How to Count/Graph/Check TCP connection States Table with NetXMS, ...

Started by sodalist, July 14, 2008, 08:27:44 PM

Previous topic - Next topic

sodalist

Useful for:
- monitoring number of connections to specific TCP port
- checking if service is listening on specific port
- statistics of TCP connections table
- checking load on specific service as number of connections
- detecting TCP connection state based attacks and abnormalities

Requirements:
- agent on *nix system with net-snmp tools
- bash,grep,cat,snmpnetstat

Links:
http://net-snmp.sourceforge.net/docs/man/snmpnetstat.html
snmp_stat.sh attached

How-to:
1.
configure agent on node that has snmp connection to nodes you want to monitor:
ExternalParameter = TCP.Connections(*):/opt/netxms/scripts/snmp_stat.sh $1 $2 $3 $4

2.
add nodes you want to monitor to trusted nodes on that node

3.
parameters:
# $1 = hostname, monitored node ip
# $2 = community, monitored node snmp community string
# $3 = TCP state {ESTABLISHED|LISTEN|TIMEWAIT|TIMECLOSE|FINWAIT1|FINWAIT2|SYNSENT|SYNRECV}
# $4 = TCP port for detailed {ESTABLISHED|LISTEN}

4.
configure DCI's on node you want to monitor and specify node from 1.
as proxy node when creating DCI

5. examples DCI's:

# all established connections
TCP.Connections(192.168.1.1,public,ESTABLISHED)

# all established connections to TCP port 80
TCP.Connections(192.168.1.1,public,ESTABLISHED,80)

# will return 1 if service is listening on TCP port 25
TCP.Connections(192.168.1.1,public,LISTEN,25)


Feel free to use. Suggestions, spelling :) and bug fixes welcome.

Ales