If you've indexed your data already and it contains URLs, IPs, or DNS names that you want to ping, you can use this ping status command add-on: http://apps.splunk.com/app/507/
Usage is in the README.txt. Then, have your dashboard refresh every 5 seconds to get the latest ping status in realtime for these machines or devices.
@ndoshi how can we check the hosts mentioned in lookup file
pingstatus command works on extracted field - host but when i use..
|inputlookup all_networking_devices | fields host | pingstatus url as host| table host,pingdelay | sort-pingdelay | head 8
then it does not show anything as in verbose results there is nothing since hosts are in lookup file not indexed and hence no extracted 'host' field
Did u find the solution for this ?
i am also having all host details in lookup file only ...when i do ping status it returns nothing...
Your reply will helpful
Thanks in advance
You could just write a scripted input that runs every 60 seconds and Splunk the output, then you just build your dashboard based on the expected ping detail.
Well, a quick google found this; http://www.cyberciti.biz/tips/simple-linux-and-unix-system-monitoring-with-ping-command-and-scripts.... You could modify this to be your scripted input. You really need to learn and understand how this all works otherwise you can't hope to support it. Also it might be worth looking into the "access denied" error