Using Python,Telegraf and Grafana to monitor your miner!

I have a couple mining computers going and compulsion to Grafana everything that comes along. So I wondered how hard it would be to track my miner with Grafana and it turns out, not hard at all.  I use ethermine and they actually provide an API that allows you to call it with your miners address and it returns all sorts of stats, they also have some of the best documentation I’ve seen, and a site to let you test calls to their API (    Heading over there I found that I wanted to make calls to miner/{mineraddress}/currentStats to get the juicy information I wanted, the info I wanted was returned in JSON and it would be in the data key… Well that’s easy enough, it’s not the prettiest script, and it doesn’t check for errors but here it is

#!/usr/bin/env python
import json
import requests

key = '{mineraddress}'
url = '' + key + '/currentStats'

stats = requests.get(url)

print json.dumps(json.loads(stats.text)['data'])

Replace {mineraddress} with your miner address, and run it, and there you go.

You should get something back similar to

{"averageHashrate": 26047453.703703698, "usdPerMin": 0.0006877163189934768, "unpaid": 6366263118749017, "staleShares": 0, "activeWorkers": 1, "btcPerMin": 8.165787167840064e-08, "invalidShares": 0 , "validShares": 29, "lastSeen": 1521771528, "time": 1521771600, "coinsPerMin": 1.3241101293724766e-06, "reportedHashrate": 25752099, "currentHashrate": 32222222.222222224, "unconfirmed": null}


Which shows that currently, I’m making 0.0006 $/minute so I’ll be rich very very soon!

Now all I needed was to get this into Grafana,  my current database of choice has been InfluxDB, mostly because that is what I’ve been using, and the current collector of choice Telegraf.

So I:

  1. Setup influxdb
  2. Created a database for telegraf
  3. Created a write user for telegraf
  4. Setup telegraf
  5. Configured telegraf to use its user and write to influxdb

With that all done (that is basic setup needed for Grafana and I will probably cover it some other time)

I needed a telegraf collector for ethermine.  I moved my ethermine script to /usr/local/sbin and changed then ran

chown telegraf

This might not be the best practice, but it made the script runnable by telegraf

Then I set up an exec config file for in /etc/telegraf.d/ called ethermine.conf

command = "/usr/local/sbin/"
data_format = "json"
interval = "120s"
name_suffix = "-ethermine"

This is pretty straightforward, it tells telegraf to call every 2 minutes (checking the nice API documents show that this is the most often they update the data), expect the data to be returned in json format, and append -ethermine to ‘exec’ so that the data shows up in a separate field in the from selection in Grafana.

Once you have the config file in place test it:

sudo -u telegraf telegraf --config ethermine.conf --test

This should give you a nice line like:

* Plugin: inputs.exec, Collection 1
* Internal: 2m0s
> exec-ethermine,host=ubuntu staleShares=0,activeWorkers=1,reportedHashrate=25873123,usdPerMin=0.0006867597567563183,averageHashrate=26057870.370370366,invalidShares=0,lastSeen=1521771782,btcPerMin=0.00000008182049517386047,currentHashrate=30000000,time=1521772200,coinsPerMin=0.0000013243848360935654,unpaid=6379763169623989,validShares=27 1521772669000000000

That way you know its working, then restart the telegraf service.

sudo service telegraf restart

Now all you have to do is setup some queries that you like in Grafana.   Connect it to your influxdb (setup a read user first) and then I set up some queries like the following:

Hash Rate

Setup a couple of graphs on your dashboard, sit back, and watch your miner rake in the dough 🙂



Finding a VM by MAC address

Sometimes you only have a MAC address.   Whether you are starting from a DHCP log, or DNS entry, or some other source, occasionally you have less info than you would like.  If you find yourself with only a MAC address and a bunch of VMs to dig through then PowerCLI can help you find the machine you want.  It might also give you some tools to audit your environment and make sure everything is actually exactly as you expect it to be.

Once in PowerCLI and connected to VCenter a simple command will list all Network Adapters in our vCenter

Get-NetworkAdapter -VM *

It is then just a matter of filtering this output to match the MAC address we have:

Get-NetworkAdapter -VM * | Where {$_.MacAddress -eq "00:50:56:B2:2E:D9"}

Now that you have the adapter for the Virtual machine you want you can get the VM you want by expanding the parent attribute:

Get-NetworkAdapter -VM * | Where {$_.MacAddress -eq "00:50:56:B2:2E:D9"} | SELECT -expand parent | FT *

You now have all the attributes of the parent machine you could want, maybe just select Name, Host, and notes to narrow it down so you can get right to your target machine.

