monitor-networks-with-telegraf

Monitor Network Performance Using Telegraf

Table of Contents

Introduction 

Monitoring your network performance is important for many reasons and can help in detecting network issues such as bandwidth congestion, latency, packet loss, or hardware failures. By continuously monitoring your network, you can identify areas where improvements can be made, allowing for optimization of resources, better allocation of bandwidth, and overall enhancement of network efficiency.

Additionally, monitoring network traffic helps in detecting anomalies or suspicious activities that might indicate a security breach or cyber attack. Timely identification of such events is crucial for implementing security measures and preventing data breaches or unauthorized access. In this article, we'll detail how to use the Telegraf agent to collect network performance data that you can forward to a datasource.

In this article, we'll show you how to use the Telegraf agent to collect and forward several types of network statistics to a data source.

        

Getting Started with the Telegraf Agent

Telegraf is a plugin-driven server agent built on InfluxDB, and is used for collecting and sending metrics/events from databases, systems, and IoT sensors. Telegraf is written in Go and compiles into a single binary with no external dependencies, and requires a very minimal memory footprint. It is compatible with many operating systems, and has many useful output plugins and input plugins for collecting and forwarding a wide variety of system performance metrics. 

Install Telegraf (linux/redhat)

Download Telegraf and unzip it (see the telegraf docs for up-to-date versions and installation commands for many operating systems). Packages and files are generally installed at /etc/telegraf/.
Ubuntu/Debian
wget https://dl.influxdata.com/telegraf/releases/telegraf_1.21.2-1_amd64.deb
sudo dpkg -i telegraf_1.21.2-1_amd64.deb

RedHat/CentOS

wget https://dl.influxdata.com/telegraf/releases/telegraf-1.21.4-1.x86_64.rpm
sudo yum localinstall telegraf-1.21.4-1.x86_64.rpm

Configure an Output

You can configure telegraf to output to a variety of sources, like Kafka, Graphite, InfluxDB, Prometheus, SQL, NoSQL, and more.

In this example we will configure telegraf with a Graphite output. If you're not currently hosting your own datasource, you can start a 14 day free trial with Hosted Graphite by MetricFire in order to follow along with these next steps.

A Hosted Graphite account will provide the datasource, offers an alerting feature, and includes Hosted Grafana as a visualization tool.

To configure the Graphite output, you need to locate the downloaded telegraf configuration file at /etc/telegraf/telegraf.conf and open it in your preferred text editor. Then you will need to make the following changes to the file:

Locate and comment out the line:

# [[outputs.influxdb]]

Then, uncomment the line:

[[outputs.graphite]]

Next, uncomment and edit the servers line to:

servers = ["carbon.hostedgraphite.com:2003"]

Finally, uncomment and edit the prefix line to:

prefix = "<YOUR_API_KEY>.telegraf"
If you don't already have a Hosted Graphite account, sign up for a free trial here to obtain a Hosted Graphite API key.
Otherwise, you can configure a different telegraf output to forward metrics to another datasource.

Configure Input Plugins for Network Performance Monitoring:

Telegraf has many input plugins that can collect a wide range of network performance statistics. In this example, we will focus on a few basic network plugins because they require minimal configuration.

nstat

The nstat plugin collects network metrics from /proc/net/netstat, /proc/net/snmp and /proc/net/snmp6 files.

All you need to do is search for the inputs.nstat section in your telegraf.conf file, uncomment the [[inputs.nstat]] line, and restart telegraf.

Additionally, you can configure custom proc file paths for this plugin, but general linux systems should not require this.

You can run telegraf as a server using the following command, to see if there are any configuration errors in the output:

telegraf --config telegraf.conf

This plugin will collect and forward roughly 150-200 nstat metrics.

These metrics will include statistics from network interfaces, TCP/UDP traffic, errors, throughput, connections, fragmentation, and routing.

You can also see the official GitHub repository for a full list of metrics returned by the nstat plugin.

netstat

Similar to nstat, all you need to do to configure this plugin in search for and uncomment the [[inputs.netstat]] line in your telegraf.conf file.

Then restart telegraf in your server to collect and forward the following metrics (this is how they will appear in the Graphite format):

telegraf.<hostname>.netstat.tcp_close_wait
telegraf.<hostname>1.netstat.tcp_closing
telegraf.<hostname>.netstat.tcp_established
telegraf.<hostname>.netstat.tcp_fin_wait1
telegraf.<hostname>1.netstat.tcp_fin_wait2
telegraf.<hostname>.netstat.tcp_last_ack
telegraf.<hostname>.netstat.tcp_listen
telegraf.<hostname>.netstat.tcp_none
telegraf.<hostname>.netstat.tcp_syn_recv
telegraf.<hostname>.netstat.tcp_syn_sent
telegraf.<hostname>.netstat.tcp_time_wait
telegraf.<hostname>.netstat.udp_socket

The netstat plugin helps in monitoring and analyzing the networking activity on a system, providing insights into active connections, network usage, routing information, and potential networking issues.

