?
Solved

script to show tcp connection in hourly period.

Posted on 2008-10-29
8
Medium Priority
?
271 Views
Last Modified: 2010-04-24
Hi Experts:

Could anyone help me create a vbscript or batch that will shows the tcp connection status ( ie, destination ip, name , port number  ) every hour?

Thanks in advance for your help!!
0
Comment
Question by:changjia
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
8 Comments
 
LVL 1

Expert Comment

by:ProSouth
ID: 22835053
The netstat command sounds like it will do what you want. How do you want this displayed - do you just want to leave a command prompt open and have it write to the screen each hour?
0
 

Author Comment

by:changjia
ID: 22835467
Hi ProSouth:
I think you are right. netstat - will give me what I want. I would like a script to create a txt file that gives me the tcp ip activity for one hour period.
Could you help me with this?

Thanks
0
 
LVL 1

Assisted Solution

by:ProSouth
ProSouth earned 800 total points
ID: 22836452
You could make a very simple batch file which creates text files of current activity. I've attached a code snippet which will create a batch file which will do this. I'd suggest using Windows scheduled tasks to run this every hour.

This will create a folder structure something like
C: \ Logs \ 2008-10-29 \ TCPLog-00.txt
                                       TCPLog-01.txt
                                       TCPLog-02.txt
                                       ...
                                       TCPLog-23.txt
                  2008-10-30 \ TCPLog-00.txt
                                       TCPLog-01.txt
                                       TCPLog-02.txt
                                       ...
                                       TCPLog-23.txt

Please note that this will only show the *current* connections at the time the script is run, not all connections for the past hour - this would create a fairly massive log!
@echo off
REM === HOURLY NETSTAT SCRIPT ===
 
REM Set target folder
set targ=c:\logs
 
REM Create Filename based on hour of day
if "%time:~0,1%" == " " (set fname=TCPLog-0%time:~1,1%.txt) else (set fname=TCPLog-%time:~0,2%.txt)
 
REM Create folder name with todays date in format yyyy-mm-dd
set dname=%date:~10,4%-%date:~7,2%-%date:~4,2%
 
REM Create folder with todays date
mkdir %targ%\%dname%
 
REM Run Netstat, send output to text file in date folder
netstat > %targ%\%dname%\%fname%

Open in new window

0
The Ideal Solution for Multi-Display Applications

Check out ATEN’s VS1912 12-Port DP Video Wall Media Player at InfoComm 2017. Kerri describes how easy it is to design creative video walls in asymmetric layouts and schedule detailed playlists ahead of time with its advanced scheduling feature.

 

Author Comment

by:changjia
ID: 22837586
Great thanks to your script.
But it looks like it will only create netstat at the time when the script is excuted.
Is there a way to show the TCP activities for a time period, say from 1 pm to 2 pm?

Thanks
0
 
LVL 16

Accepted Solution

by:
t0t0 earned 1200 total points
ID: 22842695
Hiya changjia

The easiest way i can think of doing this is as follows:

I've written TWO batch files.... WTCP.BAT and WATCHTCP.BAT. Place both batch files in the same folder.

To monitor NETSTAT set Windows' Scheduler to run both batch files at the start-time in the following order:

    WTCP.BAT
    WATCHTCP.BAT.

At the same time of setting the start-time, you also need to set the stop-time. