If you've indexed your data already and it contains URLs, IPs, or DNS names that you want to ping, you can use this ping status command add-on: http://apps.splunk.com/app/507/
Usage is in the README.txt. Then, have your dashboard refresh every 5 seconds to get the latest ping status in realtime for these machines or devices.
@ndoshi how can we check the hosts mentioned in lookup file
pingstatus command works on extracted field - host but when i use..
|inputlookup all_networking_devices | fields host | pingstatus url as host| table host,pingdelay | sort-pingdelay | head 8
then it does not show anything as in verbose results there is nothing since hosts are in lookup file not indexed and hence no extracted 'host' field
please suggest
Hi saurabh_tek,
@saurabh_tek
Did u find the solution for this ?
i am also having all host details in lookup file only ...when i do ping status it returns nothing...
Your reply will helpful
Thanks in advance
@ppablo @Drainy @Rhuen ·can u suggest something on this plz
You could just write a scripted input that runs every 60 seconds and Splunk the output, then you just build your dashboard based on the expected ping detail.
http://docs.splunk.com/Documentation/Splunk/4.3/Developer/ScriptSetup
Well, a quick google found this; http://www.cyberciti.biz/tips/simple-linux-and-unix-system-monitoring-with-ping-command-and-scripts.... You could modify this to be your scripted input. You really need to learn and understand how this all works otherwise you can't hope to support it. Also it might be worth looking into the "access denied" error
Have you or anyone a example for me?
I was try with "Pinger" it works, but when i ping a IP-Adress i see only "access denied" but a normal ping is working. I dont know why.