Table of Contents
- Introduction
- Getting Started with the Telegraf Agent
- Configure Input Plugins for Network Monitoring
- Use Hosted Graphite by MetricFire to Create Custom Dashboards and Alerts
- Conclusion
Introduction
Monitoring your network performance is essential for many reasons and can help detect network issues such as bandwidth congestion, latency, packet loss, or hardware failures. By continuously monitoring your network, you can identify areas for improvement, allowing for resource optimization, better bandwidth allocation, and overall enhancement of network efficiency.
Additionally, monitoring network traffic helps detect anomalies or suspicious activities that might indicate a security breach or cyber attack. Identifying such events is crucial for implementing security measures and preventing data breaches or unauthorized access. In this article, we'll detail how to use the Telegraf agent to collect network performance data that you can forward to a data source.
In this article, we'll show you how to use the Telegraf agent to collect and forward several types of network statistics to a data source.
Getting Started with the Telegraf Agent
Telegraf is a plugin-driven server agent built on InfluxDB that collects and sends metrics/events from databases, systems, processes, devices, and applications. It is written in Go, compiles into a single binary with no external dependencies, and requires a minimal memory footprint. Telegraf is compatible with many operating systems and has many helpful output plugins and input plugins for collecting and forwarding a wide variety of system performance metrics.
Install Telegraf (Linux/Redhat)
/etc/telegraf/wget https://dl.influxdata.com/telegraf/releases/telegraf_1.30.0-1_amd64.deb
sudo dpkg -i telegraf_1.30.0-1_amd64.deb
RedHat/CentOS
wget https://dl.influxdata.com/telegraf/releases/telegraf-1.30.0-1.x86_64.rpm
sudo yum localinstall telegraf-1.30.0-1.x86_64.rpm
Configure an Output
You can configure Telegraf to output to various sources, such as Kafka, Graphite, InfluxDB, Prometheus, SQL, NoSQL, and more.
In this example, we will configure telegraf with a Graphite output. If you're not currently hosting your data source, start a 14-day free trial with Hosted Graphite by MetricFire to follow these next steps.
A Hosted Graphite account will provide the data source, offer an alerting feature, and include Hosted Grafana as a visualization tool.
To configure the Graphite output, locate the downloaded telegraf configuration file at /etc/telegraf/telegraf.conf and open it in your preferred text editor. Then, you will need to make the following changes to the file:
First, uncomment the line:
[[outputs.graphite]]
Next, uncomment and edit the server line to:
servers = ["carbon.hostedgraphite.com:2003"]
Finally, uncomment and edit the prefix line to:
prefix = "<YOUR_API_KEY>.telegraf"
Configure Input Plugins for Network Monitoring
Telegraf has many input plugins that can collect a wide range of network performance statistics. In this example, we will focus on a few essential network plugins because they require minimal configuration.nstat
The nstat plugin collects network metrics from /proc/net/netstat, /proc/net/snmp and /proc/net/snmp6 files.
All you need to do is search for the inputs.nstat section in your telegraf.conf file, uncomment the [[inputs.nstat]] line, and restart telegraf.
Additionally, you can configure custom proc file paths for this plugin, but general Linux systems should not require this.
You can run Telegraf as a server using the following command to see if there are any configuration errors in the output:
telegraf --config telegraf.conf
This plugin will collect and forward roughly 150-200 nstat/smnp metrics in the following Graphite format:
telegraf.<host>.netstat.nstat.<metric>
telegraf.<host>.snmp.nstat.<metric>
These metrics will include statistics from network interfaces, TCP/UDP traffic, errors, throughput, connections, fragmentation, and routing.
You can also see the official GitHub repository for a complete list of metrics returned by the nstat plugin.
netstat
Like the above nstat plugin, you only need to search for and uncomment the [[inputs.netstat]] line to configure this plugin in your telegraf.conf file.
Then restart Telegraf in your server to collect and forward the following metrics (this is how they will appear in the Graphite format):
telegraf.<host>.netstat.tcp_close
telegraf.<host>.netstat.tcp_close_wait
telegraf.<host>.netstat.tcp_closing
telegraf.<host>.netstat.tcp_established
telegraf.<host>.netstat.tcp_fin_wait1
telegraf.<host>.netstat.tcp_fin_wait2
telegraf.<host>.netstat.tcp_last_ack
telegraf.<host>.netstat.tcp_listen
telegraf.<host>.netstat.tcp_none
telegraf.<host>.netstat.tcp_syn_recv
telegraf.<host>.netstat.tcp_syn_sent
telegraf.<host>.netstat.tcp_time_wait
telegraf.<host>.netstat.udp_socket
The netstat plugin helps monitor and analyze a system's networking activity, providing insights into active connections, network usage, routing information, and potential networking issues.
