Simple Linux and UNIX system monitoring with ping command and scripts

by on July 21, 2006 · 43 comments· LAST UPDATED March 5, 2008

in , ,

You can simply monitor your remote system hosted some remote IDC. There may be tons of causes for which system goes out the network.

Understanding ping command

ping is one of the basic and nifty command to test network connection. For example you can send 4 ping request to cyberciti.biz with following command:
$ ping -c 4 cyberciti.biz
$ ping -c 4 router

Output:

PING router (192.168.1.254) 56(84) bytes of data.
64 bytes from router (192.168.1.254): icmp_seq=1 ttl=64 time=1.02 ms
64 bytes from router (192.168.1.254): icmp_seq=2 ttl=64 time=0.824 ms
64 bytes from router (192.168.1.254): icmp_seq=3 ttl=64 time=0.826 ms
64 bytes from router (192.168.1.254): icmp_seq=4 ttl=64 time=0.843 ms
--- router ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3012ms
rtt min/avg/max/mdev = 0.824/0.880/1.027/0.085 ms

Just see output '--- router ping statistics ---', 4 received is key to verify that 4 packets send and received successfully. You can extract 4 received with the following command:
$ ping -c4 router | grep 'received'
Output:

4 packets transmitted, 4 received, 0% packet loss, time 3012ms

Next logical step is to just get number 4 received using awk command:
$ ping -c4 router | grep 'received' | awk -F',' '{ print $4}'
Output:

4 received 

Last step is to just get 4 number and remove received word:
$ ping -c4 router | grep 'received' | awk -F',' '{ print $2}' | awk '{ print $1}'
Output:

4 

Shell script to system monitoring with ping command

Now you know how to obtained received packets, it is time to automate entire process with simple script. Here is sample script (download link):

#!/bin/bash
HOSTS="cyberciti.biz theos.in router"
COUNT=4
for myHost in $HOSTS
do
  count=$(ping -c $COUNT $myHost | grep 'received' | awk -F',' '{ print $2 }' | awk '{ print $1 }')
  if [ $count -eq 0 ]; then
    # 100% failed 
    echo "Host : $myHost is down (ping failed) at $(date)"
  fi
done

You can download complete working script which sends an email alert here.

Setup Cron job

In order to run this script every 30 minutes (or as per your requirements), you need to install a script as cron job:
$ chmod +x /path/to/monitorHost
Install the monitorHost script as crontab using the editor:
$ crontab -e
Append the following cronjob entry:
# Monitor remote host every 30 minutes using monitorHost
30 * * * * /home/vivek/bin/monitorHost

Save and close the file.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 43 comments… read them below or add one }

1 kotnik July 24, 2006 at 12:51 am

This is the script I’m using for the same thing:

case `ping -qnc 1 google.com 2>&1` in
*’100% packet loss’*)
echo “The network is DOWN.”
exit 1
;;
esac

One way or around…

Reply

2 randomz July 24, 2006 at 9:41 am

Nice, though I think a ( got dropped before *’100% packet loss’*) ?

Reply

3 kotnik July 27, 2006 at 11:19 am

No, ( is not missing. Try it:

http://pastebin.ca/102156

Reply

4 nixCraft July 27, 2006 at 7:01 pm

Kotnik,

Short and sweet code :D

Reply

5 Max June 9, 2007 at 1:43 am

Hie
this is an ingenious script:)
thanks to share it
I have just a little question.
I didn’t find “Email ID”
can you help me to find it please??

thanks for your help

Reply

6 nixCraft June 10, 2007 at 5:29 am

Go here

HTH

Reply

7 TonyK June 11, 2007 at 11:27 am

You can skip the awk stuff by using cut like this:
ping -c4 localhost | grep ‘received’ | cut -f2 -d’,’ |cut -f2 -d’ ‘

it also returns 4

Reply

8 atc0re September 9, 2012 at 4:11 pm

ping -c4 localhost |grep received| cut -d “,” -f2| cut -d ” ” -f2

Reply

9 nixCraft June 11, 2007 at 3:17 pm

TonyK

Yes you can always use another set of commands to do the same thing. Coding is like that… heh

Appreciate your post!

Reply

10 BenV July 17, 2007 at 9:46 am

I commonly use this. Just another way to do it.
if [[ $(ping -q -c 3 10.1.1.1) == @(*100% packet loss*) ]]; then
echo “$host is down”
else
echo “$host is alive”
fi

Reply

11 John Golini August 11, 2008 at 12:26 am

can someone show me a script I could cron every 15 min or so, that would email ‘root’ each time a computer comes up on the LAN or goes off the LAN, giving the ip address and the windows computer name?

