• Home
  • /
  • Collect IP and Port (date and time) of a Connection

Collect IP and Port (date and time) of a Connection

Homepage Clovertech Forums Cloverleaf Collect IP and Port (date and time) of a Connection

  • Creator
    Topic
  • September 12, 2019 at 8:58 am #112373
    Rob Lindsey
    Participant

    We have had a few things going on with our network where they are replacing firewalls and routers and switches and such.  Well this has affected connections to our interface engines, just the test connections (thank goodness).  The networking team has asked us to keep track of every connection, not just if the outside connection has sent data.  I have that one already but if a outside connection via VPN has made a connection.  We have a lot of connections that happen but if they do not send data in our test environment how can we get the IP and Port with date and time of the connection.  I know that if I turn up the EO config (enable_all or enable_PDL_all) I can get that information but that would be a huge waste of process log size and disk I/O.

    Does anyone have any thoughts on how this might be done easily?  I have a feeling it might be a PDL change.  FYI, we have 32 CL servers with over 15,000 threads between all of the servers.

    TIA

    Rob Lindsey

  • Creator
    Topic
Viewing 5 reply threads
  • Author
    Replies
    • September 12, 2019 at 3:58 pm #112398
      Steve Herber
      Participant

      We have multiple alerts on all of our threads and we track each change to opening, up, or down state and include the date and time.  We keep the logs for 90 days.  We have another script we call thread history that goes through the logs pulling out the information about the particular thread we specify on the command line.

      In you case I would expand the script to do an lsof or netstat and also log the network information for the thread.

       

      Steve Herber

      1 prod server with about 400 threads.

      Steve Herber
      University of Washington

    • September 12, 2019 at 4:52 pm #112400
      Rob Abbott
      Keymaster

      I can see why you are wanting this information.  I will enter an enhancement request for a future release:

      • Log inbound connections as module/INFO/1.  Log entry will be timestamped and contain the IP and port of the remote client

      I will request this for PDL, TCP/IP and web service providers.

      Rob Abbott
      Cloverleaf Emeritus

      • September 17, 2019 at 4:36 pm #112484
        Joe Grathoff
        Participant

        Since you’re doing an engineering request, it would be nice to see IP/Port in the netmonitor maybe under thread status.

    • September 13, 2019 at 12:03 am #112402
      Charlie Bursell
      Participant

      What if you define the thread as multiserver with one connection.  You will get the address connecting to you in the metadata.  You could run a proc in startup and log time and address from there.

    • September 13, 2019 at 12:07 pm #112423
      Rob Abbott
      Keymaster

      It is a workaround for now – but I think they want the connection info at the time of connection, not when a message comes in.

      Rob Abbott
      Cloverleaf Emeritus

      • September 16, 2019 at 2:36 am #112447
        Charlie Bursell
        Participant

        i was thinking the first message after the thread starts would probably be the initial connection time.  That’s why I recommended putting it in start potion of Tcl.

         

        I do agree it would be nice if the engine provided this data without needing a message.

    • September 16, 2019 at 1:46 pm #112459
      Steve Herber
      Participant

      I did not mention in my earlier note, but we collect the up/down changes from the alert system.

      I think this data would be most valuable as a new alert, one on each connection and another on each disconnection to handle the multiple connection situation server.

      Steve Herber
      University of Washington

    • September 17, 2019 at 11:47 am #112477
      Rob Abbott
      Keymaster

      Hi all, these log entries already exist.  Here are examples for both the TCP and PDL drivers:

       

      [pdl :PDL :DBUG/0:pdl_server_5556:09/17/2019 11:43:23] tcp-client: 127.0.0.1:57616 connect to server
      [tcp :open:DBUG/0:tcp_server_5555:09/17/2019 11:43:26] tcp-client: 127.0.0.1:54478 connect to server

       

      the client IP and port are shown in the log entry.  I’m attaching an EO config that will enable these entries in your log file.   Tested on 19.1 so YMMV on earlier releases, but it should work.

      Note that there is a lot of other log entries that are dumped with PDL DBUG/0.  I am going to request that both of these entries be moved from DBUG/0 to INFO/1.

      Edit: remove .txt from the filename and drop it in your <site>/eoalias or <root>/eoalias/root directory.

      • This reply was modified 5 years ago by Rob Abbott. Reason: file upload failed without extension
      Attachments:
      You must be logged in to view attached files.

      Rob Abbott
      Cloverleaf Emeritus

  • Author
    Replies
Viewing 5 reply threads
  • You must be logged in to reply to this topic.

Forum Statistics

Registered Users
5,117
Forums
28
Topics
9,293
Replies
34,435
Topic Tags
286
Empty Topic Tags
10