monitor-networks-with-telegraf

Best Practices for Monitoring Network Performance Using Telegraf

Table of Contents

Introduction 

Monitoring your network performance is essential for many reasons and can help detect network issues such as bandwidth congestion, latency, packet loss, or hardware failures. By continuously monitoring your network, you can identify areas for improvement, allowing for resource optimization, better bandwidth allocation, and overall enhancement of network efficiency.

Additionally, monitoring network traffic helps detect anomalies or suspicious activities that might indicate a security breach or cyber attack. Identifying such events is crucial for implementing security measures and preventing data breaches or unauthorized access. In this article, we'll detail how to use the Telegraf agent to collect network performance data that you can forward to a data source.

In this article, we'll show you how to use the Telegraf agent to collect and forward several types of network statistics to a data source.

        

Getting Started with the Telegraf Agent

Telegraf is a plugin-driven server agent built on InfluxDB that collects and sends metrics/events from databases, systems, processes, devices, and applications. It is written in Go, compiles into a single binary with no external dependencies, and requires a minimal memory footprint. Telegraf is compatible with many operating systems and has many helpful output plugins and input plugins for collecting and forwarding a wide variety of system performance metrics. 

Install Telegraf (Linux/Redhat)

Download Telegraf and unzip it (see the Telegraf docs for up-to-date versions and installation commands for many operating systems). Packages and files are generally installed at /etc/telegraf/
Ubuntu/Debian
wget https://dl.influxdata.com/telegraf/releases/telegraf_1.30.0-1_amd64.deb
sudo dpkg -i telegraf_1.30.0-1_amd64.deb

RedHat/CentOS

wget https://dl.influxdata.com/telegraf/releases/telegraf-1.30.0-1.x86_64.rpm
sudo yum localinstall telegraf-1.30.0-1.x86_64.rpm

Configure an Output

You can configure Telegraf to output to various sources, such as Kafka, Graphite, InfluxDB, Prometheus, SQL, NoSQL, and more.

In this example, we will configure telegraf with a Graphite output. If you're not currently hosting your data source, start a 14-day free trial with Hosted Graphite by MetricFire to follow these next steps.

A Hosted Graphite account will provide the data source, offer an alerting feature, and include Hosted Grafana as a visualization tool.

To configure the Graphite output, locate the downloaded telegraf configuration file at /etc/telegraf/telegraf.conf and open it in your preferred text editor. Then, you will need to make the following changes to the file:

First, uncomment the line:

[[outputs.graphite]]

Next, uncomment and edit the server line to:

servers = ["carbon.hostedgraphite.com:2003"]

Finally, uncomment and edit the prefix line to:

prefix = "<YOUR_API_KEY>.telegraf"
If you don't already have a Hosted Graphite account, sign up for a free trial here to obtain a Hosted Graphite API key.
Otherwise, you can configure a different telegraf output to forward metrics to another data source.

Configure Input Plugins for Network Monitoring

Telegraf has many input plugins that can collect a wide range of network performance statistics. In this example, we will focus on a few essential network plugins because they require minimal configuration.

nstat

The nstat plugin collects network metrics from /proc/net/netstat, /proc/net/snmp and /proc/net/snmp6 files.

All you need to do is search for the inputs.nstat section in your telegraf.conf file, uncomment the [[inputs.nstat]] line, and restart telegraf.

Additionally, you can configure custom proc file paths for this plugin, but general Linux systems should not require this.

You can run Telegraf as a server using the following command to see if there are any configuration errors in the output:

telegraf --config telegraf.conf

This plugin will collect and forward roughly 150-200 nstat/smnp metrics in the following Graphite format:

telegraf.<host>.netstat.nstat.<metric>
telegraf.<host>.snmp.nstat.<metric>

These metrics will include statistics from network interfaces, TCP/UDP traffic, errors, throughput, connections, fragmentation, and routing.

You can also see the official GitHub repository for a complete list of metrics returned by the nstat plugin.

netstat

Like the above nstat plugin, you only need to search for and uncomment the [[inputs.netstat]] line to configure this plugin in your telegraf.conf file.

Then restart Telegraf in your server to collect and forward the following metrics (this is how they will appear in the Graphite format):

telegraf.<host>.netstat.tcp_close
telegraf.<host>.netstat.tcp_close_wait
telegraf.<host>.netstat.tcp_closing
telegraf.<host>.netstat.tcp_established
telegraf.<host>.netstat.tcp_fin_wait1
telegraf.<host>.netstat.tcp_fin_wait2
telegraf.<host>.netstat.tcp_last_ack
telegraf.<host>.netstat.tcp_listen
telegraf.<host>.netstat.tcp_none
telegraf.<host>.netstat.tcp_syn_recv
telegraf.<host>.netstat.tcp_syn_sent
telegraf.<host>.netstat.tcp_time_wait
telegraf.<host>.netstat.udp_socket

The netstat plugin helps monitor and analyze a system's networking activity, providing insights into active connections, network usage, routing information, and potential networking issues.

See the netstat GitHub repository for more details.

net_response

Like the above plugins, you only need to search for and uncomment the [[inputs.net_response]] line to configure this plugin in your telegraf.conf file.

