The ping command is a built in linux and macOS command that shows the performance of the network connection to a remote server. It can be used to log network performance issues over time. The default ping command displays the results to standard output (the shell window). Used with the following options it routes the output to a file that you can look at later.
The ping command will ping the remote server every second until you manually kill the process. This will create 86,400 pings per day in the output file. It's not something you want to forget about and let it run forever. It could create a very large file that fills up your drive space and crashes your system. I run my ping network monitor on a Raspberry Pi 4 so that it will run 24 hours per day in low power and uninterupted environment.
Ping directed to a file
You would normally just run the ping command interactivly and then stop it when you are done. But, that's not what we are doing today. We are looking for an intermident bug that may happen anytime in the future. For this we need to run the command for weeks at a time and be able to look at the results after a network error has been detected.
Here is the
ping command, running in the background, with the output directed to a file called "network.log".
Copy and paste this text to your command line.
ping google.com 2>&1 | while read pong; do date "+%c: $pong"; done >network.log &
Here are the details of what this command does
ping// the ping command to run
google.com// name of the remote server
2>&1// routes stderr to stdout
| while read pong; do date "+%c: $pong"; done// pipe the ping results and add the current date and time
>network.log// routes output to file network.log
&// at end means to run in background
pipe command, represented by the vertical bar
| takes the output of the first command and routes it into the second command. In this case it takes the output of the
ping command and routes it into a command that prepends the current date and then uses the
> command to route everthing to a file instead of standard out (stdout).
& at the end of the line makes this command run in the background. This frees up your terminal so you can run other commands. It will continue running even when you exit your terminal and logout. The commands below show you how to find the background command later and control it.
Jobs and Processes
The jobs command only works for jobs you have started in the current shell. If you exit the shell and open a new one then this command will not display your jobs. You will need to use the other commands listed below to work with system level processes.
Fun fact: jobs are started by a user, processes are started and managed by the system. A users job is also a system process.
Every command running on the computer is assigned a unique process id (PID). You can use this PID to interact with background processes.
The terms Command, Job, and Process are basically the same thing. They are programs running on your computer.
topinto your shell to see a list of the top processes running on your current computer. Notice the PID column listed on the far left. Type
qto exit this view. For a fun day of reading type
man topto read all the details of the
Use the jobs command to see running background jobs,
-l shows the process id (PID). (That’s a lowercase L)
Viewing your ping log
cat command to view contents of the output file, use the
| more option to show a page at a time. This could take awhile, you are getting 86,400 lines per day and paging through them a few lines at a time will get tedious.
cat network.log or cat network.log | more
Look at the output
If all goes well you should see a
time= value at the end of each line. This tells you the ping completed successfully and you have a good connection to the server.
When the connection goes down you will receive error messages. These will be helpful in determining what went wrong.
Example showing a request timout error
Use grep to find interesting data
grep command will help you find interesting data in your output file.
cat network.log | grep -v time
-v option tells grep to "invert match", so any line that does not contain the "time" string.
This command will search the network.log for any line that does not contain the string "time". So for any ping command that returns anything other than a normal ping time will be displayed. This includes any error messages that you should look at.
Example showing an unreachable server
Find your running ping command
pgrep command to find running ping jobs and return the process id (PID). Pgrep is included in many Linux distributions.
pgrep returns the process id (PID) where the string matches. In this case the PID = 24895. Warning: Don't use this PID, use the PID you find on your own system.
Stopping the ping command
kill command to stop a running job. Be careful, you can kill the wrong job and crash your system. Make sure you enter the correct process id (PID) you found above.
Here's nother command to find the running ping processes. Use
ps if your distribution doesn’t include the
pgrep command. The
ps command displays the current process status for all running processes. It's a long list and you can use
grep to show you just what you want.
ps -aux | grep ping
The process id on this distribution is in the second column from the left. In this case the PID = 24895.
Removing the network.log
When you are done with your analysis you can remove the network.log file with the
rm command. Becareful not to remove the wrong file, this can crash your system.
More info about the Jobs Command
Use the linux manual pages to learn more about each command.
You can search for the linux pipe command too.