Monitor netstat connection states using nagios.

asam30 at gmail.com asam30 at gmail.com
Thu Apr 9 11:34:13 CEST 2009


Hi All,

thank you for prompt response.

I am trying this on one of the linux test server and I am monitoring port 80
(web server) to monitor port status TIME_WAIT. which means if netstat  -anp
| grep 80 returns any state as TIME, then get an alert on nagios.


STATE_OK=0
STATE_WARNING=1
STATE_CRITICAL=2
STATE_UNKNOWN=3

netstat  -anp  | grep 80 > synport
err=`cat synport | grep  TIME | wc  -l |awk '{print $1}'`
if [ $err -gt 0 ]
then
echo "WARNING - STATUS= TIME_WAIT port status on $HOSTNAME | "WARNING -
STATUS=TIME_WAIT port status on $HOSTNAME
 #exit ${STATE_WARNING}
fi


Can you tell me if this ok? Guide me where I am missing? This is my first
script to integrate to nagios.

Thanks

On Thu, Apr 9, 2009 at 2:32 PM, Kevin Keane <subscription at kkeane.com> wrote:

> asam30 at gmail.com wrote:
> >
> > Hi All,
> >
> > I am using check_tcp to check status of a particular port on the
> > server. This is working good. I would also need to monitor LISTEN
> > status (SYN_RECV) of that port. for ex,
> >
> > I have a ldap service running on port 3890, so the command
> >
> > netstat  -anp  | grep 3890
> >
> > tcp        0      0 0.0.0.0:3890 <http://0.0.0.0:3890/>
> >    0.0.0.0:*                           LISTEN
> > 16029/java
> > tcp        0      0 10.121.30.121:3890
> > <http://10.121.30.121:3890/>          10.121.6.1:8831
> > <http://10.121.6.1:8831/>                ESTABLISHED 16029/java
> > tcp        0      0 10.121.30.121:3890
> > <http://10.121.30.121:3890/>          10.121.6.1:61052
> > <http://10.121.6.1:61052/>              ESTABLISHED 16029/java
> > tcp      228      0 10.121.30.121:3890
> > <http://10.121.30.121:3890/>          10.121.6.1:49440
> > <http://10.121.6.1:49440/>             ESTABLISHED 16029/java
> > tcp        0      0 10.121.30.121:3890
> > <http://10.121.30.121:3890/>          10.121.6.1:11664
> > <http://10.121.6.1:11664/>               SYN_RECV    16029/java
> >
> > The establish connections are ok to allow, but we need to monitor
> > SYN_RECV status. If there is any such(SYN_RECV) connection appears, we
> > immediately get an alert from nagios. Is there any way to monitor such
> > states with nagios or check_tcp?
> >
> > I have written some shell script to monitor such events, but also I
> > would like to integrate that scripts into nagios? Is that possible?
> >
> > Please help me or provide some suggestions
> You can integrate almost any shell script you want into Nagios. All you
> need to do is implement the Nagios plugin specification, which is fairly
> trivial to do for most scripts. Return 0, 1 or 2 (OK, warn or critical)
> to as exit code, and return the actual result data via stdout in a
> single line. The details are in the Nagios documentation.
>
> --
> Kevin Keane
> Owner
> The NetTech
> Find the Uncommon: Expert Solutions for a Network You Never Have to Think
> About
>
> Office: 866-642-7116
> http://www.4nettech.com
>
> This e-mail and attachments, if any, may contain confidential and/or
> proprietary information. Please be advised that the unauthorized use or
> disclosure of the information is strictly prohibited. The information herein
> is intended only for use by the intended recipient(s) named above. If you
> have received this transmission in error, please notify the sender
> immediately and permanently delete the e-mail and any copies, printouts or
> attachments thereof.
>
>
>
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by:
> High Quality Requirements in a Collaborative Environment.
> Download a free trial of Rational Requirements Composer Now!
> http://p.sf.net/sfu/www-ibm-com
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>



-- 
Shankar Asam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20090409/8361c116/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null


More information about the Users mailing list