cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Don’t Shut Your Pi-Hole, Monitor It! (part 1 of 2)

Level 17

If you’ve read my posts for any length of time, you know I sometimes get caught up in side projects. Whether it’s writing an eBook, creating a series of blog posts about custom SolarWinds reports, or figuring out how to make JSON requests in Perl, when my ADD and inspiration team up to conspire against me, I have no choice but to follow. The good news is I usually learn something interesting along the way.

That’s what this series of posts is going to be about—yet another trip down the technical rabbit hole of my distractibility. Specifically, I implemented Pi-Hole on a spare Raspberry Pi at home, and then decided it needed to be monitored.

In the first part of the series (today’s post), I’m going to give some background on what Pi-Hole and the Raspberry Pi are and how they work. In the next installment, I’ll cover how to monitor it using SolarWinds Server & Application Monitor (SAM).

If you’re impatient, you can download all three of the templates I created from the THWACK content exchange. The direct links are here:

Please note these are provided as-is, for educational purposes only. Do not hold the author, the author’s company, or the author’s dog responsible for any hair loss, poor coffee quality, or lingering childhood trauma.

What Is a Raspberry Pi?

This is a whole computer on a 3.5” x 2.25” board. For those who haven’t had exposure to these amazing little devices, a Raspberry Pi is a small, almost credit-card-sized full computer on a single board. It has a CPU, onboard memory, GPU, and support hardware for a keyboard, mouse, monitor, and network connection.While most people use the operating system “Raspbian” (a Linux Debian variation), it also supports several other OS options built off variants of Linux, RISC, and even Microsoft Windows.

What Is Pi-Hole?

Pi-Hole software makes your home (or, work, if your IT group is open-minded enough) network faster and safer by blocking requests to malicious, unsavory, or just plain obnoxious sites. If you’re using Pi-Hole, it’ll be most noticeable when advertisements on a webpage fail to load like this:

BEFORE: pop-overs and hyperbolic ads.

************************

AFTER: No pop-overs, spam ads blocked

But under the hood, it’s even more significant:

BEFORE: 45 seconds to load

​​

*******************

AFTER: 6 seconds to load

Look in the lower-right corner of each of those images. Load time without Pi-Hole was over 45 seconds. With it, the load time was 6 seconds.You may not think there are many of these, but your computer is making calls out to these sites all the time. Here are the statistics from my house on a typical day.

The Pi-Hole software was originally built for the Raspberry Pi, but has since extended to run on full computers (or VMs) running Ubuntu, CentOS, Debian, or Fedora; or on docker containers hosted on those systems. That said, I’m focusing on the original, Raspberry Pi-based version for this post.

What Is This API?

If you’ve already dug into APIs as part of your work, you can probably skip this section. Otherwise, read on!An Application Programming Interface is a way of getting information out of (or sometimes into) a program without using the normal interface. In the case of Pi-Hole, I could go to the web-based admin page and look at statistics on each screen, but since I want to pull those statistics into my SolarWinds monitoring system, I’m going to need something a bit more straightforward. I want to be able to effectively say directly to Pi-Hole, “How many DNS queries have you blocked so far today?” and have Pi-Hole send back “13,537” without all the other GUI frou-frou.SHAMELESS PROMOTION: If you find the idea of APIs exciting and intriguing, then I should point you toward the SolarWinds Orion Software Developer Kit (SDK)—a full API supporting the language of your choice (Yes, even Perl. Trust me. I tried it.). There’s a whole forum on THWACK dedicated to it. Head over there if you want to find out how to add nodes, assign IP addresses, acknowledge alerts, and other forms of monitoring wizardry.

How Does the Pi-Hole API Work?