See the netstat GitHub repository for more details.

net

Similar to the above plugins, all you need to do to configure this plugin in search for and uncomment the [[inputs.net]] line in your telegraf.conf file.

Then restart telegraf in your server to receive new metrics reporting statistics for IPs, TCP/UDP protocols, Internet Control Message Protocol messages, and more.

See the net GitHub repository more details and a full list of metrics returned by the inputs.net plugin.

   

Use Hosted Graphite by MetricFire to Create Custom Dashboards and Alerts

MetricFire is a monitoring platform that enables you to gather, visualize, analyze, and alert on metrics from sources such as servers, databases, networks, devices, and applications. By utilizing MetricFire, you can effortlessly identify problems and optimize resources from within your infrastructure. Hosted Graphite by MetricFire takes away the burden of self-hosting your own monitoring solution, allowing you more time and freedom to work on your most important tasks.

  1. Once you have signed up for a Hosted Graphite account and used the above steps to configure your server with the Telegraf Agent, metrics will be forwarded, timestamped, ingested, and aggregated into the Hosted Graphite backend.
  2. They will be sent and stored in the Graphite format of: metric.name.path <numeric-value> <unix-timestamp>, which provides a tree like data structure and makes them easy to query.
  3. You can locate these metrics in your Hosted Graphite account, and use them to build custom Alerts and Grafana dashboards.

Create Dashboards in Hosted Graphite's Hosted Grafana

In the Hosted Graphite UI, navigate to Dashboards => Primary Dashboards and select the + button to build a new panel:

Monitor Network Performance Using Telegraf - 1

Then you can use the query UI to select a graphite metric path (the default datasource will be the hosted graphite backend if you are accessing Grafana through your Hosted Graphite account):

Monitor Network Performance Using Telegraf - 2

The Hosted Graphite datasource also supports wildcard (*) searches to grab all metrics that match a specified path.

Now you can apply Graphite functions to these metrics, like aliasByNode() to reformat the metric names on the graph:

Monitor Network Performance Using Telegraf - 3

Grafana has many additional options like configuring dashboard variables and annotations. You can also use different visualizations, modify the display, set the units of measurement, and much more.

Hosted Graphite also has a pre-configured dashboard for Telegraf metrics located in their Dashboard Library:

Monitor Network Performance Using Telegraf - 4

Once this dashboard is generated in your account, you can locate it your Primary Dashboards to see system metrics (cpu, mem, disk) displayed, including a row for hardware temperatures:

Monitor Network Performance Using Telegraf - 5

See the Hosted Graphite dashboard docs for more details.

Creating Graphite Alerts

In the Hosted Graphite UI, navigate to Alerts => Graphite Alerts to create a new alert. Name the alert, add one of your graphite metrics to the alerting metric field, and add a description of what this alert is:

Monitor Network Performance Using Telegraf - 6

Then select the Criteria tab which will set the threshold, and select a notification channel. The default notification channel is the email you used to signup for the Hosted Graphite account, but you can easily configure a channel for Slack, PagerDuty, Microsoft Teams, and more. See the Hosted Graphite docs for more details on notification channels:

Monitor Network Performance Using Telegraf - 7

Conclusion

Monitoring network performance is essential for ensuring seamless business operations, maintaining security, enhancing user experiences, meeting compliance standards, and enabling scalability, ultimately contributing to the overall success and efficiency of a business.

Network performance monitoring provides valuable data, and using tools like dashboards and alerts complements this monitoring by providing real-time visualization, proactive identification of issues, historical trend analysis, and facilitating informed decision-making, all of which are essential for maintaining a robust and efficient network infrastructure.

Sign up for the free trial, and experiment with monitoring your network performance today. You can also book a demo and talk to the MetricFire team directly about your monitoring needs.

You might also like other posts...
metricfire Jan 24, 2024 · 6 min read

Monitor Heroku Add-Ons Using Hosted Graphite

Monitoring your Heroku stack helps you understand the performance of your application and infrastructure.... Continue Reading

metricfire Jan 23, 2024 · 8 min read

Monitor Redis Using Telegraf and MetricFire

Monitoring Redis instances is essential for maintaining performance, reliability, and security. It allows you... Continue Reading

metricfire Jan 19, 2024 · 8 min read

Monitor Your Mailchimp Campaigns Using Telegraf

Monitoring your email campaigns helps you track key performance indicators (KPIs) such as open... Continue Reading

header image

We strive for
99.999% uptime

Because our system is your system.

14-day trial 14-day trial
No Credit Card Required No Credit Card Required