Securing Grafana
To secure Grafana, complete this task.
Prerequisites
InfluxDB must be configured for HTTPS connections.
Procedure
-
Obtain and install a certificate and private key for the Grafana server.
Ensure that the private key file is protected from unauthorized access.
Grafana uses this certificate to identify itself to its web clients.
-
Configure the Grafana server for HTTPS connections from its clients.
-
In a text editor, open the configuration file
FTL_HOME/monitoring/grafana/conf/default.ini.
-
Locate the
server section.
-
Set
protocol=https.
-
Set
cert_file to the location of the Grafana server's certificate.
-
Set
cert_key to the location of the Grafana server's key file.
For more detail, see Grafana documentation.
-
Restart the Grafana server.
-
In a browser, log in to the Grafana server.
Supply a URL with HTTPS as the protocol.
-
In the Grafana server web GUI, modify the data source definition for FTL to use HTTPS.
Supply the location of the InfluxDB server's certificate, so the Grafana server trusts the InfluxDB server.
For details, see Grafana documentation.
Copyright © Cloud Software Group, Inc. All rights reserved.
