update,host=HAL-proxmox regular=0i,security=1i,dist="Debian GNU/Linux 11 (bullseye)"
update,host=HAL-ubuntu-LTS regular=0i,security=0i,dist="Ubuntu 22.04.1 LTS",vmid="103",object="lxc"
update,host=HAL-edomi-dev regular=14i,security=5i,dist="Rocky Linux 8.6 (Green Obsidian)",vmid="20231",object="lxc"
update,host=HAL-edomi-P1 regular=14i,security=5i,dist="Rocky Linux 8.6 (Green Obsidian)",vmid="20232",object="lxc"
update,host=HAL-TVH regular=0i,security=0i,dist="Ubuntu 22.04.1 LTS",vmid="30018",object="lxc"
update,host=HAL-30 regular=0i,security=0i,dist="Ubuntu 22.04.1 LTS",vmid="30019",object="lxc"
update,host=HAL-pihole regular=0i,security=0i,dist="Ubuntu 22.04.1 LTS",vmid="30096",object="lxc"
update,host=HAL-pihole-IOT regular=0i,security=0i,dist="Ubuntu 22.04.1 LTS",vmid="80096",object="lxc"
update,host=HAL-AVAHI regular=0i,security=0i,dist="Ubuntu 18.04.5 LTS",vmid="99098",object="lxc"
update,host=HAL-11 regular=0i,security=0i,dist="Ubuntu 22.04.1 LTS",vmid="10018",object="qemu"
update,host=HAL-proxmox_SUM regular=28i,security=11i​
​

sudo nano /etc/telegraf/script/upgrade_check_guest.sh

#!/usr/bin/env bash
REG_SUM=()
SEC_SUM=()
REG=()
SEC=()
OUTPUT=""

check_update_lxc () {
HOST=$(sudo pct list | grep $1 | awk '{print $3}')
DIST=$(sudo lxc-attach -n $1 -- cat /etc/*release | grep "\PRETTY" | sed -e 's/[^"]*"\(.*\)/"\1/g')
ID_LIKE=$(sudo lxc-attach -n $1 -- cat /etc/*release | grep "\ID_LIKE" | sed -e 's/.*=\(.*\)/\1/' | sed 's/"//g')
case "$ID_LIKE" in
debian)
sudo lxc-attach -n $1 -- apt-get update -qq
REG=$(sudo lxc-attach -n $1 -- apt list --upgradable 2>/dev/null | grep "\/stable" | grep -v "\-security" | wc -l)
SEC=$(sudo lxc-attach -n $1 -- apt list --upgradable 2>/dev/null | grep "\/stable" | grep "\-security" | wc -l)
let "REG_SUM+=${REG}"
let "SEC_SUM+=${SEC}"
;;
"rhel centos fedora")
sudo lxc-attach -n $1 -- yum --quiet check-update 1> /dev/null
ALL=$(sudo lxc-attach -n $1 -- yum check-update | grep "\.el" | wc -l)
SEC=$(sudo lxc-attach -n $1 -- yum check-update --security | grep "\.el" | wc -l)
let "REG=${ALL}-${SEC}"
let "REG_SUM+=${REG}"
let "SEC_SUM+=${SEC}"
;;
esac
OUTPUT+="update,host=${HOST} regular=${REG}i,security=${SEC}i,dist=${DIST},vmid=\"${1}\",object=\"lxc\""$'\n'
}​

check_update_qemu () {
HOST=$(sudo qm guest exec $1 "hostname" | jq -r '."out-data"')
DIST=$(sudo qm guest exec $1 cat /etc/*release | jq -r '."out-data"' | grep "\PRETTY" | sed -e 's/[^"]*"\(.*\)/"\1/g')
ID_LIKE=$(sudo qm guest exec $1 cat /etc/*release | jq -r '."out-data"' | grep "\ID_LIKE" | sed -e 's/.*=\(.*\)/\1/' | sed 's/"//g')
case "$ID_LIKE" in
debian)
dummy=$(sudo qm guest exec $1 "apt-get" -- "update" "-qq")
REG=$(sudo qm guest exec $1 "apt" -- "list" "--upgradable" | jq -r '."out-data"' | grep "\/stable" | grep -v "\-security" | wc -l)
SEC=$(sudo qm guest exec $1 "apt" -- "list" "--upgradable" | jq -r '."out-data"' | grep "\/stable" | grep "\-security" | wc -l)
let "REG_SUM+=${REG}"
let "SEC_SUM+=${SEC}"
;;
"rhel centos fedora")
dummy=$(sudo qm guest exec $1 "yum" -- "--quiet" "check-update" "1> /dev/null")
ALL=$(sudo qm guest exec $1 "yum" -- "check-update" | jq -r '."out-data"' | grep "\.el" | wc -l)
SEC=$(sudo qm guest exec $1 "yum" -- "check-update" "--security" | jq -r '."out-data"' | grep "\.el" | wc -l)
let "REG=${ALL}-${SEC}"
let "REG_SUM+=${REG}"
let "SEC_SUM+=${SEC}"
;;
esac
OUTPUT+="update,host=${HOST} regular=${REG}i,security=${SEC}i,dist=${DIST},vmid=\"${1}\",object=\"qemu\""$'\n'
}​

