Solved

How to detect when a server stops being pinged by another device?

Posted on 2013-12-06
5
515 Views
Last Modified: 2013-12-06
My workplace has a Windows network with about 60 PCs running Windows 7.  I'm in the process of configuring a Linux-based monitoring server that will be running Nagios and Cacti.  I also have access to a cloud-based VPS running Ubuntu.

I'd like to use the VPS to monitor the monitoring server and issue an alert if the monitoring server goes down.  As it stands now, the monitoring server will not be visible outside the LAN, and I don't want to make any changes to the firewall.  My thought is to have the monitoring server continuously ping the VPS.  If the pinging stops, the VPS will send me an alert via email.

I've done some Googling, but I can't find any information about a way to issue an alert when a server stops receiving pings from another machine.

I'm a Linux newbie, and any help would be appreciated.  Thanks!
0
Comment
Question by:chernavsky
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 19

Assisted Solution

by:xterm
xterm earned 325 total points
ID: 39701396
On the VPS just run:

tcpdump -w myfile.output icmp and host <ip address of monitoring server>

Then you can just script something else to watch myfile.output and tell you if it stops growing.
0
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 25 total points
ID: 39701419
You will want to make sure you stop the process and delete myfile.output every now and then or it will continue to grow forever.
0
 

Author Comment

by:chernavsky
ID: 39701531
xterm, I installed tcpdump, and it's detecting the pings.  Thanks for that.  What do you suggest for a script?  Something in BASH that checks the size of the myfile.output file once per minute, and then sends an email alert if the size didn't change from the previous cycle?  Or is there a simpler way?  Thanks again.
0
 
LVL 19

Accepted Solution

by:
xterm earned 325 total points
ID: 39701655
Here's a little shell script that will do what you need:

#!/bin/sh

FILE_TO_WATCH="myfile.output"
if [ ! -f $FILE_TO_WATCH ]; then
        echo "Capture file not found, please edit value FILE_TO_WATCH in this script"
        exit 1
fi

EMAILRCPT="you@youraddress.com"
OLDSIZE=0

while :;
do
        MYFILESIZE=`du -b $FILE_TO_WATCH | awk '{print $1}'`
        if [ $OLDSIZE -eq $MYFILESIZE ]; then
                mail -s "Ping capture file did not grow" $EMAILRCPT < /dev/null 
        else
                OLDSIZE=$MYFILESIZE
        fi
        sleep 30
done

Open in new window


Keep in mind though, you might want to have it exit after it mails you (add a line with "exit 0" below that line) otherwise you will get an email every 30 seconds until the pings resume again.

And of course, every once in a while you probably want to remove the output file and re-run the script because it will keep growing over time.
0
 

Author Closing Comment

by:chernavsky
ID: 39702276
Excellent!  Works like a charm.  Thank you so much.
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
unable to put logic for reading multiple repo in a single file 4 69
Setup small office network 1 58
Can't connect to FTP 18 104
rsyslog raw message 4 37
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question