--- title: OpenVPN description: Gain insights into OpenVPN events breadcrumbs: Docs > Integrations > OpenVPN --- # OpenVPN Supported OS Integration version1.2.0 OpenVPN - Overview 1OpenVPN - Overview 2 ## Overview{% #overview %} [OpenVPN](https://openvpn.net/access-server/) is a free, open-source protocol that creates secure connections between devices over the internet. It's used to create virtual private networks (VPNs). This integration enriches and ingests the following events: - **Authentication Events**: Represents user login attempts, including successful and failed authentications. - **Connection Events**: Represents instances when a client establishes or disconnects a VPN session. This integration seamlessly collects all of the above listed logs, channeling them into Datadog for analysis. Leveraging the built-in logs pipeline, these logs are parsed and enriched, enabling effortless search and analysis. The OpenVPN integration provides insight into authentication and connection events through the out-of-the-box dashboards. Additionally, it includes ready-to-use Cloud SIEM detection rules for enhanced monitoring and security. **Minimum Agent version:** 7.67.0 ## Setup{% #setup %} ### Installation{% #installation %} To install the OpenVPN integration, run the following Agent installation command and the steps below for log collection. For more information, see the [Integration Management](https://docs.datadoghq.com/agent/guide/integration-management/?tab=linux#install) documentation. **Note**: This step is not necessary for Agent version >= 7.65.0. Linux command: ```shell sudo -u dd-agent -- datadog-agent integration install datadog-openvpn==1.0.0 ``` ### Configuration{% #configuration %} #### Log collection{% #log-collection %} 1. Collecting logs is disabled by default in the Datadog Agent. Enable log collection in your `datadog.yaml`: ```yaml logs_enabled: true ``` 1. Add this configuration block to your `openvpn.d/conf.yaml` file to start collecting your OpenVPN logs. See the sample [openvpn.d/conf.yaml](https://github.com/DataDog/integrations-core/blob/master/openvpn/datadog_checks/openvpn/data/conf.yaml.example) for available configuration options. The appropriate protocol (either TCP or UDP) should be chosen based on the OpenVPN syslog forwarding configuration. ```yaml logs: - type: tcp/udp port: service: openvpn source: openvpn ``` Note: - PORT: Port should be similar to the port provided in **Configure syslog message forwarding from openvpn server**. - It is recommended not to change the service and source values, as these parameters are integral to the pipeline's operation. 1. [Restart the Agent](https://docs.datadoghq.com/agent/guide/agent-commands/#start-stop-and-restart-the-agent). #### Configure Syslog Message Forwarding from OpenVPN Server{% #configure-syslog-message-forwarding-from-openvpn-server %} - Please follow provided link steps to configure syslog over OpenVPN: [Configure syslog over OpenVPN](https://openvpn.net/as-docs/tutorials/tutorial--syslog.html#option-2--redirect-access-server-logs-to-an-external-syslog-server) ### Validation{% #validation %} [Run the Agent's status subcommand](https://docs.datadoghq.com/agent/guide/agent-commands/#agent-status-and-information) and look for `openvpn` under the Checks section. ## Data Collected{% #data-collected %} ### Logs{% #logs %} The OpenVPN integration collects Authentication Events and Connection Events. ### Metrics{% #metrics %} The OpenVPN integration does not include any metrics. ### Events{% #events %} The OpenVPN integration does not include any events. ### Service Checks{% #service-checks %} The OpenVPN integration does not include any service checks. ## Troubleshooting{% #troubleshooting %} ### OpenVPN{% #openvpn %} **Permission denied while port binding:** If you see a **Permission denied** error while port binding in the Agent logs, see the following instructions: 1. Binding to a port number under 1024 requires elevated permissions. - Grant access to the port using the `setcap` command: ```shell sudo setcap CAP_NET_BIND_SERVICE=+ep /opt/datadog-agent/bin/agent/agent ``` - Verify the setup is correct by running the `getcap` command: ```shell sudo getcap /opt/datadog-agent/bin/agent/agent ``` Example of the expected output: ```shell /opt/datadog-agent/bin/agent/agent = cap_net_bind_service+ep ``` **Note**: Re-run this `setcap` command every time you upgrade the Agent. 1. [Restart the Agent](https://docs.datadoghq.com/agent/guide/agent-commands/#start-stop-and-restart-the-agent). **Data is not being collected:** Make sure that traffic is bypassed from the configured port if the firewall is enabled. **Port already in use:** If you see the **Port Already in Use** error, see the following instructions. The example below is for PORT-NO = 514: On systems using Syslog, if the Agent listens for events on port 514, the following error can appear in the Agent logs: `Can't start UDP forwarder on port 514: listen udp :514: bind: address already in use`. This error occurs because Syslog listens on port 514 by default. To resolve it, use one of the following steps: - Disable Syslog. - Configure the Agent to listen on a different, available port. **Troubleshooting OpenVPN Logs Not Appearing in Datadog** If OpenVPN logs are not appearing in Datadog after setup, try restarting **openvpnas** and **rsyslog** services. - Run the following command to restart openvpnas service: ```shell service openvpnas restart ``` - Run the following command to restart rsyslog service: ```shell service rsyslog restart ``` For any further assistance, contact [Datadog support](https://docs.datadoghq.com/help/).