sudo systemctl status grafana-server cat /lib/systemd/system/grafana-server.service sudo systemctl enable grafana-server sudo systemctl status prometheus cat /etc/systemd/system/prometheus.service sudo systemctl enable prometheus //Create Prometheus service file sudo nano -w /etc/systemd/system/prometheus.service //Paste in Prometheus service file below //Reload service daemon sudo systemctl daemon-reload //Create Prometheus user basics mv prometheus-2.22.0.linux-amd64 prometheus-files sudo useradd --no-create-home --shell /bin/false prometheus sudo mkdir /etc/prometheus sudo mkdir /var/lib/prometheus sudo chown prometheus:prometheus /etc/prometheus sudo chown prometheus:prometheus /var/lib/prometheus sudo cp prometheus-files/prometheus /usr/local/bin/ sudo cp prometheus-files/promtool /usr/local/bin/ sudo chown prometheus:prometheus /usr/local/bin/prometheus sudo chown prometheus:prometheus /usr/local/bin/promtool sudo cp -r prometheus-files/consoles /etc/prometheus sudo cp -r prometheus-files/console_libraries /etc/prometheus sudo chown -R prometheus:prometheus /etc/prometheus/consoles sudo chown -R prometheus:prometheus /etc/prometheus/console_libraries //Enable telemetry on Check Point Servers vi skylinepayload.json //Paste this into file, save - ESC key, then :wq to save { "enabled": true, "export-targets": {"add": [ { "enabled": true, "type": "prometheus-remote-write", "url": "http://:9090/api/v1/write" } ]} } //Then run this command: /opt/CPotelcol/sklnctl export -–set "$(cat skylinepayload.json)" ----- Joe Lab files ----- //Prometheus service file [Unit] Description=Prometheus Wants=network-online.target After=network-online.target [Service] User=prometheus Group=prometheus Type=simple ExecStart=/home/administrator/prometheus-files/prometheus \ --config.file /home/administrator/prometheus-files/prometheus.yml \ --storage.tsdb.path /var/lib/prometheus/ \ --web.console.templates=/etc/prometheus/consoles \ --web.console.libraries=/etc/prometheus/console_libraries \ --web.enable-remote-write-receiver [Install] WantedBy=multi-user.target ----- //Grafana service file [Unit] Description=Grafana instance Documentation=http://docs.grafana.org Wants=network-online.target After=network-online.target After=postgresql.service mariadb.service mysql.service [Service] EnvironmentFile=/etc/default/grafana-server User=grafana Group=grafana Type=simple Restart=on-failure WorkingDirectory=/usr/share/grafana RuntimeDirectory=grafana RuntimeDirectoryMode=0750 ExecStart=/usr/share/grafana/bin/grafana server \ --config=${CONF_FILE} \ --pidfile=${PID_FILE_DIR}/grafana-server.pid \ --packaging=deb \ cfg:default.paths.logs=${LOG_DIR} \ cfg:default.paths.data=${DATA_DIR} \ cfg:default.paths.plugins=${PLUGINS_DIR} \ cfg:default.paths.provisioning=${PROVISIONING_CFG_DIR} LimitNOFILE=10000 TimeoutStopSec=20 CapabilityBoundingSet= DeviceAllow= LockPersonality=true MemoryDenyWriteExecute=false NoNewPrivileges=true PrivateDevices=true PrivateTmp=true ProtectClock=true ProtectControlGroups=true ProtectHome=true ProtectHostname=true ProtectKernelLogs=true ProtectKernelModules=true ProtectKernelTunables=true ProtectProc=invisible ProtectSystem=full RemoveIPC=true RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX RestrictNamespaces=true RestrictRealtime=true RestrictSUIDSGID=true SystemCallArchitectures=native UMask=0027 [Install] WantedBy=multi-user.target