS-Total-Accounting-Requests = 4248049
FreeRADIUS-Total-Accounting-Responses = 4237291
FreeRADIUS-Total-Acct-Duplicate-Requests = 0
FreeRADIUS-Total-Acct-Malformed-Requests = 0
FreeRADIUS-Total-Acct-Invalid-Requests = 0
FreeRADIUS-Total-Acct-Dropped-Requests = 10749
FreeRADIUS-Total-Acct-Unknown-Types = 0
FreeRADIUS-Total-Proxy-Access-Requests = 0
FreeRADIUS-Total-Proxy-Access-Accepts = 0
FreeRADIUS-Total-Proxy-Access-Rejects = 0
FreeRADIUS-Total-Proxy-Access-Challenges = 0
FreeRADIUS-Total-Proxy-Auth-Responses = 0
FreeRADIUS-Total-Proxy-Auth-Duplicate-Requests = 0
FreeRADIUS-Total-Proxy-Auth-Malformed-Requests = 0
FreeRADIUS-Total-Proxy-Auth-Invalid-Requests = 0
FreeRADIUS-Total-Proxy-Auth-Dropped-Requests = 0
FreeRADIUS-Total-Proxy-Auth-Unknown-Types = 0
FreeRADIUS-Total-Proxy-Accounting-Requests = 4178716
FreeRADIUS-Total-Proxy-Accounting-Responses = 4178684
FreeRADIUS-Total-Proxy-Acct-Duplicate-Requests = 0
FreeRADIUS-Total-Proxy-Acct-Malformed-Requests = 0
FreeRADIUS-Total-Proxy-Acct-Invalid-Requests = 0
FreeRADIUS-Total-Proxy-Acct-Dropped-Requests = 0
FreeRADIUS-Total-Proxy-Acct-Unknown-Types = 0
FreeRADIUS-Stats-Start-Time = "Dec  4 2019 14:40:08 SAST"
FreeRADIUS-Stats-HUP-Time = "Dec 12 2019 06:25:08 SAST"
FreeRADIUS-Queue-Len-Internal = 0
FreeRADIUS-Queue-Len-Proxy = 0
FreeRADIUS-Queue-Len-Auth = 0
FreeRADIUS-Queue-Len-Acct = 0
FreeRADIUS-Queue-Len-Detail = 0

which means if I want to create a rule that looks at Access Requests IF it goes below 200 “ALERT me”
but it wont work because its logged as TOTAL which will never go down unless freeradius is restarted.

How does LibreNMS Graph Radius as follow.
Libre Graphs the Requests and Accepts eg. as per second.

image

But in the DB it looks the same as the Extend Freeradius Script.
image

So how can I alert on the graph statistics?

Thanks for the read

Hello.

I’ve did some ‘lab’ here. All of the metrics are kept in DB, so it’s kind easy to do.
What you need is to estimate the average amount on such packets on your network.

Then run this SQL query:

MariaDB [librenms]> select metric,value,value_prev from application_metrics where app_id = ‘12’ AND metric = ‘access_requests’;
±----------------±------±-----------+
| metric | value | value_prev |
±----------------±------±-----------+
| access_requests | 215 | 152 |
±----------------±------±-----------+

It returns metrics for access_requests. As you see - there is value and value_prev. After estimating average amount of packets you can do easy math in SQL query, compare value_prev and current value.

Remember that it would require to run polling for freeradius module more often.
For me running poller.php (only an FreeRadius module) takes about 3 seconds, so you can easily run it for example - twice a minute and set a correct value in alert then.

time ./poller.php -h 557 -m applications/freeradius
real 0m3,713s
user 0m0,272s
sys 0m0,056s

Here you got simple SQL rule for alert (remember tuning it to your setup) and enabling ‘SQL Override’:

select (value-value_prev) as requests from application_metrics where app_id = ‘12’ AND metric = ‘access_requests’ HAVING requests < 100;

This alert would trigger if difference between previous metric and current drops lower than 100.
In my environment calling the poller script twice a minute and this rule triggers as soon as amount of requests drop to alarming level.

I hope it helps.

1 Like

You are a live saver Thank you very much!!!

Guys Please note that this is how I set it up and its working 100%

On your Alert

Custom SQL

SELECT *,(value-value_prev) as 'requests' FROM devices,applications,application_metrics WHERE (devices.device_id = ? AND devices.device_id = applications.device_id AND applications.app_id = application_metrics.app_id) AND metric = 'access_requests' HAVING requests < 100

and the nice guy I am here is my alert Template.

<div style="font-family:Helvetica;">

<b> @if ($alert->state == 1) <span style="color:red; font-size: 20px;">Freeradius Requests Error </b>  @endif 
<b> @if ($alert->state == 0) <span style="color:green; font-size: 20px;">Freeradius Recovered </b>  @endif  
</span></b>
<br><br>
 @if ($alert->faults) 
 @foreach ($alert->faults as $key => $value)
<b>Device:</b>  @if ($alert->transport == mail)  
<a href="https://xx/device/device={{ $alert->device_id }}/">{{ $alert->sysName }}</a>
 @else 
{{ $alert->sysName }}
 @endif  <br>
<b>Device IP:</b> {{ $alert->ip }}<br>
<b>Device OS:</b> {{ $alert->os }}<br>
<br>
<b>Device Type:</b> {{ $alert->type }}<br>
<b>Ping Timestamp:</b> {{ $alert->ping_max }}<br>
<br>
<b>Uptime:</b> {{ $alert->uptime_long }}<br>
<b>⏳ Duration:</b> {{ $alert->elapsed }}<br>
<br>
<b>Requests Per Poll:</b> {{ $value['requests'] }}<br>
<b>Total Requests:</b> {{ $value['value'] }}<br>
<br>
<br>
<b>Alert:</b> {{ $alert->name }}<br>
 @endforeach
@if ($alert->faults) <b>Freeradius:</b><br>
@foreach ($alert->faults as $key => $value)<img src="https://xx/graph.php?&id={{ $value['app_id'] }}&type=application_freeradius_access&width=459&height=213&lazy_w=552&from=end-72h"><br>
<br>
<br>



<html>
   <head>
      <title>Postfix Queue</title>
      <style>
  .button {
  background-color: #4CAF50; /* Green */
  border: black;
  color: black;
  padding: 15px 32px;
  text-align: center;
  text-decoration: none;
  display: inline-block;
  font-size: 20px;
  margin: 4px 2px;
  cursor: pointer;
  -webkit-transition-duration: 0.4s; /* Safari */
  transition-duration: 0.4s;
         }
.button2:hover {
  box-shadow: 0 12px 16px 0 rgba(0,0,0,0.24),0 17px 50px 0 rgba(0,0,0,0.19);
      </style>
   </head>
   <body>
      <a href="https://xx/device/device={{ $value['device_id'] }}" button class="button button2">Enter Host</button> </a>
   </body>
</html>
@endforeach  
@endif
@endif
</div>

Good job. I’m glad I could help. :wink:

1 Like