Have you considered doing this through the iptables plugin? If you have a series of iptables rules for ICMP and you mark them with comments (e.g. if your rules were something like: iptables -A INPUT -p icmp -s 0/0 -d 0/0 --icmp-type 8 -m comment --comment ICMP-PING), you could then use the iptables collectd plugin to match on the comment "ICMP-PING" and get the stats that way?
Cheers, Lee H On 20 October 2016 at 20:27, Steve Wray <[email protected]> wrote: > I've been trying this out but had limited success. > > At first I had a configuration like this: > > <Plugin "tail"> > <File "/var/log/icmpinfo/icmpinfo.log"> > Instance "icmpinfo" > <Match> > Regex "ICMP_Echo" > DSType "CounterInc" > Type "counter" > Instance "ICMP_Echo" > </Match> > </File> > </Plugin> > > but I started to find that the values were going off the charts over time; > it started off looking good but after a few days the values were in the > quadrillions and clearly wrong. > > I saw this example: > > <File "/var/log/nginx/nginx-error.log"> > Instance "nginx" > <Match> > Regex "\\(61: Connection refused\\)" > DSType "DeriveInc" > Type "derive" > Instance "err_502" > </Match> > <Match> > Regex "\\(60: Operation timed out\\)" > DSType "DeriveInc" > Type "derive" > Instance "err_504" > </Match> > </File> > > and based a config on this as so: > > <Plugin "tail"> > <File "/var/log/icmpinfo/icmpinfo.log"> > Instance "icmpinfo" > <Match> > Regex "ICMP_Echo" > DSType "DeriveInc" > Type "derive" > Instance "ICMP_Echo" > </Match> > </File> > </Plugin> > > but this isn't producing any data at all! > > Could you share your collectd config? > > Thanks! > > > On Thu, Oct 13, 2016 at 11:25 AM, Eric Horst <[email protected]> wrote: > >> I run icmpinfo as a daemon to syslog icmp statistics periodically >> where they are more easily picked up for metrics and attacks. Glancing >> at the source it seems that I modified it to only log messages that I >> care about. I also see that I made the mods in August of 1999 so not >> surprising it isn't fresh in my mind. The modified icmpinfo still >> works great after all these years. >> >> -Eric >> >> On Thu, Oct 13, 2016 at 10:20 AM, Steve Wray <[email protected]> wrote: >> > Hi, >> > I'm currently getting several system statistics via collectd and feeding >> > this into graphite/grafana. >> > >> > I have a need to collect and graph data on ICMP traffic specifically. >> > >> > Can anyone suggest a way to do this (in Linux)? >> > >> > Thanks >> > >> > >> > _______________________________________________ >> > collectd mailing list >> > [email protected] >> > https://mailman.verplant.org/listinfo/collectd >> > > > _______________________________________________ > collectd mailing list > [email protected] > https://mailman.verplant.org/listinfo/collectd >
_______________________________________________ collectd mailing list [email protected] https://mailman.verplant.org/listinfo/collectd