Get-NetworkAdapter -VM * | Where {$_.MacAddress -eq "00:50:56:B2:2E:D9"} | SELECT -expand parent | SELECT name, vmhost, notes

As a bonus, when using this method we can switch the where clause out and hunt for partial MAC addresses:

Get-NetworkAdapter -VM * | Where {$_.MacAddress -like "00:50:56:B2:*:D9"} | SELECT -expand parent | SELECT name, vmhost, notes

or if you want to find the IP address of the host you can use Get-VMGuest

Get-NetworkAdapter -VM * | Where {$_.MacAddress -like "00:50:56:B2:*:D9"} | SELECT -expand parent | Get-VMGuest

I hope this helps someone else in their time of night hunting down a rouge machine(s) 🙂



Query Microsoft DHCP Scopes

Sometimes you just have a ton of DHCP scopes and you just need to make sure they all have some specific options set the way you want. Scanning through them by hand can be a pain, so here is a quick script to scan over them rapidly.

 $scopes = Get-DhcpServerv4Scope -ComputerName $dnsServer -ErrorAction:SilentlyContinue | Where {$_.Name -like "*$match*"}
 $Report = @()

ForEach ($scope In $scopes) {
 $row = "" | Select ScopeID, Name, Option
 $OptionData = (Get-DhcpServerv4OptionValue -OptionID $option -ScopeID $scope.ScopeID -ComputerName $dnsServer -ErrorAction:SilentlyContinue).Value
 $OptionData = (Get-DhcpServerv4OptionValue -OptionID $option -ScopeID $scope.ScopeID -ComputerName $dnsServer -ErrorAction:SilentlyContinue).Value
 $row.ScopeID = $scope.ScopeID
 $row.Name = $scope.Name
 $row.Option = $OptionData -Join ","
 $Report += $row


This script takes a couple of parameters.  Match lets you specify the name of the scope so that you can filter it down by the specific scopes, and option lets you specify the attribute number you would like to report on and dnsServer lets you specify the server.  Some usage examples:

#report on each scopes gateway where the scope name has "vlan110"
.\dhcp_query.ps1 -dnsServer dhcpServer1 -match vlan110 -option 3

#report on each scopes DNS where the scope name has "vlan110"
.\dhcp_query.ps1 -dnsServer dhcpServer1 -match vlan110 -option 6

#report and then export into a CSV
.\dhcp_query.ps1 -dnsServer dhcpServer1 -match vlan110 -option 6 | Export-CSV -Path dns_voip_options.csv -NoTypeInformation

Finding AD Users that break inheritance

In Active Directory, certain users permissions can break inheritance. Their security settings can be changed so that they do not follow the OU (organizational unit) that they are a part of.  In cases like these permissions issues can become confusing and difficult to track down.

 In order to find them across all of your Active Directory, you can run a simple PowerShell command can be run:


Get-ADUser -Filter 'enabled -eq $true' -Properties ntSecurityDescriptor |  Where-Object { $_.ntSecurityDescriptor.AreAccessRulesProtected }

Export Excel file to PDF

If you want to automate the conversion from XLS to PDF, then PowerShell provides a very straight forward way to do it.  Create an Excel object, load the XLS file, write to PDF.


$xlFixedFormat = “Microsoft.Office.Interop.Excel.xlFixedFormatType” -as [type] 

$excel = New-Object -ComObject excel.application
$workbook = $$InputFileName, 3)
$workbook.Saved = $true
$workbook.ExportAsFixedFormat($xlFixedFormat::xlTypePDF, $OutputFileName)

You then run the code with two parameters, source file, and destination file.


Forcing Users to Reset their Password

Sometimes you have a list of users that have had their accounts compromised.  In a recent incident we received a list of users from Google, that were suspected of having followed links to a phishing scam.  As a precaution we advised the users to reset their passwords, but being users many ignored this.  Since our google accounts are tied to AD it was easy to find out which ones had reset their passwords, remove them from the report and then use the remaining list of email addresses to force those accounts to reset their passwords.

The following script accepts a CSV file with a column labeled “email” and then loops over it. For each email address it finds the AD account with that email address and sets the ChangePasswordAtLogon to true, forcing the users to set a new password on their next login. This script will not match aliases but that would be a relatively easy addition.


$addresses = Import-CSV $FileName 

ForEach ($address in $addresses) {
  #couldn't get to work in the filter, so had to work around it
  $email = $
  $aduser = Get-aduser -Filter "emailaddress -eq '$email'"
  try {
    Set-ADUser $aduser -ChangePasswordAtLogon $true
  } catch {
    Write-Host "Failed to update $email : $_"