This guide is obsoleted now as this capability is included in default installation of visual traffic. In latest version we use Clickhouse powered notifications instead of InfluxDB.

In this guide you can enable attack notification in FastNetMon. This guide assumes that you configured InfluxDB properly using Visual Traffic guide. This capability is available only for FastNetMon Advanced.

It will look like:

Please open any dashboard where you need this information (we suggest using “FastNetMon Advanced Total traffic”). Then find button with gear sign on top of screen and press it.

Then select “annotations” on left panel and press “Add Annotation Query” button.

Name: FastNetMonAttacks
Data source: InfluxDB

Query:

select title, tags, text from events where $timeFilter

Field mappings:

Text: text
Tags: tags

And save all changes with “Save” button on left side.

You need to use following mode from FastNetMon to enable this feature :

sudo fcli set main influxdb_attack_notification enable
sudo fcli commit

Finally, please test integration using ban function for some test IP address (be careful, FastNetMon will block it!):

sudo fcli set blackhole 11.22.33.44

24/7 Tech Support

support@fastnetmon.com

Email Us

sales@fastnetmon.com