Looking for Perfect Dashboard: InfluxDB, Telegraf and Grafana – Part XVI – Performance and Advanced Security of Veeam Backup for Microsoft Office 365

Greetings friends, I come to the sixteenth post on InfluxDB, Telegraf and Grafana, you can find all the posts on InfluxDB, Telegraf and Grafana here. Today I bring you a new entry, in this case it is a Dashboard focused on advanced security when we use Veeam Backup for Microsoft Office 365.

Veeam Backup for Microsoft Office 365 is in charge of protecting our elements in Office 365, be it all the mailboxes we have in Exchange Online, or SharePoint Online and even OneDrive for Business, I also leave you the entire category on this product (remember that there is a Community Edition with up to 10 free users, without paying anything).

Veeam Backup for Microsoft Office 365 Dashboard

At the end of the entry you will have something similar to that Dashboard that will allow you to visualize:

General Description Section

  • Total MB restored with Veeam Explorer for Exchange
  • Number of times Veeam Explorer for Exchange has been opened
  • Number of times Veeam Explorer for OneDrive for Business has been opened
  • Number of times Veeam Explorer for SharePoint Online has been opened
  • Number of RESTFulAPI keys that have been created or updated
  • Number of completed RESTFulAPI queries

Server Performance Section

  • VBO servers uptime
  • Uptime, connectivity, to outlook.office365.com from VBO servers
  • CPU usage of VBO servers
  • RAM usage of VBO servers
  • VBO Server Disk Usage
  • Network use of VBO servers
  • Latency in ms to outlook.office365.com from VBO servers

Security Logs

  • Items restored using Veeam Explorer for Exchange Online, from which user to which user
  • Items restored using Veeam Explorer for OneDrive for Enterprise, item name only
  • Items restored using Veeam Explorer for SharePoint Online, URL for now and whether it was restored to Original Location or restored to Cloud

Topology with all logic components

This entry is a little different from the previous ones, since in this case we will use telegraf for Microsoft Windows to collect logs and metrics from the Veeam Backup for Microsoft Office 365 servers. The design would be something similar to this:As we can see, the telegraf agent will collect all the logs, the parseara, as well as the counters with metrics, and sends them to InfluxDB, from where we can view them comfortably with Grafana.

Download and install as telegraf service for Microsoft Windows

Although I told you the steps a few years ago, let’s see the updated steps, the first thing will be to download the latest version of Telegraf for Windows from GitHub:

Create a folder in C:/Program Files/Telegraf and extract the files inside:

From a PowerShell or CMD console, as administrator, we will launch the following:

And already with this we would have telegraf installed, to start it, we could launch it testing the config with the following command:

Or a simple one:

Since we have everything ready, let’s go to the next step to see what we need to add to the configuration file.

Configuration of telegraf.conf for Veeam Backup for Microsoft Office 365

The telegraf configuration file is quite dense, the first thing we will have to edit as always is the output, where we will have to configure the path of the InfluxDB where we are sending data, in my case:

In addition to this basic, this is the recommended configuration to be able to parse the necessary logs of Veeam Backup for Microsoft Office 365, apart from the ping input:

With this file telegraf.conf ready, please edit if you have the logs in another location or something, we can start the service:

 

 

We can do a more of the telegraf.log to see if there are any errors.

Note: In case you have very old logs, this will make you see hundreds of thousands of metrics, so I recommend you to increase the maximum output to be able to ingest everything:

We’ve got everything, we’re going to the next step.

Checking that we are ingesting information with Chronograf

The normal thing at this point, if we have done all the steps well, is that we are already sending information compiled by the script to InfluxDB, if we do a search using the wonderful Chronograf, we can check that we have information:All the variables of this new Veeam script for VBO are stored in veeam_office365_audit_* so it’s really easy to find them.

Grafana Dashboards

I have created a Dashboard from scratch selecting the best requests to the database, finishing off colors, thinking what graphic and how to show it, and everything is automated so that it fits our environment without any problem and without having to edit anything manually. You can find the Dashboard here, once imported, you can use the top dropdown menus to select between organizations, backups, repositories and proxies:

How to Import the Grafana Dashboards

So that you don’t have to waste hours configuring a new Dashboard, and ingesting and debugging queries, I’ve already created four wonderful Dashboards with everything you need to monitor our environment in a very simple way, you’ll look like the image I showed you above. From our Grafana, we’ll do Create – Import.Select the name you want and enter the ID: 10349, which is the unique ID of the Dashboard, or the URL:

With the menus above you can deploy and adjust the Dashboard to your organization, VBO Server, disks, etc:

Please leave your feedback in the comments, or in GitHub.
If you want to see them working without installing anything, here is the link to my environment:

Nothing more, folks, I hope you like it, and I’d like to leave the whole series here:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.