Reply

12 Saurabh November 17, 2008 at 8:55 am

Short and sweet code Benv

Reply

13 ishfaq February 20, 2010 at 7:16 pm

nice script but any tell how to paste the out put on apache page

Reply

14 Amza Marian May 13, 2010 at 11:09 am

@ishfaq :

echo “Host : $myHost is down (ping failed) at $(date)” >> /var/www/network.txt

Reply

15 Ernest June 17, 2010 at 5:34 pm

@BenV – Will your script work if $host does not exist? Typo’s happen.

Will adding a ‘ping -c1 -w1″ enable a timeout and avoid hanging indefinitely? or is the -w not used that way?

Reply

16 difa December 13, 2010 at 4:23 am

nice..
thanks you ^,^

Reply

17 Bob Watson February 9, 2011 at 4:32 pm

Along a slightly different vein- I’ve got my e-mail client set to start as soon as I log in, which is often before the network is online. It then tells me it can’t find the server and decides to work off-line. This is annoying, so I added a slight modification of the above at the head of its initialisation script:

while :
do
count=$(ping -c 1 imap.1and1.co.uk | grep ‘received’ | awk -F’,’ ‘{ print $2 }’ | awk ‘{ print $1 }’)
if [ $count -eq 1 ]; then
break
fi
sleep 5
done

Reply

18 HTF April 3, 2011 at 2:24 am

Quick question:
If I set the ping count to 4 and only one of four will failed will I get the true positive alarm anyway?

Reply

19 Amza Marian April 3, 2011 at 2:35 pm

HTF: Yes

if [ $count -eq 0 ]; then <- only if 100% failed.

Reply

20 Peter April 7, 2011 at 12:14 am

It works fine except i tried to use it to make sure my internet connection was still up and if the internet connection fails It can’t resolve the host so it can’t try ping to ping it. How could i add a check for this situation?

Reply

21 nixCraft April 7, 2011 at 3:00 am

Check dns settings in /etc/resolv.conf file including firewall settings.

Reply

22 shilpa April 19, 2011 at 2:25 pm

how to check server is alive using ping command at client in unix system programming using ICMP protocol

Reply

23 Amza Marian April 19, 2011 at 8:18 pm

@shilpa: PING using icmp protocol. You can read more here:
http://www.iana.org/assignments/icmp-parameters

Reply

24 shilpa April 22, 2011 at 10:29 am

have to implement ping command using raw socket in unix

Reply

25 shilpa April 22, 2011 at 5:58 pm

hi,
i am doing a small program on the working of ping command in linux using icmp protocol. here is the code but its giving an error at getuid()

#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
char dst_addr[20];
char src_addr[20];
unsigned short in_cksum(unsigned short*,int);
void parse_argvs(char**,char*,char*);
void usage();
char *getip();
char *toip(char*);
int main(int argc, char *argv[])
{
struct iphdr *ip;
struct iphdr *ip_reply;
struct icmphdr *icmp;
struct sockaddr_in connection;
char *packet=NULL;
char *buffer=NULL;
int sockfd;
int optval;
int addrlen;
int siz;
printf(“%d”,getuid());
if(getuid()!=0)
{
fprintf(stderr,”%s:rot privileges needed\n”,*(argv+0));
exit(EXIT_FAILURE);
}
parse_argvs(argv,dst_addr,src_addr);
strncpy(dst_addr,toip(dst_addr),20);
strncpy(src_addr,toip(src_addr),20);
printf(“src addr is %s\n”,src_addr);
printf(“dest addre is %s\n”,dst_addr);
packet=malloc(sizeof(struct iphdr) + sizeof(struct icmphdr));
buffer=malloc(sizeof(struct iphdr) + sizeof(struct icmphdr));
ip=(struct iphdr *)packet;
icmp=(struct icmphdr *)(packet + sizeof(struct iphdr));
ip->ihl=5;
ip->version=4;
ip->tos=0;
ip->tot_len=sizeof(struct iphdr) + sizeof(struct icmphdr);
ip->id=htons(0);
ip->frag_off=0;
ip->ttl=64;
ip->protocol=IPPROTO_ICMP;
ip->saddr=inet_addr(src_addr);
ip->daddr=inet_addr(dst_addr);
ip->check=in_cksum((unsigned short *)ip,sizeof(struct iphdr));
if((sockfd=socket(AF_INET,SOCK_RAW,IPPROTO_ICMP))==-1)
{
perror(“socket”);
exit(EXIT_FAILURE);
}
setsockopt(sockfd,IPPROTO_IP,IP_HDRINCL,&optval,sizeof(int));
icmp->type=ICMP_ECHO;
icmp->code=0;
icmp->un.echo.id=random();
icmp->un.echo.sequence=0;
icmp->checksum=in_cksum((unsigned short *)icmp,sizeof(struct icmphdr));
connection.sin_family=AF_INET;
connection.sin_addr.s_addr=inet_addr(dst_addr);
sendto(sockfd,packet,ip->tot_len,0,(struct sockaddr *)&connection,sizeof(struct sockaddr));
printf(“sent %d byte packet to %s\n”,ip->tot_len,dst_addr);
addrlen=sizeof(connection);
if((siz=recvfrom(sockfd,buffer,sizeof(struct iphdr) + sizeof(struct icmphdr),0,(struct sockaddr *)&connection,&addrlen))==-1)
{
perror(“recv”);
}
else
{
printf(“received %d byte reply from %s\n”,siz,dst_addr);
ip_reply=(struct iphdr *)buffer;
printf(“ID: %d\n”,ntohs(ip_reply->id));
printf(“ttl:%d\n”,ip_reply->ttl);
}
free(packet);
free(buffer);
close(sockfd);
return 0;
}

