Active Monitoring in ntopng 4.0: ICMP, ICMPv6, HTTP and HTTPS pings with RTT

Posted · Add Comment

The latest stable ntopng 4.0 features a Round Trip Time (RTT) monitor which is capable of pinging hosts on a minute-by-minute basis to check:

  • IP reachability with ICMP and ICMPv6 pings
  • Web servers functionality with HTTP and HTTPS pings

Checks account for the RTT, that is, the time it takes to reach a certain host and receive a response from it. ntopng shows all the RTT-monitored hosts under the System Interface

 

For each monitored host ntopng offers the following information

  • The full URL of the monitored host. The URL is the concatenation of the host name or IP address with a prefix which indicates the type of probe, namely one icmp, icmpv6, http or https
  • A link to a RTT chart with all the minute-by-minute historical measures
  • A threshold, expressed in milliseconds, used to trigger alerts
  • The time of the last measurement performed
  • The latest IP address resolved for the host name indicated in the URL
  • The value, in milliseconds, of the latest measured RTT
  • Buttons to delete or edit the configured host

Hosts can be added to the RTT monitor using the plus sign in the top-right corner of the table

Hosts can be added either by IP address or with their symbolic host name. In case a symbolic name is specified, ntopng will resolve it before performing the ping. A measurment needs to be specified as well in order to indicate the type of ping desired. Finally, an RTT threshold is requested for the alerts generation.

RTT Alerts

Alerts are triggered when the measured RTT is above the configured threshold, or when the host is unreachable. Configuring a threshold is contextual to the addition of an host among those monitored. Alerts are shown under the triangle entry of the RTT menu bar.

Alerts can either be engaged, for currently ongoing issues, or past, for issues occurred in the past.

RTT Timeseries

RTT timeseries are written automatically by default for any of the RTT-monitored hosts.

Conclusions

ntopng 4.0 is becoming an increasingly active monitoring tool. It adds to the active network discovery and SNMP polling of its predecessor ntopng 3.8 also ICMP, ICMPv6, HTTP and HTTPS ping capabilities. Keeping an eye on hosts on a minute-by-minute basis is now a straightforward thing to do using the RTT Monitor.

Soon we will make this monitoring mechanism more extensible so that people can add their own monitoring tool to make it more flexible than just latency monitoring. Enjoy!