I'm trying to find a way to monitor active/passive/failed TCPv4 connections. The monitored host is Server 2008R2 and I'm able to get the results I need from perfmon using the following counters:
TCPv4 > Connections Active
The netstat plugin didn't seem to work for me, and I couldn't figure out the correct arguments with TCP_Check to retreive the values I need either. Can anyone point me in the right direction on this one?
Thanks!
Monitor Active TCPv4 Connections
Re: Monitor Active TCPv4 Connections
The WMI class "Win32_PerfRawData_Tcpip_TCPv4" would be a way to return this data from Windows server 2008.
here's a powershell query on the localhost:
PS C:\users\administrator\Desktop> gwmi Win32_PerfRawData_Tcpip_TCPv4
__GENUS : 2
__CLASS : Win32_PerfRawData_Tcpip_TCPv4
__SUPERCLASS : Win32_PerfRawData
__DYNASTY : CIM_StatisticalInformation
__RELPATH : Win32_PerfRawData_Tcpip_TCPv4=@
__PROPERTY_COUNT : 18
__DERIVATION : {Win32_PerfRawData, Win32_Perf, CIM_StatisticalInformation}
__SERVER : WIN-DVNEC6E00EP
__NAMESPACE : root\cimv2
__PATH : \\WIN-DVNEC6E00EP\root\cimv2:Win32_PerfRawData_Tcpip_TCPv4=@
Caption :
ConnectionFailures : 0
ConnectionsActive : 91
ConnectionsEstablished : 1
ConnectionsPassive : 712
ConnectionsReset : 115
Description :
Frequency_Object : 0
Frequency_PerfTime : 14318180
Frequency_Sys100NS : 10000000
Name :
SegmentsPersec : 52539
SegmentsReceivedPersec : 25781
SegmentsRetransmittedPersec : 6
SegmentsSentPersec : 26758
Timestamp_Object : 0
Timestamp_PerfTime : 113887740012
Timestamp_Sys100NS : 129743914590800000
PS C:\users\administrator\Desktop> gwmi Win32_PerfRawData_Tcpip_TCPv4
from Nagios, using WMIC, the equivalent query against Windows Server:
[root@CENT6_x64_IP_79 bin]$ ./wmic -U administrator%str0ngp@ssword //192.168.5.90 "select * from Win32_PerfRawData_Tcpip_TCPv4"
CLASS: Win32_PerfRawData_Tcpip_TCPv4
(null)|ConnectionFailures|ConnectionsActive|ConnectionsEstablished|ConnectionsPassive|ConnectionsReset|Description|Frequency_Object|Frequency_PerfTime|Frequency_Sys100NS|Name|SegmentsPersec|SegmentsReceivedPersec|SegmentsRetransmittedPersec|SegmentsSentPersec|Timestamp_Object|Timestamp_PerfTime|Timestamp_Sys100NS
(null)|0|91|2|721|115|(null)|0|14318180|10000000|(null)|52871|25967|6|26904|0|114842833528|129743915257860000
[root@CENT6_x64_IP_79 bin]$
Here's a link to check_wmi_plus
http://exchange.nagios.org/directory/Pl ... us/details
here's a powershell query on the localhost:
PS C:\users\administrator\Desktop> gwmi Win32_PerfRawData_Tcpip_TCPv4
__GENUS : 2
__CLASS : Win32_PerfRawData_Tcpip_TCPv4
__SUPERCLASS : Win32_PerfRawData
__DYNASTY : CIM_StatisticalInformation
__RELPATH : Win32_PerfRawData_Tcpip_TCPv4=@
__PROPERTY_COUNT : 18
__DERIVATION : {Win32_PerfRawData, Win32_Perf, CIM_StatisticalInformation}
__SERVER : WIN-DVNEC6E00EP
__NAMESPACE : root\cimv2
__PATH : \\WIN-DVNEC6E00EP\root\cimv2:Win32_PerfRawData_Tcpip_TCPv4=@
Caption :
ConnectionFailures : 0
ConnectionsActive : 91
ConnectionsEstablished : 1
ConnectionsPassive : 712
ConnectionsReset : 115
Description :
Frequency_Object : 0
Frequency_PerfTime : 14318180
Frequency_Sys100NS : 10000000
Name :
SegmentsPersec : 52539
SegmentsReceivedPersec : 25781
SegmentsRetransmittedPersec : 6
SegmentsSentPersec : 26758
Timestamp_Object : 0
Timestamp_PerfTime : 113887740012
Timestamp_Sys100NS : 129743914590800000
PS C:\users\administrator\Desktop> gwmi Win32_PerfRawData_Tcpip_TCPv4
from Nagios, using WMIC, the equivalent query against Windows Server:
[root@CENT6_x64_IP_79 bin]$ ./wmic -U administrator%str0ngp@ssword //192.168.5.90 "select * from Win32_PerfRawData_Tcpip_TCPv4"
CLASS: Win32_PerfRawData_Tcpip_TCPv4
(null)|ConnectionFailures|ConnectionsActive|ConnectionsEstablished|ConnectionsPassive|ConnectionsReset|Description|Frequency_Object|Frequency_PerfTime|Frequency_Sys100NS|Name|SegmentsPersec|SegmentsReceivedPersec|SegmentsRetransmittedPersec|SegmentsSentPersec|Timestamp_Object|Timestamp_PerfTime|Timestamp_Sys100NS
(null)|0|91|2|721|115|(null)|0|14318180|10000000|(null)|52871|25967|6|26904|0|114842833528|129743915257860000
[root@CENT6_x64_IP_79 bin]$
Here's a link to check_wmi_plus
http://exchange.nagios.org/directory/Pl ... us/details