Securing Grafana

To secure Grafana, complete this task.

Before you begin InfluxDB must be configured for HTTPS connections.
    Procedure
  1. Obtain and install a certificate and private key for the Grafana server.
    Ensure that the private key file is protected from unauthorized access.
    Grafana uses this certificate to identify itself to its web clients.
  2. Configure the Grafana server for HTTPS connections from its clients.
    1. In a text editor, open the configuration file FTL_HOME/monitoring/grafana/conf/default.ini.
    2. Locate the server section.
    3. Set protocol=https.
    4. Set cert_file to the location of the Grafana server's certificate.
    5. Set cert_key to the location of the Grafana server's key file.
    For more detail, see Grafana documentation.
  3. Restart the Grafana server.
  4. In a browser, log in to the Grafana server.
    Supply a URL with HTTPS as the protocol.
  5. In the Grafana server web GUI, modify the data source definition for FTL to use HTTPS.
    Supply the location of the InfluxDB server's certificate, so the Grafana server trusts the InfluxDB server.
    For details, see Grafana documentation.