monitor-networks-with-telegraf

Best Practices for Monitoring Network Performance Using Telegraf

Table of Contents

Introduction 

Monitoring your network performance is essential for many reasons and can help detect network issues such as bandwidth congestion, latency, packet loss, or hardware failures. By continuously monitoring your network, you can identify areas for improvement, allowing for resource optimization, better bandwidth allocation, and overall enhancement of network efficiency.

Additionally, monitoring network traffic helps detect anomalies or suspicious activities that might indicate a security breach or cyber attack. Identifying such events is crucial for implementing security measures and preventing data breaches or unauthorized access. In this article, we'll detail how to use the Telegraf agent to collect network performance data that you can forward to a data source.

In this article, we'll show you how to use the Telegraf agent to collect and forward several types of network statistics to a data source.

        

Getting Started with the Telegraf Agent

Telegraf is a plugin-driven server agent built on InfluxDB that collects and sends metrics/events from databases, systems, processes, devices, and applications. It is written in Go, compiles into a single binary with no external dependencies, and requires a minimal memory footprint. Telegraf is compatible with many operating systems and has many helpful output plugins and input plugins for collecting and forwarding a wide variety of system performance metrics. 

Install Telegraf (Linux/Redhat)

Download Telegraf and unzip it (see the Telegraf docs for up-to-date versions and installation commands for many operating systems). Packages and files are generally installed at /etc/telegraf/
Ubuntu/Debian
wget https://dl.influxdata.com/telegraf/releases/telegraf_1.30.0-1_amd64.deb
sudo dpkg -i telegraf_1.30.0-1_amd64.deb

RedHat/CentOS

wget https://dl.influxdata.com/telegraf/releases/telegraf-1.30.0-1.x86_64.rpm
sudo yum localinstall telegraf-1.30.0-1.x86_64.rpm

Configure an Output

You can configure Telegraf to output to various sources, such as Kafka, Graphite, InfluxDB, Prometheus, SQL, NoSQL, and more.

In this example, we will configure telegraf with a Graphite output. If you're not currently hosting your data source, start a 14-day free trial with Hosted Graphite by MetricFire to follow these next steps.

A Hosted Graphite account will provide the data source, offer an alerting feature, and include Hosted Grafana as a visualization tool.

To configure the Graphite output, locate the downloaded telegraf configuration file at /etc/telegraf/telegraf.conf and open it in your preferred text editor. Then, you will need to make the following changes to the file:

First, uncomment the line:

[[outputs.graphite]]

Next, uncomment and edit the server line to:

servers = ["carbon.hostedgraphite.com:2003"]

Finally, uncomment and edit the prefix line to:

prefix = "<YOUR_API_KEY>.telegraf"
If you don't already have a Hosted Graphite account, sign up for a free trial here to obtain a Hosted Graphite API key.
Otherwise, you can configure a different telegraf output to forward metrics to another data source.

Configure Input Plugins for Network Monitoring

Telegraf has many input plugins that can collect a wide range of network performance statistics. In this example, we will focus on a few essential network plugins because they require minimal configuration.

nstat

The nstat plugin collects network metrics from /proc/net/netstat, /proc/net/snmp and /proc/net/snmp6 files.

All you need to do is search for the inputs.nstat section in your telegraf.conf file, uncomment the [[inputs.nstat]] line, and restart telegraf.

Additionally, you can configure custom proc file paths for this plugin, but general Linux systems should not require this.

You can run Telegraf as a server using the following command to see if there are any configuration errors in the output:

telegraf --config telegraf.conf

This plugin will collect and forward roughly 150-200 nstat metrics.

These metrics will include statistics from network interfaces, TCP/UDP traffic, errors, throughput, connections, fragmentation, and routing.

You can also see the official GitHub repository for a complete list of metrics returned by the nstat plugin.

netstat

Like the above nstat plugin, you only need to search for and uncomment the [[inputs.netstat]] line to configure this plugin in your telegraf.conf file.

Then restart Telegraf in your server to collect and forward the following metrics (this is how they will appear in the Graphite format):

telegraf.<hostname>.netstat.tcp_close_wait
telegraf.<hostname>1.netstat.tcp_closing
telegraf.<hostname>.netstat.tcp_established
telegraf.<hostname>.netstat.tcp_fin_wait1
telegraf.<hostname>1.netstat.tcp_fin_wait2
telegraf.<hostname>.netstat.tcp_last_ack
telegraf.<hostname>.netstat.tcp_listen
telegraf.<hostname>.netstat.tcp_none
telegraf.<hostname>.netstat.tcp_syn_recv
telegraf.<hostname>.netstat.tcp_syn_sent
telegraf.<hostname>.netstat.tcp_time_wait
telegraf.<hostname>.netstat.udp_socket

The netstat plugin helps monitor and analyze a system's networking activity, providing insights into active connections, network usage, routing information, and potential networking issues.

