This template retrieves TCP Connection status between two applications on different machines. This template should be assigned on Solaris machine.
Prerequisites: SSH and Perl installed on the target server.
Credentials: Root credentials.
Monitored Components
TCP Connection State
This monitor returns TCP Connection state between two applications on the target server and another computer.
Note: Before using this monitor, the correct arguments should be provided:
perl ${SCRIPT} Source_IP Source_Port Destination_IP Destination_Port
where
Source_IP – Source IP address on target server.
Source_Port - Source port number on target server.
Destination_IP - Destination IP address of second machine.
Destination_Port - Destination port number on second machine.
Below is an example using the Scripts Arguments field:
perl ${SCRIPT} 192.168.0.73 56259 173.194.113.215 443
Possible returned values are as follows:
0 – ESTABLISHED - represents an open connection, data received can be delivered to the user. The normal state for the data transfer phase of the connection.
1 – SYN_SENT - represents waiting for a matching connection request after having sent a connection request.
2 – SYN_RECEIVED - represents waiting for a confirming connection request acknowledgment after having both received and sent a connection request.
3 – LISTEN (LISTENING) - represents waiting for a connection request from any remote TCP and port.
4 – FIN_WAIT_1 - represents waiting for a connection termination request from the remote TCP, or an acknowledgment of the connection termination request previously sent.
5 – TIME_WAIT - represents waiting for enough time to pass to be sure the remote TCP received the acknowledgment of its connection termination request.
6 – CLOSE_WAIT - represents waiting for a connection termination request from the local user.
7 – FIN_WAIT_2 - represents waiting for a connection termination request from the remote TCP.
8 – LAST_ACK - represents waiting for an acknowledgment of the connection termination request previously sent to the remote TCP (which includes an acknowledgment of its connection termination request).
9 – CLOSING - represents waiting for a connection termination request acknowledgment from the remote TCP.
10 – Unknown.
Configuring Windows Remote Management (WinRM)
- 1. If not already done so, install PowerShell 2.0 and WinRM on the SAM and target servers. Powershell 2.0 can be found here: http://support.microsoft.com/kb/968930.
- 2. On the SAM server, open a command prompt as an administrator. To do this, perform the following step:
- Go to the Start menu and right-click the cmd.exe and then select Run as Administrator.
- 3. Enter the following in the command prompt:
winrm quickconfig
winrm set winrm/config/client @{TrustedHosts="*"} - 4. On the target server, open a command prompt as an Administrator and enter the following:
winrm quickconfig
winrm set winrm/config/client @{TrustedHosts="IP_ADDRESS"}
where IP address is the IP address of your SAM server.
Portions of this template are based on the following: https://www.ietf.org/rfc/rfc793.txt. Copyright 2014.
Last updated 9/29/2014