TCP Connection State (Solaris)

Version 1

    This template retrieves TCP Connection status between two applications on different machines. This template should be assigned on Solaris machine.


    Prerequisites: SSH and Perl installed on the target server.

    Credentials: Root credentials.


    Monitored Components

    TCP Connection State

    This monitor returns TCP Connection state between two applications on the target server and another computer.

    Note: Before using this monitor, the correct arguments should be provided:
    perl ${SCRIPT} Source_IP Source_Port Destination_IP Destination_Port
    where
    Source_IP – Source IP address on target server.
    Source_Port - Source port number on target server.
    Destination_IP - Destination IP address of second machine.
    Destination_Port - Destination port number on second machine.

    Below is an example using the Scripts Arguments field:

    perl ${SCRIPT} 192.168.0.73 56259 173.194.113.215 443


    Possible returned values are as follows:
          0 – ESTABLISHED - represents an open connection, data received can be delivered to the user.  The normal state for the data transfer phase of the connection.
          1 – SYN_SENT - represents waiting for a matching connection request after having sent a connection request.
          2 – SYN_RECEIVED - represents waiting for a confirming connection request acknowledgment after having both received and sent a connection request.
          3 – LISTEN (LISTENING) - represents waiting for a connection request from any remote TCP and port.
          4 – FIN_WAIT_1 - represents waiting for a connection termination request from the remote TCP, or an acknowledgment of the connection termination request previously sent.
          5 – TIME_WAIT - represents waiting for enough time to pass to be sure the remote TCP received the acknowledgment of its connection termination request.
          6 – CLOSE_WAIT - represents waiting for a connection termination request from the local user.
          7 – FIN_WAIT_2 - represents waiting for a connection termination request from the remote TCP.
          8 – LAST_ACK - represents waiting for an acknowledgment of the connection termination request previously sent to the remote TCP (which includes an acknowledgment of its connection termination request).
          9 – CLOSING - represents waiting for a connection termination request acknowledgment from the remote TCP.
          10 – Unknown.

     

    Configuring Windows Remote Management (WinRM)

    1. 1. If not already done so, install PowerShell 2.0 and WinRM on the SAM and target servers. Powershell 2.0 can be found here: http://support.microsoft.com/kb/968930.
    2. 2. On the SAM server, open a command prompt as an administrator. To do this, perform the following step:
    • Go to the Start menu and right-click the cmd.exe and then select Run as Administrator.
    1. 3. Enter the following in the command prompt:
             winrm quickconfig
      winrm set winrm/config/client @{TrustedHosts="*"}
    2. 4. On the target server, open a command prompt as an Administrator and enter the following:
             winrm quickconfig
      winrm set winrm/config/client @{TrustedHosts="IP_ADDRESS"}

    where IP address is the IP address of your SAM server.

     

    Portions of this template are based on the following: https://www.ietf.org/rfc/rfc793.txt. Copyright 2014.

    Last updated 9/29/2014