This project provides a ready-to-use Grafana dashboard and automation scripts for auditing Jumpserver environments. It supports both MySQL and PostgreSQL backends and offers comprehensive visualizations of user activity, session history, command risk, and more.

• Jumpserver Official Documentation
• Jumpserver GitHub Repository

• Automated Grafana setup via shell scripts
• Dashboard import for both MySQL and PostgreSQL
• Jumpserver database integration
• User/session/command analytics
• Risk classification and visualizations
• Example screenshots included

The dashboard provides:

• General stats: Logins, operations, password changes, sessions, file transfers
• Session analytics: Active/historical sessions, durations by user/asset
• Command history: Risk classification, command breakdown
• Visualizations: Gantt charts, bar charts, pie charts, tables

Below are example screenshots from the dashboard (see img/):

├── grafanactl.sh                        # Grafana container control script
├── quick_start.sh                       # One-shot setup and dashboard import
├── jumpserver-audit-dashboard-mysql.json      # Dashboard (MySQL)
├── jumpserver-audit-dashboard-postgresql.json # Dashboard (PostgreSQL)
├── .example.env                         # Example environment config
├── img/                                 # Example screenshots
│   ├── jms_grafana_1.jpeg
│   ├── jms_grafana_3.jpeg
│   ├── jms_grafana_4.jpeg
│   ├── jms_grafana_5.jpeg
│   └── jsm_grafana_2.jpeg

• Docker
• Jumpserver instance (with MySQL or PostgreSQL backend)
• Bash shell
• jq (for JSON processing)

1. Copy and configure environment:

   cp .example.env .env
   # Edit .env to match your environment (see below)

2. Edit .env variables:

   • GRAFANA_VERSION (default: 10.2.3)
   • GRAFANA_PORT (default: 3000)
   • NETWORK_NAME (Docker network, e.g. jms_net)
   • GRAFANA_CONTAINER_NAME (default: grafana)
   • GRAFANA_ADMIN_USER / GRAFANA_ADMIN_PASSWORD
   • JS_CONFIG_PATH (path to Jumpserver's config.txt)

3. Run the quick start script:

   ./quick_start.sh

   This will:

   • Start Grafana in Docker
   • Add the Jumpserver database as a data source
   • Import the appropriate dashboard (MySQL or PostgreSQL)

4. Access Grafana:

   • Open https://localhost:3000 (or your configured port)
   • Login with the credentials from .env

Use grafanactl.sh for advanced container management:

./grafanactl.sh start        # Start Grafana
./grafanactl.sh stop         # Stop Grafana
./grafanactl.sh restart      # Restart Grafana
./grafanactl.sh status       # Show container status
./grafanactl.sh logs         # Tail Grafana logs
./grafanactl.sh shell        # Open shell in Grafana container
./grafanactl.sh delete_all   # Full cleanup

.env example:

GRAFANA_VERSION=10.2.3
GRAFANA_PORT=3000
NETWORK_NAME=jms_net
GRAFANA_CONTAINER_NAME=grafana
GRAFANA_ADMIN_USER=admin
GRAFANA_ADMIN_PASSWORD=admin
JS_CONFIG_PATH=/opt/jumpserver/config/config.txt

• The dashboard JSON files are tailored for Jumpserver's schema.
• The scripts will auto-detect your DB type and import the correct dashboard.
• For troubleshooting, check container logs: ./grafanactl.sh logs

Licensed to acerrah under The GNU General Public License version 3 (GPLv3) (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at:

https://www.gnu.org/licenses/gpl-3.0.html

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.