I've created a new project, pingbeat that sends sends ICMP pings to a list of targets and stores the round trip time (RTT) in Elasticsearch (or elsewhere). It uses tatsushid/go-fastping for sending/recieving ping packets and libbeat to talk to Elasticsearch and other outputs. Essentially, those two libraries do all the heavy lifting, pingbeat is just glue around them Be warned, this is my first Go project and I haven't programmed in a language like Go for quite some time...
My original inspiration for this was to try to recreate the venerable and awesome functionality of Smokeping with an ELK stack. Although that worked (see my elk-ping project), I felt like a beat was a much better way of doing it than some hacky logstash inputs and filters around some command-line programs.
Right now, it works for sending pings to a list of targets and storing the round-trip time in Elasticsearch. You can "tag" your hosts to make it easy to group them for aggegations or searches in Elasticsearch as well. I haven't tested it with the other outputs or advanced functionality of libbeat yet.
I see this as complementary to packetbeat. Whereas packetbeat is a layer 7 monitoring tool, pingbeat is just a really simple layer 3 tool. I have no grand plans for it, I just want it to do one thing and do it well, track network latency with pings.
That's a really cool idea! I know smokeping since I was in the VoIP world, it was a tool used quite often there. So I definitely think this is a useful Beat, thanks a lot for taking the time to create it.
I'd be happy to make this an "official Beat". What that means exactly I don't know myself, but I guess it would include adding it to the build and test process and offering packages and binaries on the Download page. Maybe also moving it to the elastic github org, although it doesn't have to be. Let me know if this would be something you'd like or you'd prefer to keep this as a personal project.
Hi Joshua,
Thanks for your work. I was looking for EXACTLY for something like this. I'm using SmokePing and I want it to send it to some other DB, and ElasticSearch was on the top of the list.
The only problem I have, is that after a while (minutes) I don't see any RTT, and every packet appears as lost. I'm possitive is not a network issue. Any idea what can be?
I'm sending it to a ES 1.7.5 (I know.. is an old version but I connect ES to a BI tool that doesn't support newer versions yet).
Thanks! Older versions of pingbeat had some issues with incorrect loss reporting but the latest release here should have fixed this:
Pingbeat has a really simplistic view of loss and doesn't make any distinctions due to what kind of loss it was (timeout, TTL exceeded, routing issue, etc.). This is something I want to add in a future release.
Does a standard ping command with the same interval and to the same IP address result in similar behaviour?
How many hosts have you configured in Pingbeat and on what interval are you pinging?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
Be warned, this is my first Go project and I haven't programmed in a language like Go for quite some time...
