Monitor Cloudflare Tunnel with Grafana
Grafana ↗ is a dashboard tool that visualizes data stored in other databases. You can use Grafana to convert your tunnel metrics into actionable insights.
It is not possible to push metrics directly from cloudflared
to Grafana. Instead, cloudflared
runs a Prometheus ↗ metrics endpoint, which a Prometheus server periodically scrapes. Grafana then uses Prometheus as a data source to present metrics to the administrator.
flowchart LR subgraph 192.168.1.1 A[cloudflared]-->B[Metrics endpoint] end B--->C subgraph 192.168.1.2 C[Prometheus server]-->D[Grafana dashboard] end
This tutorial covers how to create the metrics endpoint, set up the Prometheus server, and view the data in Grafana.
Before you begin
- You will need a Cloudflare Tunnel. To create a tunnel, refer to our getting started guide.
Create the metrics endpoint
If your tunnel was created via the CLI, run the following command on the cloudflared
server (192.168.1.1
):
If your tunnel was created via the dashboard, the —metrics flag must be added to your cloudflared
system service configuration. Refer to Add tunnel run parameters for instructions on how to do this.
Set up Prometheus
On the Prometheus and Grafana server (192.168.1.2
):
-
Download ↗ Prometheus.
-
Extract Prometheus:
-
Open
prometheus.yml
in a text editor and add thecloudflared
job to the end of the file: -
Start Prometheus:
You can optionally configure Prometheus to run as a service so that it does not need to be manually started if the machine reboots.
-
Open a browser and go to
http://localhost:9090/
. You should be able to access the Prometheus dashboard. -
To verify that Prometheus is fetching tunnel metrics, enter
cloudflared_tunnel_total_requests
into the expression console and select Execute.
Refer to Available metrics to check what other metrics are available.
Connect Grafana to Prometheus
-
Download ↗ and install Grafana.
-
Start Grafana as a system service:
-
Verify that Grafana is running:
-
Open a browser and go to
http://localhost:3000/
. The default HTTP port that Grafana listens to is3000
unless you have configured a different port. -
On the sign-in page, enter your Grafana credentials.
To test without an account, you can enter
admin
for both the username and password and skip the password change step. -
In Grafana, go to Connections > Data sources.
-
Select Add a new data source and select Prometheus.
-
In the Prometheus server URL field, enter the IP address and port of your Prometheus dashboard (
http://localhost:9090
). -
Select Save & test.
Build Grafana dashboard
- In Grafana, go to Dashboards > New > New dashboard.
- Select Add visualization.
- Select Prometheus.
- In the metrics field, enter
cloudflared_tunnel_total_requests
and select Run queries. You will see a graph showing the number of requests as a function of time.
You can add operations to the queries to modify what is displayed. For example, you could show all tunnel requests over a recent period of time, such as a day, rather than all tunnel requests since metrics began reporting.