Next, uncomment the protocol and address lines.

Then restart Telegraf in your server to collect and forward the following metrics (this is how they will appear in the Graphite format):

telegraf.<host>.<port.tcp.success.localhost.net_response.response_time
telegraf.<host>.<port>.tcp.success.localhost.net_response.result_code

The net_response plugin monitors network connectivity and latency by performing TCP, UDP, or ICMP ping tests to specified hosts. It measures the response time and tracks whether the network targets are reachable, providing valuable metrics for network performance monitoring. See the net_response GitHub repository for more details.

net

Like the above plugins, you only need to search for and uncomment the [[inputs.net]] line in your Telegraf to configure this plugin. conf file.

Then, restart Telegraf on your server to receive new metrics reporting statistics for IPs, TCP/UDP protocols, Internet Control Message Protocol messages, and more.

See the net GitHub repository for more details and a complete list of metrics returned by the inputs.net plugin.

   

Use Hosted Graphite by MetricFire to Create Custom Dashboards and Alerts

MetricFire is a monitoring platform that enables you to gather, visualize, analyze, and alert on metrics from sources such as servers, databases, networks, devices, and applications. Using MetricFire, you can effortlessly identify problems and optimize resources within your infrastructure. Hosted Graphite by MetricFire removes the burden of self-hosting your monitoring solution, allowing you more time and freedom to work on your most important tasks.

  1. Once you have signed up for a Hosted Graphite account and used the above steps to configure your server with the Telegraf Agent, metrics will be forwarded, timestamped, ingested, and aggregated into the Hosted Graphite backend.
  2. They will be sent and stored in the Graphite format of metric.name.path <numeric-value> <unix-timestamp> provides a tree-like data structure and makes them easy to query.
  3. These metrics can be found in your Hosted Graphite account, where you can use them to build custom Alerts and Grafana dashboards.

Create Dashboards in Hosted Graphite's Hosted Grafana

In the Hosted Graphite UI, navigate to Dashboards => Primary Dashboards and select the + button to build a new panel:

Best Practices for Monitoring Network Performance Using Telegraf - 1

Then you can use the query UI to select a graphite metric path (the default data source will be the hosted graphite backend if you are accessing Grafana through your Hosted Graphite account):

Best Practices for Monitoring Network Performance Using Telegraf - 2

The Hosted Graphite datasource also supports wildcard (*) searches to grab all metrics that match a specified path.

Now you can apply Graphite functions to these metrics, like aliasByNode(), to reformat the metric names on the graph:

Best Practices for Monitoring Network Performance Using Telegraf - 3

Grafana has many additional options, like configuring dashboard variables and annotations. You can also use different visualizations, modify the display, set the units of measurement, and much more.

Hosted Graphite also has a pre-configured dashboard for Telegraf metrics located in their Dashboard Library:

Best Practices for Monitoring Network Performance Using Telegraf - 4

Once this dashboard is generated in your account, you can locate it in your Primary Dashboards to see system metrics (CPU, mem, disk) displayed, including a row for hardware temperatures:

Best Practices for Monitoring Network Performance Using Telegraf - 5

See the Hosted Graphite dashboard docs for more details.

Creating Graphite Alerts

In the Hosted Graphite UI, navigate to Alerts => Graphite Alerts to create a new alert. Name the alert, add one of your graphite metrics to the alerting metric field, and add a description of what this alert is:

Best Practices for Monitoring Network Performance Using Telegraf - 6

Then, select the Criteria tab, which will set the threshold, and select a notification channel. The default notification channel is the email you used to sign up for the Hosted Graphite account. Still, you can easily configure a channel for Slack, PagerDuty, Microsoft Teams, and more. See the Hosted Graphite docs for more details on notification channels:

Best Practices for Monitoring Network Performance Using Telegraf - 7

Conclusion

Monitoring network performance is essential for ensuring seamless business operations, maintaining security, enhancing user experiences, meeting compliance standards, and enabling scalability. It ultimately contributes to a business's overall success and efficiency.

Network performance monitoring provides valuable data, and using tools like dashboards and alerts complements this monitoring by providing real-time visualization, proactive identification of issues, historical trend analysis, and facilitating informed decision-making. These are all essential for maintaining a robust and efficient network infrastructure.

Sign up for the free trial and experiment with monitoring your network performance today. You can also book a demo and talk to the MetricFire team directly about your monitoring needs.

You might also like other posts...
metricfire Sep 25, 2024 · 6 min read

Guide to Adding K8 Inventory Stats to Your Telegraf Daemonset

By integrating inventory stats with your other K8 performance metrics, you can better correlate... Continue Reading

metricfire Sep 04, 2024 · 9 min read

Guide to Monitoring Nagios Plugins Using Telegraf

Nagios is an open-source monitoring system used to track the performance and health of... Continue Reading

metricfire Aug 23, 2024 · 9 min read

Step By Step Guide to Monitoring RavenDB Using Telegraf

Monitoring the performance of RavenDB is crucial to ensure optimal system operation, quickly identify... Continue Reading

header image

We strive for
99.999% uptime

Because our system is your system.

14-day trial 14-day trial
No Credit Card Required No Credit Card Required