I'm running into issues when trying to do an ICMP ping with heartbeat to a different server. I'm getting some error messages on startup:
2017-05-03T10:27:26+02:00 INFO Select (active) monitor icmp
2017-05-03T10:27:26+02:00 INFO IPv6 ICMP not supported: listen ip6:ipv6-icmp : socket: address family not supported by protocol
2017-05-03T10:27:26+02:00 ERR failed to load monitor tasks: failed to initiate IPv6 support when initializing monitor icmp(0)
2017-05-03T10:27:26+02:00 INFO heartbeat start running.
2017-05-03T10:27:26+02:00 INFO heartbeat is running! Hit CTRL-C to stop it.
2017-05-03T10:27:56+02:00 INFO No non-zero metrics in the last 30s
At first I got the same message for IPv4 as well, but after some googling I noticed that this was an issue noticed by a beats-docker user here: https://github.com/elastic/beats-docker/issues/2
The work around is running a command that's already incorperated in the packetbeat binary: setcap cap_net_raw,cap_net_admin=eip /<path/to/>heartbeat
This allows the user which is running beats to open raw sockets (if I understood correctly). After issuing this command the error messages concerning ipv4 were gone. The monitor however still fails completely and won't run because of the ipv6 ping that can't be done.
So I can think of 2 solutions to my problem:
- find out if there's a way to grant rights to heartbeat to allow ipv6 ping/sockets similar to ipv4.
- disable ipv6 ping and force heartbeat to only use ipv4 ping.
Does anyone know if this is possible and how? If there are different solutions to my problem I'm all ears too.
I'm using heartbeat-5.3.0-linux-x86_64 on RHEL6.
config for the icmp monitor is:
- type: icmp
schedule: '@every 1m'
(manually pinging the ip adress works fine under the user that runs heartbeat)