See the netstat GitHub repository for more details.
net_response
Like the above plugins, you only need to search for and uncomment the [[inputs.net_response]] line to configure this plugin in your telegraf.conf file.
Next, uncomment the protocol and address lines.
Then restart Telegraf in your server to collect and forward the following metrics (this is how they will appear in the Graphite format):
telegraf.<host>.<port.tcp.success.localhost.net_response.response_time
telegraf.<host>.<port>.tcp.success.localhost.net_response.result_code
The net_response plugin monitors network connectivity and latency by performing TCP, UDP, or ICMP ping tests to specified hosts. It measures the response time and tracks whether the network targets are reachable, providing valuable metrics for network performance monitoring. See the net_response GitHub repository for more details.
net
Like the above plugins, you only need to search for and uncomment the [[inputs.net]] line in your Telegraf to configure this plugin. conf file.
Then, restart Telegraf on your server to receive new metrics reporting statistics for IPs, TCP/UDP protocols, Internet Control Message Protocol messages, and more.
See the net GitHub repository for more details and a complete list of metrics returned by the inputs.net plugin.
Use Hosted Graphite by MetricFire to Create Custom Dashboards and Alerts
MetricFire is a monitoring platform that enables you to gather, visualize, analyze, and alert on metrics from sources such as servers, databases, networks, devices, and applications. Using MetricFire, you can effortlessly identify problems and optimize resources within your infrastructure. Hosted Graphite by MetricFire removes the burden of self-hosting your monitoring solution, allowing you more time and freedom to work on your most important tasks.
- Once you have signed up for a Hosted Graphite account and used the above steps to configure your server with the Telegraf Agent, metrics will be forwarded, timestamped, ingested, and aggregated into the Hosted Graphite backend.
- They will be sent and stored in the Graphite format of metric.name.path <numeric-value> <unix-timestamp> provides a tree-like data structure and makes them easy to query.
- These metrics can be found in your Hosted Graphite account, where you can use them to build custom Alerts and Grafana dashboards.
Create Dashboards in Hosted Graphite's Hosted Grafana
In the Hosted Graphite UI, navigate to Dashboards => Primary Dashboards and select the + button to build a new panel:
Then you can use the query UI to select a graphite metric path (the default data source will be the hosted graphite backend if you are accessing Grafana through your Hosted Graphite account):
The Hosted Graphite datasource also supports wildcard (*) searches to grab all metrics that match a specified path.
Now you can apply Graphite functions to these metrics, like aliasByNode(), to reformat the metric names on the graph:
Grafana has many additional options, like configuring dashboard variables and annotations. You can also use different visualizations, modify the display, set the units of measurement, and much more.
Hosted Graphite also has a pre-configured dashboard for Telegraf metrics located in their Dashboard Library:
Once this dashboard is generated in your account, you can locate it in your Primary Dashboards to see system metrics (CPU, mem, disk) displayed, including a row for hardware temperatures:
See the Hosted Graphite dashboard docs for more details.
Creating Graphite Alerts
In the Hosted Graphite UI, navigate to Alerts => Graphite Alerts to create a new alert. Name the alert, add one of your graphite metrics to the alerting metric field, and add a description of what this alert is:
Then, select the Criteria tab, which will set the threshold, and select a notification channel. The default notification channel is the email you used to sign up for the Hosted Graphite account. Still, you can easily configure a channel for Slack, PagerDuty, Microsoft Teams, and more. See the Hosted Graphite docs for more details on notification channels:
Conclusion
Monitoring network performance is essential for ensuring seamless business operations, maintaining security, enhancing user experiences, meeting compliance standards, and enabling scalability. It ultimately contributes to a business's overall success and efficiency.
Network performance monitoring provides valuable data, and using tools like dashboards and alerts complements this monitoring by providing real-time visualization, proactive identification of issues, historical trend analysis, and facilitating informed decision-making. These are all essential for maintaining a robust and efficient network infrastructure.
Sign up for the free trial and experiment with monitoring your network performance today. You can also book a demo and talk to the MetricFire team directly about your monitoring needs.
