Using Splunk on Hotel Internet

Splunk> Finding your faults, just like Mom.

In a previous post, I wrote about using Splunk to monitor network health. While useful for home and office use, there’s another valuable use for this app, and that’s when traveling.

In my case, over my Christmas vacation, I checked into a Mom and Pop hotel, or rather a motel! It was about 24 rooms all in a row, occupying a single floor. Since they were on a budget, their Internet offering consisted of what appeared to be 5 or 6 Linksys routers set up every few rooms. You’d simply connect to the closest access point and have Internet.

But there was a problem: determining which access point was closest to me! The signal strength indicator on my computer showed several of them were 3/3 bars so that wasn’t much help. I tried connecting to the first one, but had virtually no Internet connectivity.

That’s when I fired up Splunk:

docker run --name splunk-network-health-check \
   -p 8000:8000 \
   -v $(pwd)/splunk-data:/opt/splunk/var/lib/splunk/defaultdb \
   -e "TARGETS=192.168.1.1 google.com 8.8.8.8 1.1.1.1" \
   dmuth1/splunk-network-health-check

In the above example, I added in the TARGETS environment variable, and was sure to include 192.168.1.1, which was the IP for each router (they were all the same). Then I set Splunk “real-time mode” and periodically checked that tab as I was working. This is what I saw:

Testing 3 separate hotel Access Points with Splunk

Just to explain what’s going on above, I tried one access point for a few minutes, but had absolutely stupid amounts of packet loss and latency. I then tried a second access point, and the packet loss was less awful but still unacceptable. Finally, I tried a third access point, and had next to no packet loss. I was good to go!

Being able to have realtime visualizations like this made my trip a lot less stressful, as I could get an actual picture of what my Internet connectivity was like. It’s one of the reasons I love using Splunk!