Monitoring WireGuard with Prometheus
GitHub user MindFlavor created an exporter for WireGuard that collects metrics from the
wg show all dump command.
Install WireGuard Exporter
You can either compile the exporter from source or use the cargo command to install the exporter. I opted for cargo.
apt-get install cargo
cargo install prometheus_wireguard_exporter
Cargo will download and install everything. Once this was done I copied the prometheus_wireguard_exporter executable to /usr/local/bin/. I’m not 100% positive if this is best practice, if you know a better way shoot me an email.
Once this is all done you should be able to run the exporter and it should show metrics on port 9586.
Create a service
Description=Prometheus WireGuard Exporter
ExecStart=/usr/local/bin/prometheus_wireguard_exporter -n /etc/wireguard/your_config_file_here.conf
If you add the -n flag make sure you add the friendly name metadata to your peers.
# friendly_name = this is a friendly name
PublicKey = lqYcojJMsIZXMUw1heAFbQHBoKjCEaeo7M1WXDh/KWc=
AllowedIPs = 10.70.0.40/32
Get $200 in cloud credits from DigitalOcean using my link: https://m.do.co/t/909d52b6253a