void parse_argvs(char **argv,char *dst,char *src)
{
int i;
if(!(*(argv + 1 ) ) )
{
usage();
exit(EXIT_FAILURE);
}
if(*(argv + 1) && (!(*(argv + 2 ) ) ) )
{
strncpy(dst,*(argv + 1),15);
return;
}
else if((*(argv + 1 ) && (* ( argv + 2 ) ) ) )
{
strncpy(dst,*(argv + 1 ),15);
i=2;
while(*(argv + i + 1 ) )
{
if(strncmp(*(argv + i),”-s”,2)==0)
{
strncpy(src,*(argv + i + 1),15);
break;
}
i++;
}
}
}

void usage()
{
fprintf(stderr, “\n usage:ping [destination] \n”);
fprintf(stderr,”destination must be provided\n”);
fprintf(stderr,”source is optional \n \n”);
}
char * getup()
{
char buffer[256];
struct hostent *h;
gethostname(buffer,256);
h=gethostbyname(buffer);
return inet_ntoa(*(struct in_addr *)h->h_addr);
}
char * toip(char * address)
{
struct hostent *h;
h=gethostbyname(address);
return inet_ntoa(*(struct in_addr *)h->h_addr);
}
unsigned short in_cksum(unsigned short *addr, int len)
{
register int sum=0;
u_short answer=0;
register u_short *w=addr;
register int nleft=len;
while(nleft > 1)
{
sum+=*w++;
nleft-=2;
}
if(nleft==1)
{
*(u_char*) (&answer)=*(u_char*)w;
sum+=answer;
}
sum=(sum>>16) + (sum & 0xffff);
sum+=(sum>>16);
answer=~sum;
return(answer);
}

Reply

26 shilpa April 22, 2011 at 5:58 pm

can anybody suggest me a solution plz

Reply

27 Henrik C July 8, 2011 at 11:24 am

Hi coders

What would i use if i needed 1 timestamp when “Ping up again” ?

Thanks

Reply

28 YC July 20, 2011 at 2:19 pm

This is a great tutorial but there is a little problem. Your cron job won’t be executed every 30 minutes but instead 1 time per hour at 30 minute (1:30, 2:30, 3:30). To run it every 30 min, you should change the first parameter to */30.

Reply

29 blognadei October 24, 2011 at 10:39 am

thanks , this work :D

Reply

30 Константин Кръстев November 23, 2011 at 2:57 pm

ping -qnc 2 google.com > /dev/null 2>&1 && echo ‘Host up!’ || echo ‘Host down!’

Reply

31 Der December 4, 2011 at 1:06 am

@Константин Кръстев
I love your line, but could you explain the bit after the “>” I don’t get that.

It does work I just don’t know why!

Thanks,
Der

Reply

32 Kaizad September 13, 2012 at 7:57 am

Hi friends,can anybody suggest me some code for how to get respond for a client side Ping to a server in C on unix platform?

Reply

33 Robby October 7, 2012 at 2:57 am

I like the code but think fping is better at this and easier coding.
install apt-get install fping
then put in the code as
For testing if host alive just use fping -a or fping -u:
-a show all host in your list as alive or -u shows unavailble.
You can also predefine using a file with th -f and a filename.