# A) Check upgrade for the Host
# regular updates | security updates | hostname | distribution/version
sudo apt-get update -qq
REG=$(sudo apt list --upgradable 2>/dev/null | grep "\/stable" | grep -v "\-security" | wc -l)
SEC=$(sudo apt list --upgradable 2>/dev/null | grep "\/stable" | grep "\-security" | wc -l)
let "REG_SUM+=${REG}"
let "SEC_SUM+=${SEC}"
HOST1=$(hostname)
DIST=$(sudo cat /etc/*release | grep "\PRETTY" | sed -e 's/[^"]*"\(.*\)/"\1/g')
OUTPUT+="update,host=${HOST1} regular=${REG}i,security=${SEC}i,dist=${DIST}"$'\n '

## B) Check upgrades for all active LXC containers
for cx in `sudo lxc-ls --active --line`; do
# echo -e "LXC:$cx"
check_update_lxc $cx
done

## C) Ckeck upgrades for all active VM/QEMU
for vm in $(sudo qm list | grep "\running" | awk '{print $1}'); do
# echo -e "VM:$vm"
check_update_qemu $vm
done

## D) SUM over all
OUTPUT+="update,host=${HOST1}_SUM regular=${REG_SUM}i,security=${SEC_SUM}i"$'\n'

## Final output with \n for influxDB line protocol (Lines separated by the newline character \n represent a single point in InfluxDB)
# For MQTT-outbound processor option 'batch=true' is needed
echo "$OUTPUT"​

sudo nano /etc/telegraf/telegraf.conf

[[inputs.exec]]
alias = "update_check"
interval = "3600s"
commands = [ "/etc/telegraf/script/upgrade_check_guest.sh" ]
timeout = "120s"
name_override = "update"
data_format = "influx"

[[outputs.influxdb_v2]]
urls = <DEININFLUXDB2>
token = <DEINTOKEN>
organization = "orga"
bucket = "technik"
insecure_skip_verify = true
precision = "s"
namepass = ["update"]

[[outputs.mqtt]]
servers = <DEINMQTT>
namepass = ["update"]
topic_prefix = "status"
qos = 2
username = <USER>
password = <DEINPW>
insecure_skip_verify = true
batch = true
data_format = "json"​

sudo visudo -f /etc/sudoers.d/telegraf

telegraf ALL=NOPASSWD:/usr/bin/apt-get update *,/usr/bin/apt list *,/usr/bin/cat /etc/*release, /usr/bin/lxc-ls *, /usr/sbin/pct list, /usr/bin/lxc-attach *,/usr/sbin/qm guest exec*,/usr/sbin/qm list

sudo visudo -f /etc/sudoers.d/telegraf

E: Could not open lock file /var/lib/apt/lists/lock - open (13: Permission denied)
E: Unable to lock directory /var/lib/apt/lists/
W: Problem unlinking the file /var/cache/apt/pkgcache.bin - RemoveCaches (13: Permission denied)
W: Problem unlinking the file /var/cache/apt/srcpkgcache.bin - RemoveCaches (13: Permission denied)
E: Could not open lock file /var/lib/dpkg/lock-frontend - open (13: Permission denied)
E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), are you root?

check_update () {
  sudo lxc-attach -n $1 -- apt-get update -qq
  res=$(sudo lxc-attach -n $1 -- apt-get upgrade --show-upgraded --assume-no)
...

● telegraf.service - The plugin-driven server agent for reporting metrics into InfluxDB
Loaded: loaded (/lib/systemd/system/telegraf.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2022-10-31 19:11:52 CET; 23h ago
Docs: https://github.com/influxdata/telegraf
Main PID: 2707048 (telegraf)
Tasks: 10 (limit: 38284)
Memory: 35.9M
CPU: 2min 30.493s
CGroup: /system.slice/telegraf.service
└─2707048 /usr/bin/telegraf -config /etc/telegraf/telegraf.conf -config-directory /etc/telegraf/telegraf.d

[Unit]
Description=The plugin-driven server agent for reporting metrics into InfluxDB
Documentation=https://github.com/influxdata/telegraf
After=network-online.target
Wants=network-online.target

[Service]
Type=notify
EnvironmentFile=-/etc/default/telegraf
User=telegraf
ExecStart=/usr/bin/telegraf -config /etc/telegraf/telegraf.conf -config-directory /etc/telegraf/telegraf.d $TELEGRAF_OPTS
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
RestartForceExitStatus=SIGPIPE
KillMode=control-group

[Install]
WantedBy=multi-user.target

ll /etc/telegraf/
total 400
drwxr-xr-x 2 root root 4096 Nov 1 14:44 script
-rw-r--r-- 1 root root 3395 Oct 31 18:32 telegraf.conf
-rw-r--r-- 1 root root 395636 Oct 3 21:31 telegraf.conf.sample
drwxr-xr-x 2 root root 4096 Dec 1 2020 telegraf.d

Nov 01 18:56:07 HAL-proxmox telegraf[4158370]: 2022-11-01T17:56:07Z I! Starting Telegraf 1.24.2
Nov 01 18:56:07 HAL-proxmox telegraf[4158370]: 2022-11-01T17:56:07Z I! Available plugins: 222 inputs, 9 aggregators, 26 processors, 20 parsers, 57 outputs
Nov 01 18:56:07 HAL-proxmox telegraf[4158370]: 2022-11-01T17:56:07Z I! Loaded inputs: exec (2x) socket_listener
Nov 01 18:56:07 HAL-proxmox telegraf[4158370]: 2022-11-01T17:56:07Z I! Loaded aggregators:
Nov 01 18:56:07 HAL-proxmox telegraf[4158370]: 2022-11-01T17:56:07Z I! Loaded processors: converter
Nov 01 18:56:07 HAL-proxmox telegraf[4158370]: 2022-11-01T17:56:07Z I! Loaded outputs: influxdb_v2 (2x) mqtt
Nov 01 18:56:07 HAL-proxmox telegraf[4158370]: 2022-11-01T17:56:07Z I! Tags enabled: host=proxmox
Nov 01 18:56:07 HAL-proxmox telegraf[4158370]: 2022-11-01T17:56:07Z I! [agent] Config: Interval:10s, Quiet:false, Hostname:"proxmox", Flush Interval:10s
Nov 01 18:56:07 HAL-proxmox systemd[1]: Started The plugin-driven server agent for reporting metrics into InfluxDB.
Nov 01 18:56:07 HAL-proxmox telegraf[4158370]: 2022-11-01T17:56:07Z I! [inputs.socket_listener] Listening on udp://[::]:8089

2022-11-01T18:05:03Z I! Starting Telegraf 1.24.2
2022-11-01T18:05:03Z I! Available plugins: 222 inputs, 9 aggregators, 26 processors, 20 parsers, 57 outputs
2022-11-01T18:05:03Z I! Loaded inputs: exec (2x) socket_listener
2022-11-01T18:05:03Z I! Loaded aggregators:
2022-11-01T18:05:03Z I! Loaded processors: converter
2022-11-01T18:05:03Z I! Loaded outputs: influxdb_v2 (2x) mqtt
2022-11-01T18:05:03Z I! Tags enabled: host=proxmox
2022-11-01T18:05:03Z I! [agent] Config: Interval:10s, Quiet:false, Hostname:"proxmox", Flush Interval:10s
2022-11-01T18:05:03Z I! [inputs.socket_listener] Listening on udp://[::]:8089

sudo telegraf --debug

sudo service telegraf start

sudo systemctl enable telegraf.service

# für Proxmox-Metriken (build-in)
[[inputs.socket_listener]]
interval = "10s"
service_address = "udp://:8089"

# Ausgabe an influxDB 2
[[outputs.influxdb_v2]]
urls = [ "https://<IP>:9926" ]
token = "<TOKEN>"
organization = "orga"
bucket = "proxmox"
namedrop = ["ups","update"]

[[inputs.exec]]
alias = "ups_check"
interval = "60s"
commands = [ "/etc/telegraf/script/exec_nut.sh" ]
timeout = "5s"
name_override = "ups"
data_format = "influx"

[[inputs.exec]]
alias = "update_check"
interval = "120s"
commands = [ "/etc/telegraf/script/upgrade_check.sh" ]
timeout = "50s"
name_override = "update"
data_format = "influx"

# Ausgabe an influxDB 2
[[outputs.influxdb_v2]]
urls = [ "https://<IP>:9926" ]
token = "<TOKEN>"
organization = "orga"
bucket = "technik"
namepass = ["ups","update"]​