If you have Pi-Hole running, you get to the API by going to http://<your pi-hole url>/admin/api.php.There are two modes to extracting data—summary and authorized. Summary mode is what you get when you hit the URL I gave above. It will look something like this:

{”domains_being_blocked”:115897,”dns_queries_today”:284514,”ads_blocked_today”:17865,”ads_percentage_today”:6.279129,”unique_domains”:14761,”queries_forwarded”:216109,”queries_cached”:50540,”clients_ever_seen”:38,”unique_clients”:22,”dns_queries_all_types”:284514,”reply_NODATA”:20262,”reply_NXDOMAIN”:19114,”reply_CNAME”:16364,”reply_IP”:87029,”privacy_level”:0,”status”:”enabled,””gravity_last_updated”:{”file_exists”:true,”absolute”:1567323672,”relative”:{”days”:”3,””hours”:”09,””minutes”:”53”}}}

If you look at it with a browser capable of formatting JSON data, it looks a little prettier:

Meanwhile, the authorized version is specific to certain data elements and requires a token you get from the PiHole itself. You view the stats by adding ?”<the value you want>” along with “&auth=<your token>” to the end of the URL, so to get the TopItems data, it would look something like this:http://192.168.101.10/admin/api.php?topItems&auth=0123456789abcdefg012345679

And the result would be:

You get a token by going to the Pi-Hole dashboard, choosing Settings, clicking the “API/Web Interface” tab, and clicking the “Show Token” button. Meanwhile, the values requiring a token are described on the Discourse page for the Pi-Hole API.

Until Next Time

That’s it for now. In my next post of the series, I’ll dig deep into building the SAM template. Your homework is to repurpose, dust off, or buy a Raspberry Pi, load it up with Pi-Hole, and get it configured. Then you’ll be ready to try out the next steps when I come back.And if you want to have those templates ready to go, you can download them here:

23 Comments
Level 15

Nice Job Leon. And I was only using my PI for playing some old retro gaming favorites

MVP
MVP

WOW .. great information .. I continue to be humbled with so many tools!  I appreciate you taking the time to produce this great document adatole .. I feel quite privileged!!!

Level 13

Wow this is really interesting Leon!  Thanks for publishing this stuff.  I look forward to more. 

MVP
MVP

Nice, I've been tempted to get  PI, but haven't' really found a "need" This could be useful.

Level 13

Nice Leon.  Thanks for sharing.  Been looking for a side project and this looks like the ticket.

MVP
MVP

I love it!

I'm just about to upgrade my P3 to a P4 so will have one spare - just the thing for this

Thank you adatole

MVP
MVP

Level 12

thanks for the article

Level 11

So now I gotta add API to my arsenal. I should be just good enough to gum up the works nicely.  thanks!

Level 13

Thanks for the Article. Looking forward to the rest of the series.

Level 15

If anyone's into retro games on the PI look into Retroflag on Amazon and Youtube and you will find some nice cases/controllers for your PI.

pastedImage_0.png

Level 9

I have a couple of Pi's I won in Thwack contests from years past.  Maybe I should look into this.

Leon's the Pi-Guy!

Level 11

hold on a minute here, if PIs are round, how can they have square roots?  this is very confusing

I am making a bunch of these for people for Christmas, they are really nice

Level 12

I spun it up on a VM at home, very easy to spin up.

Level 13

The Pi master.... Thanks Leon.

Level 20

So it's basically a proxy for you then?

Traffic isn't proxied, I think its all done by DNS. Things at known bad DNS or ad hosts resolve to nothing and don't display the resource

Level 9

Does anybody have SAM running at home?

Level 11

I just run Opera as my primary browser and never worry about this stuff.

Level 7

Pi-Holes are quite effective; even when using Opera as your primary browser.

In my case, pointing primary dns for all my client systems @home (and connect via my VPN when I am on anyone else's Wifi) to a Pi 3+ generally blocks in the vicinity of 30-35% of queries and web browsing experience is a bit snappier.

(I'm putting together a Pi 4 for fun with an SIEM and SOAR platform for starters then maybe Solarwinds or other stuff too).

Screen Shot 2019-11-24 at 10.23.06 AM.png

Level 12

I set up pi-hole at my house. That was great tip to use for both piratical use and a good API to play with.

About the Author
I have been in IT since the dawn of time, even before IBM made personal computers. Working on CPM in the 80's and learning something new every day since then. Now running Virtualization, Server, Network, Storage, Application and Collaboration support team in a modern, forward looking corporate world.