Long and short you can do what you want by adding:
a file called something like host.txt and code would be one line such as:
fping -ag -f /path/host.txt > results
your host.txt would hold all hosts you want to monitor. This one line will go out and check the hosts listed and let you know everything alive in the results file. if you leave off the -a it will list the status up or down in the results. this is getting wordy and not trying to over ride the post everyone has there own way. I am just giving a quick response of an alternate way of doing it with less lines of code.

Thanks and great job on the code,
Robby Loyed

Reply

34 giannis December 27, 2012 at 6:52 pm

I think the code could be sligtly improved.

Sending an email for each machine that is down can lead to a very high number of emails,

Sending one email reporting just the ones that were down during the check is easier to go through and check.

#!/bin/bash
# Simple SHELL script for Linux and UNIX system monitoring with
# ping command
# -------------------------------------------------------------------------
# Copyright (c) 2006 nixCraft project
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------
# Setup email ID below
# See URL for more info:
# http://www.cyberciti.biz/tips/simple-linux-and-unix-system-monitoring-with-ping-command-and-scripts.html
# -------------------------------------------------------------------------
fail="false"
# add ip / hostname separated by white space
HOSTS="192.168.111.1 192.168.101.1 ...."
# no ping request
COUNT=5
# email report when
SUBJECT="Ping failed"
EMAILID="email here"
for myHost in $HOSTS
do
  count=$(ping -c $COUNT $myHost | grep 'received' | awk -F',' '{ print $2 }' | awk '{ print $1 }')
  if [ $count -eq 0 ]; then
    # 100% failed
    fail="true"
    failedhosts="$failedhosts $myHost"
  fi
done
  if [ $fail = "true" ]; then
        echo $failedhosts
        echo "Hosts down: $failedhosts" | mail -s "$SUBJECT" $EMAILID
  fi

Reply

35 maya March 19, 2014 at 12:35 pm

I am also using the same procedure to monitor multiple systems

Reply

36 Tina March 19, 2013 at 12:32 am

Any suggestions on if I want a script to ping a host every 10 sec 6 times and send an e-mail if packet loss is anything other than 0%?

Reply

37 vipin August 12, 2014 at 9:29 am

Simple Script to check whether the remote host is up or down;

ping -c 6 192.168.1.1
if [ “`echo $?`” == 0 ]; then
echo “192.168.1.1 is up”
else
echo “192.168.1.1 is down”
fi
sleep 10
sh /root/script

Execute it once and it will not stop until you kill the script , put ‘mail’ command in the script and you will receive it in your email if there is no response from the remote host.

Thanks,

Reply

38 Hamid April 15, 2013 at 4:00 pm

very good…..
thank you

Reply

39 Mohamed April 17, 2013 at 9:50 am

Really big thanks for your great help

Reply

40 Vignesh July 22, 2013 at 6:18 am

I have developed the script such that to ping it forever:

function CheckHost()
{
HOSTS=”IP”
ping=”5″
SUBJECT=”Ping UAT $HOSTS”
EMAILID=”MAIL ID”
count=$(ping -s $HOSTS 56 $ping | grep “received” | awk -F, ‘{print $1 $2 $3}’)
echo $count
op=$(echo $count | awk ‘{print $1 $4}’)
echo $op
if [ $op != $ping$ping ];
then
echo “Host : $HOSTS Ping Failed $count” | mailx -s “$SUBJECT” $EMAILID
fi
echo ‘Calling CheckHost Again!’
CheckHost
}
CheckHost

Reply

41 Aritra September 11, 2013 at 5:13 am

Hi ,

I was looking for a way by which I can ping the remote UNIX Servers from my Local (WINDOWS) system. Any suggestions on how can this be achieved? I fear that checking the server availability from a unix server may fail if the unix server on which the check script is hosted goes down anyday.

Aritra

Reply

42 sri February 19, 2014 at 11:56 am

Thanks much. It helped me.

Reply

43 vipin August 12, 2014 at 9:20 am

Simple Script to check whether the remote host is up or down;

ping -c 4 192.168.1.1
if [ “`echo $?`” == 0 ]; then
echo “192.168.1.1 is up”
else
echo “192.168.1.1 is down”
fi

execute it through cron daemon and put use mail command to receive it to your email.

Thanks,

Reply

Leave a Comment

Tagged as: , , , , , , , ,

Previous post:

Next post: