Skip to main content

ICMP Pings with the Blackbox exporter

The Blackbox exporter can perform ICMP probes. Let's see how.
First download and run the blackbox_exporter:
wget https://github.com/prometheus/blackbox_exporter/releases/download/v0.12.0/blackbox_exporter-0.12.0.linux-amd64.tar.gz
tar -xzf blackbox_exporter-*.linux-amd64.tar.gz
cd blackbox_exporter-*
sudo ./blackbox_exporter
sudo is used here as ICMP typically requires raw socket access, and running as root is one way to provide the necessary privileges.
If you visit http://localhost:9115/probe?module=icmp&target=localhost the probe will be performed, and should include probe_success 1 indicating that it works. You can replace the target with any other hostname that you wish to probe.
Prometheus can use the Blackbox exporter to do ICMP probes against many targets with a little relabelling in your prometheus.yml:
scrape_configs:
  - job_name: 'blackbox'
    metrics_path: /probe
    params:
      module: [icmp]
    static_configs:
      - targets:
        - localhost
        - prometheus.io
        - robustperception.io
    relabel_configs:
      - source_labels: [__address__]
        target_label: __param_target
      - source_labels: [__param_target]
        target_label: instance
      - target_label: __address__
        replacement: 127.0.0.1:9115  # This is your blackbox exporter.
Here the usual target address become URL parameters to your blackbox exporter.

If you don't have a working IPv6 setup you may find that some targets can't be probed as the blackbox exporter prefers using an IPv6 address if there is one available. If you add &debug=true to the URL there'll be an error message like "sendto: cannot assign requested address" in this case. To handle this you can create a module that prefers IPv4 in your blackbox.yml:
modules:
 icmp_ipv4:
   prober: icmp
   icmp:
     preferred_ip_protocol: ip4
And then use the icmp_ipv4 module.
Labels:

Comments

Post a Comment

https://gengwg.blogspot.com/

Popular posts from this blog

CKA Simulator Kubernetes 1.22

  https://killer.sh Pre Setup Once you've gained access to your terminal it might be wise to spend ~1 minute to setup your environment. You could set these: alias k = kubectl                         # will already be pre-configured export do = "--dry-run=client -o yaml"     # k get pod x $do export now = "--force --grace-period 0"   # k delete pod x $now Vim To make vim use 2 spaces for a tab edit ~/.vimrc to contain: set tabstop=2 set expandtab set shiftwidth=2 More setup suggestions are in the tips section .     Question 1 | Contexts Task weight: 1%   You have access to multiple clusters from your main terminal through kubectl contexts. Write all those context names into /opt/course/1/contexts . Next write a command to display the current context into /opt/course/1/context_default_kubectl.sh , the command should use kubectl . Finally write a second command doing the same thing into ...
Post a Comment
Read more

OWASP Top 10 Threats and Mitigations Exam - Single Select

Last updated 4 Aug 11 Course Title: OWASP Top 10 Threats and Mitigation Exam Questions - Single Select 1) Which of the following consequences is most likely to occur due to an injection attack? Spoofing Cross-site request forgery Denial of service   Correct Insecure direct object references 2) Your application is created using a language that does not support a clear distinction between code and data. Which vulnerability is most likely to occur in your application? Injection   Correct Insecure direct object references Failure to restrict URL access Insufficient transport layer protection 3) Which of the following scenarios is most likely to cause an injection attack? Unvalidated input is embedded in an instruction stream.   Correct Unvalidated input can be distinguished from valid instructions. A Web application does not validate a client’s access to a resource. A Web action performs an operation on behalf of the user without checkin...
2 comments
Read more