Monitoring TCP connections easier and faster in SLES
License: GPLv3
Problem:
Parsing <i>netstat</i> output has always been a pain because of the large amount of data that is available. Sometimes I need some information more than others, but I almost always want to quickly see the total number and type of connection I have.
Solution:
For this purpose I use the following command:
netstat -nap | awk '/tcp/ {print $6}'| sort | uniq -cThe output gives me a quick view of how the connections are even comparing them to other servers.
somecoolhost:~ # netstat -nap | awk '/tcp/ {print $6}'| sort | uniq -c
400 CLOSE_WAIT
1049 ESTABLISHED
2 FIN_WAIT1
8 FIN_WAIT2
38 LISTEN
271 TIME_WAIT
somecoolhost:~ # This can be supplemented with a more advanced script, put it in a cron job sending the output to a log and creating graphical statistics, etc.
PLUS
Do not forget that we can obtain more complete summary statistics for each protocol with:
netstat -s(Visited 2 times, 1 visits today)
Related Articles
Oct 01st, 2024
SUSE Documentation redefined — Meet the new doc portal
Oct 04th, 2024
Generating images with LocalAI using a GPU
20,113 views
Comments
What a Rube Goldberg machine. It is so much easier to get the state counts: `ss -s | grep ^TCP:` (even the crappy netstat knows -s!)
Yes, it is another option, but in my case, I need more information and that format is awful, so I use netstat.
Cheers
In that case, you might want to consider using the tcp_diag Netlink interface to obtain the desired information directly and print it the way you like.
Oh Kernel Modules, that are others words. If it is true that ss “intends” replace netcat, to me yet still works for what I need.
Thanks for you feedback.