FigJam Diagram: UniFi Poller — Network Metrics Pipeline (expires 2026-04-13)
UnPoller v2.33 runs in the monitoring namespace and polls the UDM Pro at 192.168.1.1 every 120 seconds, exposing network device, client, and WAN metrics on port 9130 for Prometheus scraping. A Grafana dashboard (uid unifi-network-overview) provides live visibility into device health, WAN performance, and client distribution.
| Field | Value |
|---|---|
| Namespace | monitoring |
| Image | ghcr.io/unpoller/unpoller:v2.33.0 |
| Metrics port | 9130 |
| Controller | UDM Pro at 192.168.1.1 |
| Poll interval | 120s |
| CPU request / limit | 50m / 500m |
| Memory request / limit | 64Mi / 128Mi |
| Credentials secret | unifi-poller-credentials (username + password) |
| Service account | copilot-svc (local read-only account on UDM Pro) |
| Data collection | Sites, DPI, Events, Syslog, IDS, Alarms — all enabled |
| Startup probe | failureThreshold: 10, periodSeconds: 30 (up to 5 min grace) |
Important — 120s poll interval is intentional. Do not lower it.
At 30s, the UDM Pro hits its rate limiter and returns 429 errors. The pod restarts. On restart the UDM Pro sees a new session and resets the rate limit — only to hit it again in 30 seconds. This creates a death spiral: 429 → CrashLoopBackOff → restart → 429 → repeat indefinitely. The startup probe gives the pod up to 5 minutes to stabilize, preventing CrashLoopBackOff from being declared prematurely. 120s is the safe floor.
| Alert | Severity | For | Condition |
|---|---|---|---|
UnifiDeviceOffline |
critical | 5m | Device uptime = 0 |
UnifiDeviceHighCpu |
warning | 10m | CPU > 85% |
UnifiDeviceHighMemory |
warning | 10m | Memory > 90% |
UnifiDeviceHighTemp |
warning | 5m | Temperature > 75°C |
UnifiWanLatencyHigh |
warning | 10m | WAN latency > 100ms |
UnifiPollerDown |
warning | 5m | Poller pod down |
UnifiControllerUnreachable |
critical | 5m | No UDM/USG metrics for 10 minutes |
UID: unifi-network-overview — provisioned as a ConfigMap in the monitoring namespace.
| Panel | Type | Description |
|---|---|---|
| Connected Clients (total) | Stat | Total connected clients across all devices |
| Connected Clients (WiFi) | Stat | WiFi-only client count |
| Device Uptime | Stat | Per-device uptime |
| Device CPU | Timeseries | CPU utilization per device |
| Device Memory | Timeseries | Memory utilization per device |
| Device Temperature | Timeseries | Temperature per device |
| WAN Link Speed | Stat | Current WAN link speed |
| WAN Uptime % | Stat | WAN availability percentage |
| Current WAN DL Rate | Stat | Current download throughput |
| Current WAN UL Rate | Stat | Current upload throughput |
| WAN Throughput | Timeseries | Upload (mirrored negative) + download combined |
| WAN Data Transferred | Bar chart | Data transferred per hour |
| WAN Errors & Drops | Timeseries | Error and drop counters |
| Clients per Device | Bar gauge | Client count broken down by device |
| Top 10 Clients by Traffic | Bar gauge | Highest-traffic clients |
# Create a dedicated read-only local account 'copilot-svc' on the UDM Pro first,
# then create the secret:
kubectl create secret generic unifi-poller-credentials \
-n monitoring \
--from-literal=username=copilot-svc \
--from-literal=password=<service-account-password>
Security note: Use a dedicated local-only account with read-only access. Do not use admin credentials. The account needs only read access to device stats — no write permissions, SSH access, or UI admin rights.
| File | Contents |
|---|---|
kubernetes/apps/unifi-poller/unifi-poller.yaml |
Deployment, Service, ServiceMonitor, PrometheusRule |
kubernetes/apps/unifi-poller/grafana-dashboard.yaml |
Grafana dashboard ConfigMap (uid: unifi-network-overview) |