HEY GUYS.....
I was wondering ...... It would be possible to graph connections on specifics ports ?
FTP, HTTP,CUPS, etc,etc,etc...
and if it`s possible.....how can I do it ?
HOW CAN I GRAPH CONECTIONS OF AN SPECIFIC PORT ?
Moderators: Developers, Moderators
There are lots of fancy ways to do this with Netflow on a larger scale. If you have a linux box in the mix, it becomes really easy with iptables chain counters.
http://www.raxnet.net/downloads/scripts/iptables.pl.txt
-Ian
http://www.raxnet.net/downloads/scripts/iptables.pl.txt
-Ian
Here's something I threw together to allow me to see how many people were connecting to our Novell Groupwise servers and Citrix servers:
"Connection Count by Port”
Description: This script returns the number of connections currently established on the specified port. For example, you may determine the number of users currently logged into a Citrix Server with the ICA client by checking port 1494 or maybe the number of users currently logged in to a Groupwise Mail server with the GWClient in Client/Server mode by checking port 1677
Settings:
Data Input Methods:
Name: Connection Count by Port
Input Type: Script/Command
Input String: perl /scripts/conncount.pl
Output String:
Input Fields:
Name: server Friendly Name: Server or IP
Name: community Friendly Name: SNMP Community
Name: port Friendly Name: Port
Output Fields:
Field Name: count Friendly Name: Count
Update RRD File: checked
"Connection Count by Port”
Description: This script returns the number of connections currently established on the specified port. For example, you may determine the number of users currently logged into a Citrix Server with the ICA client by checking port 1494 or maybe the number of users currently logged in to a Groupwise Mail server with the GWClient in Client/Server mode by checking port 1677
Settings:
Data Input Methods:
Name: Connection Count by Port
Input Type: Script/Command
Input String: perl /scripts/conncount.pl
Output String:
Input Fields:
Name: server Friendly Name: Server or IP
Name: community Friendly Name: SNMP Community
Name: port Friendly Name: Port
Output Fields:
Field Name: count Friendly Name: Count
Update RRD File: checked
Code: Select all
#!/usr/bin/perl
# Usage:
# conncount.pl <server> <community> <port>
# ie: conncount.pl myserver public 1492
# Output:
# # of 'established' connections
# Common Ports to monitor counts:
# 8080 == Proxy server connections
# 1494 == Citrix server connections (ICA)
# 1677 == Groupwise client connections
# 21 == ftp server connections
# 80 == web server connections
$response = `/usr/bin/snmpwalk $ARGV[0] $ARGV[1] .1.3.6.1.2.1.6.13 | grep ."\.".$ARGV[2]."\.". | grep -c established`;
chomp $response;
print "$response";
Burke - MCP+I, MCSE, MCSD, CNE, CCA, CCNA, LPIC-1
[url=http://www.technicalvalues.com]My Website[/url] ::[url=http://www.technicalvalues.net]Domain Registrations, SSL Certs, and Hosting[/url]
[url=http://www.technicalvalues.com]My Website[/url] ::[url=http://www.technicalvalues.net]Domain Registrations, SSL Certs, and Hosting[/url]
Can't add an input field
I would like to try your script, but when I get to the point of adding an input field I get an error about:
"Error: This script appears to have no input values, therefore there is nothing to add."
I was able to add the output fields no problem.
"Error: This script appears to have no input values, therefore there is nothing to add."
I was able to add the output fields no problem.
Re: Can't add an input field
you have to add your input field to the command line first. it would look something like this.rweales wrote:I would like to try your script, but when I get to the point of adding an input field I get an error about:
"Error: This script appears to have no input values, therefore there is nothing to add."
I was able to add the output fields no problem.
perl /command/to/run <host> <port>
host would be an input field you could add, port would be as well. you have to have those on the line or it wont let you add anything in the input section.
-
- Posts: 7
- Joined: Fri Dec 15, 2006 7:14 pm
The script from above did not work for me so I have adjusted it a little:
#!/usr/bin/perl
# Usage:
# conncount.pl <server> <community> <port>
# example:
# conncount.pl hostname public 1494
$response = `snmpwalk -v 1 $ARGV[0] -c $ARGV[1] .1.3.6.1.2.1.6.13 | grep $ARGV[2] | grep -c established`;
chomp $response;
print "$response";
#!/usr/bin/perl
# Usage:
# conncount.pl <server> <community> <port>
# example:
# conncount.pl hostname public 1494
$response = `snmpwalk -v 1 $ARGV[0] -c $ARGV[1] .1.3.6.1.2.1.6.13 | grep $ARGV[2] | grep -c established`;
chomp $response;
print "$response";
Who is online
Users browsing this forum: bss1234 and 1 guest