How to monitor servers at client site without port forwarding?

Need help. We tried and really like telegraf and grafana locally within our local network, we are trying to see what is the best way to monitor client servers who are remote and we do not have VPN for those clients.

Does telegraf and grafana support either: http-tunneling, udp hole punching or auto GRE tunneling?

Or if there is another way that we can monitor remote servers where for clients where we do not have access to the network equipment on the site?

I would say those are two different pairs of boots.
What you are describing is a network problem.


To keep a few things apart:

  • Grafana is responsible for the visualization and is/has no database itself, but can generate the desired visualizations from many databases (e.g. InfluxDB). Grafana therefore needs at least one database as a source.
  • I assume you use InfluxDB, otherwise you would not ask here.
  • Telegraf is the data collector agent, which collects data from different sources and pushes them into InfluxDB. Telegraf itself is/has no database.

The mentioned three components can run on the same machine or on completely different machines, if needed these components can be scaled. How to orchestrate these components and build an architecture now depends very much on the individual use case.

In this case, I would reverse the direction. I would have the clients send the monitoring data to a central InfluxDB instance (or via a proxy).
On the clients I would run a Telegraf agent, which takes over the pushing of the data.
Or a separate script with an InfluxDB client library.

Thank You for the update! We just set up everything locally (Grafana, InfluxDB, and Telegraf), it looks really great for monitoring.

Do you have any proxy setup pointers or separate scripts that you can point us in the right direction?

Personally, I would use a Telegraf instance as a proxy between the clients and InfluxDB. But this is just my opinion.

There are already some client libraries for InfluxDB.
I would take the one that fits best to the clients (or client applications) and/or in the programming language I know best.


How you build your whole monitoring architecture depends on many factors, for example:

  • how many clients?
  • what amount of data per client?
  • how performant are your clients?
  • how stable is the internet connection?
  • how fail-safe does the monitoring have to be?
  • what should happen with the monitoring data in the influxdb?
  • how long should the data be kept?
  • and many more.