Solved

script to show tcp connection in hourly period.

Posted on 2008-10-29
8
249 Views
Last Modified: 2010-04-24
Hi Experts:

Could anyone help me create a vbscript or batch that will shows the tcp connection status ( ie, destination ip, name , port number  ) every hour?

Thanks in advance for your help!!
0
Comment
Question by:changjia
  • 3
  • 3
  • 2
8 Comments
 
LVL 1

Expert Comment

by:ProSouth
ID: 22835053
The netstat command sounds like it will do what you want. How do you want this displayed - do you just want to leave a command prompt open and have it write to the screen each hour?
0
 

Author Comment

by:changjia
ID: 22835467
Hi ProSouth:
I think you are right. netstat - will give me what I want. I would like a script to create a txt file that gives me the tcp ip activity for one hour period.
Could you help me with this?

Thanks
0
 
LVL 1

Assisted Solution

by:ProSouth
ProSouth earned 200 total points
ID: 22836452
You could make a very simple batch file which creates text files of current activity. I've attached a code snippet which will create a batch file which will do this. I'd suggest using Windows scheduled tasks to run this every hour.

This will create a folder structure something like
C: \ Logs \ 2008-10-29 \ TCPLog-00.txt
                                       TCPLog-01.txt
                                       TCPLog-02.txt
                                       ...
                                       TCPLog-23.txt
                  2008-10-30 \ TCPLog-00.txt
                                       TCPLog-01.txt
                                       TCPLog-02.txt
                                       ...
                                       TCPLog-23.txt

Please note that this will only show the *current* connections at the time the script is run, not all connections for the past hour - this would create a fairly massive log!
@echo off
REM === HOURLY NETSTAT SCRIPT ===
 
REM Set target folder
set targ=c:\logs
 
REM Create Filename based on hour of day
if "%time:~0,1%" == " " (set fname=TCPLog-0%time:~1,1%.txt) else (set fname=TCPLog-%time:~0,2%.txt)
 
REM Create folder name with todays date in format yyyy-mm-dd
set dname=%date:~10,4%-%date:~7,2%-%date:~4,2%
 
REM Create folder with todays date
mkdir %targ%\%dname%
 
REM Run Netstat, send output to text file in date folder
netstat > %targ%\%dname%\%fname%

Open in new window

0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 

Author Comment

by:changjia
ID: 22837586
Great thanks to your script.
But it looks like it will only create netstat at the time when the script is excuted.
Is there a way to show the TCP activities for a time period, say from 1 pm to 2 pm?

Thanks
0
 
LVL 16

Accepted Solution

by:
t0t0 earned 300 total points
ID: 22842695
Hiya changjia

The easiest way i can think of doing this is as follows:

I've written TWO batch files.... WTCP.BAT and WATCHTCP.BAT. Place both batch files in the same folder.

To monitor NETSTAT set Windows' Scheduler to run both batch files at the start-time in the following order:

    WTCP.BAT
    WATCHTCP.BAT.

At the same time of setting the start-time, you also need to set the stop-time. Do this by setting Windows' Scheduler to run just WTCP.BAT at the stop-time.


HOW IT WORKS

1) WTCP.BAT creates a file named WATCHTCP.ON if it doesn't already exist then,

2) When you run WATCHTCP.BAT it looks to see if the file WATCHTCP.ON exists and so long as it does, it continually runs in the background

3) When you run WTCP.BAT a second time, it toggles the file WATCHTCP.ON to WATCHTCP.OFF then,

4) When WATCHTCP.BAT no longer finds WATCHTCP.ON, it exits.

5) While WATCHTCP.BAT is running in the background, it outputs the result of the NETSTAT command to a file named TCP.LOG.


@rem =========================================================================
@rem WTCP.BAT - Paul Tomasi
@rem
@rem Create, or toggle WATCHTCP.ON / WATCHTCP.OFF
@rem Used with WATCHTCP.BAT
@rem =========================================================================
@echo off

if exist watchtcp.on (
   ren watchtcp.on watchtcp.off
) else if exist watchtcp.off (
   ren watchtcp.off watchtcp.on
) else (
   echo. > watchtcp.on
)



@rem =========================================================================
@rem WATCHTCP.BAT - Paul Tomasi
@rem
@rem If WATCHTCP.ON exists then continually write NET status to TCP.LOG file
@rem To create, or toggle WATCHTCP.ON / WATCHTCP.OFF run WTCP.BAT separately
@rem =========================================================================
@echo off

:loop
netstat -p tcp -s>>tcp.log

if exist watchtcp.on (
   goto loop
)

if exist watchtcp.off (
   del watchtcp.off > nul
)
0
 
LVL 16

Expert Comment

by:t0t0
ID: 22842721
Oh, I forgot to mention.... Change the NETSTAT command in WATCHTCP.BAT to suit your needs.
0
 

Author Comment

by:changjia
ID: 22852807
Hi t0t0 and Prosouth, Thank you all for the great help!! Points are awarded to both of you.
I also have another question posted on this website. The title is "VBscript help"
Could you help me with that question too?

Thank you again!
0
 
LVL 16

Expert Comment

by:t0t0
ID: 22881604
changjia

Thank you for accepting my solution to your problem.

ProSouth

How do you like the 2-batch solution?
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I met Paul Devereux (@pdevereux) today when I responded to his tweet asking “Anybody know how to automate adding files from disk to a folder in #outlook  ?”.  I replied back and told Paul that using automation, in this case scripting, to add files t…
Introduction During my participation as a VBScript contributor at Experts Exchange, one of the most common questions I come across is this: "I have a script that runs against only one computer. How can I make it run against a list of computers in …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question