GO-2024-2483: Grafana XSS via adding a link in General feature in github.com/grafana/grafana
GO-2024-2510: Grafana Cross-site Scripting (XSS) in github.com/grafana/grafana
GO-2024-2513: Grafana information disclosure in github.com/grafana/grafana
GO-2024-2515: Grafana XSS via the OpenTSDB datasource in github.com/grafana/grafana
GO-2024-2516: Grafana XSS via a column style in github.com/grafana/grafana
GO-2024-2517: Grafana XSS in header column rename in github.com/grafana/grafana
GO-2024-2519: Grafana world readable configuration files in github.com/grafana/grafana
GO-2024-2520: Grafana XSS via a query alias for the ElasticSearch datasource in github.com/grafana/grafana
GO-2024-2523: Grafana stored XSS in github.com/grafana/grafana
GO-2024-2629: Grafana's users with permissions to create a data source can CRUD all data sources in github.com/grafana/grafana
GO-2024-2661: Arbitrary file read in github.com/grafana/grafana
GO-2024-2697: Grafana: Users outside an organization can delete a snapshot with its key in github.com/grafana/grafana
GO-2024-2843: Grafana Email addresses and usernames can not be trusted in github.com/grafana/grafana
GO-2024-2844: Grafana User enumeration via forget password in github.com/grafana/grafana
GO-2024-2847: Grafana Escalation from admin to server admin when auth proxy is used in github.com/grafana/grafana
GO-2024-2848: Grafana when using email as a username can block other users from signing in in github.com/grafana/grafana
GO-2024-2851: Grafana Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins in github.com/grafana/grafana
GO-2024-2852: Grafana account takeover via OAuth vulnerability in github.com/grafana/grafana
GO-2024-2854: Grafana folders admin only permission privilege escalation in github.com/grafana/grafana
GO-2024-2855: Grafana Plugin signature bypass in github.com/grafana/grafana
GO-2024-2856: Grafana Race condition allowing privilege escalation in github.com/grafana/grafana
GO-2024-2857: Grafana Stored Cross-site Scripting in Unified Alerting in github.com/grafana/grafana
GO-2024-2867: Grafana Spoofing originalUrl of snapshots in github.com/grafana/grafana
README
¶
Grafana Unified Alerting High Availability (HA) test setup
A set of docker compose services which together creates a Grafana HA test setup for unified alerting.
Included services
- Grafana
- Mysql - Grafana configuration database, exporter for metrics and session storage
- Prometheus - Monitoring of Grafana and used as data source
- Nginx - Reverse proxy for Grafana and Prometheus. Enables browsing Grafana/Prometheus UI using a hostname
Prerequisites
Build grafana docker container
Build a Grafana docker container from current branch and commit and tag it as grafana/grafana:dev.
$ cd <grafana repo>
$ make build-docker-full
Virtual host names
Alternative 1 - Use dnsmasq
$ sudo apt-get install dnsmasq
$ echo 'address=/loc/127.0.0.1' | sudo tee /etc/dnsmasq.d/dnsmasq-loc.conf > /dev/null
$ sudo /etc/init.d/dnsmasq restart
$ ping whatever.loc
PING whatever.loc (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.076 ms
--- whatever.loc ping statistics ---
1 packet transmitted, 1 received, 0% packet loss, time 1998ms
Alternative 2 - Manually update /etc/hosts
Update your /etc/hosts to be able to access Grafana and/or Prometheus UI using a hostname.
$ cat /etc/hosts
127.0.0.1 grafana.loc
127.0.0.1 prometheus.loc
Start services
$ docker-compose up -d
Browse
Test alerting
TBD
Create alerts
TBD
Create silences
TBD
Documentation
¶
There is no documentation for this package.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.
