Which probe is required for monitoring TCP ports on a Linux or Unix system?
search cancel

Which probe is required for monitoring TCP ports on a Linux or Unix system?

book

Article ID: 239226

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM) DX Unified Infrastructure Management (Nimsoft / UIM) CA Unified Infrastructure Management SaaS (Nimsoft / UIM) Unified Infrastructure Management for Mainframe

Issue/Introduction

Which probe is required for monitoring TCP port on a Unix or Linux system?

Environment

Release : 20.4

Cause

- Guidance

Resolution

The net_connect probe allows you to monitor any service @ any port on Windows / Linux / UNIX.
 
See 'Configure Service Monitoring' here: net_connect IM Configuration
 
You can configure the profiles to monitor TCP-based services such as telnet and HTTP on the host.
 
You can create or add new "TCP" services (with port) to monitor.
 
For Linux/UNIX using net_connect for remote monitoring seems to be more limited than doing service monitoring on Windows due to OS security in the Linux/UNIX environment. For instance, in testing with net_connect, you may only be able to successfully monitor the sshd service despite other services being active and LISTENING on a given port.
 
Using net_connect service monitoring is not as useful on UNIX/Linux since everything on a UNIX/Linux machine is locked down and the machines are usually only accessible via ssh.
Alternatively, you might be able to use the nexec probe IF the UNIX system admins would allow it, but that is unlikely. You could run a command like netstat -tulnp.
 
 
 
 
or something specific like cat /etc/services | grep rpcbind and parse the command stdout to see if a service was active and listening on a particular port.
 
That said, if it's ok to install a robot on the local UNIX system you can then locally monitor the active services on the machine.