See the netstat GitHub repository for more details.

net

Like the above plugins, you only need to search for and uncomment the [[inputs.net]] line in your Telegraf to configure this plugin. conf file.

Then, restart Telegraf on your server to receive new metrics reporting statistics for IPs, TCP/UDP protocols, Internet Control Message Protocol messages, and more.

See the net GitHub repository for more details and a complete list of metrics returned by the inputs.net plugin.

   

Use Hosted Graphite by MetricFire to Create Custom Dashboards and Alerts

MetricFire is a monitoring platform that enables you to gather, visualize, analyze, and alert on metrics from sources such as servers, databases, networks, devices, and applications. Using MetricFire, you can effortlessly identify problems and optimize resources within your infrastructure. Hosted Graphite by MetricFire removes the burden of self-hosting your monitoring solution, allowing you more time and freedom to work on your most important tasks.

  1. Once you have signed up for a Hosted Graphite account and used the above steps to configure your server with the Telegraf Agent, metrics will be forwarded, timestamped, ingested, and aggregated into the Hosted Graphite backend.
  2. They will be sent and stored in the Graphite format of metric.name.path <numeric-value> <unix-timestamp> provides a tree-like data structure and makes them easy to query.
  3. These metrics can be found in your Hosted Graphite account, where you can use them to build custom Alerts and Grafana dashboards.

Create Dashboards in Hosted Graphite's Hosted Grafana

In the Hosted Graphite UI, navigate to Dashboards => Primary Dashboards and select the + button to build a new panel:

Best Practices for Monitoring Network Performance Using Telegraf - 1

Then you can use the query UI to select a graphite metric path (the default data source will be the hosted graphite backend if you are accessing Grafana through your Hosted Graphite account):

Best Practices for Monitoring Network Performance Using Telegraf - 2

The Hosted Graphite datasource also supports wildcard (*) searches to grab all metrics that match a specified path.

Now you can apply Graphite functions to these metrics, like aliasByNode(), to reformat the metric names on the graph:

Best Practices for Monitoring Network Performance Using Telegraf - 3

Grafana has many additional options, like configuring dashboard variables and annotations. You can also use different visualizations, modify the display, set the units of measurement, and much more.

Hosted Graphite also has a pre-configured dashboard for Telegraf metrics located in their Dashboard Library:

Best Practices for Monitoring Network Performance Using Telegraf - 4

Once this dashboard is generated in your account, you can locate it in your Primary Dashboards to see system metrics (CPU, mem, disk) displayed, including a row for hardware temperatures:

Best Practices for Monitoring Network Performance Using Telegraf - 5

See the Hosted Graphite dashboard docs for more details.

Creating Graphite Alerts

In the Hosted Graphite UI, navigate to Alerts => Graphite Alerts to create a new alert. Name the alert, add one of your graphite metrics to the alerting metric field, and add a description of what this alert is:

Best Practices for Monitoring Network Performance Using Telegraf - 6

Then, select the Criteria tab, which will set the threshold, and select a notification channel. The default notification channel is the email you used to sign up for the Hosted Graphite account. Still, you can easily configure a channel for Slack, PagerDuty, Microsoft Teams, and more. See the Hosted Graphite docs for more details on notification channels:

Best Practices for Monitoring Network Performance Using Telegraf - 7

Conclusion

Monitoring network performance is essential for ensuring seamless business operations, maintaining security, enhancing user experiences, meeting compliance standards, and enabling scalability. It ultimately contributes to a business's overall success and efficiency.

Network performance monitoring provides valuable data, and using tools like dashboards and alerts complements this monitoring by providing real-time visualization, proactive identification of issues, historical trend analysis, and facilitating informed decision-making. These are all essential for maintaining a robust and efficient network infrastructure.

Sign up for the free trial and experiment with monitoring your network performance today. You can also book a demo and talk to the MetricFire team directly about your monitoring needs.

You might also like other posts...
metricfire May 29, 2024 · 8 min read

Guide to Monitoring Your Apache Zipkin Environment Using Telegraf

Monitoring your Zipkin tracing environment is crucial for maintaining the reliability and performance of... Continue Reading

metricfire May 22, 2024 · 8 min read

How to Monitor Your Apache Tomcat Servers Using Telegraf and MetricFire

Monitoring your Apache Tomcat servers is crucial for your business because it ensures the... Continue Reading

metricfire May 17, 2024 · 8 min read

Step By Step Guide to Monitoring Your Apache HTTP Servers

Monitoring the performance of your Apache servers is vital for maintaining optimal operation and... Continue Reading

header image

We strive for
99.999% uptime

Because our system is your system.

14-day trial 14-day trial
No Credit Card Required No Credit Card Required