icmp_check — multi-target ping¶
Free tier. Pings a list of targets every cycle and reports reachability, packet loss and round-trip-time statistics per target. This is the agent's equivalent of the classic PRTG ping sensor, multi-target in a single probe instance.
Quick start¶
# probes.d/20-ping.yaml
- name: ping-core
type: icmp_check
params:
targets: ["10.0.0.1", "core-switch.lan", "8.8.8.8"]
interval: 60
Parameters¶
| Parameter | Default | Description |
|---|---|---|
targets |
required | List of hostnames or IPs to ping |
count |
4 | Echo requests per target per cycle |
timeout |
5 | Per-target budget in seconds for the whole round |
interval |
60 | Seconds between collection cycles |
packet_size |
56 | ICMP payload size in bytes |
privileged |
OS-dependent | Raw ICMP sockets (true) vs ICMP datagram sockets (false). Defaults to true on Windows and on Linux when running as root, false elsewhere |
Targets are pinged in parallel (bounded), so a large list does not stretch the cycle by the sum of timeouts.
Metrics¶
One series per metric per target (the target tag discriminates; the
resolved ip rides along).
| Metric | Unit | Description |
|---|---|---|
senhub.icmp.up |
bool | 1 when at least one reply came back this cycle |
senhub.icmp.packet_loss |
% | Lost echo requests over the cycle |
senhub.icmp.packets.sent / .received |
count | Requests/replies this cycle |
senhub.icmp.rtt.min / .avg / .max / .stddev |
ms | Round-trip statistics (emitted only when at least one reply arrived) |
An unreachable target is a measurement (up = 0, loss 100%), not a
probe failure: the probe stays healthy and keeps reporting.
Privileges¶
- Linux: running as root (the current agent requirement), the
probe defaults to privileged raw sockets — unprivileged ICMP
datagram sockets are gated by
net.ipv4.ping_group_range, which stock Ubuntu/Debian servers ship disabled, and root does not bypass that sysctl. As a non-root process the default is unprivileged: if pings fail with a permission error, widen the range to include the agent's group or setprivileged: true(requiresCAP_NET_RAW). The permission error now carries this hint in the log. - Windows: raw sockets only — the probe defaults to
privileged: trueand the agent service runs elevated. - macOS: unprivileged mode works out of the box.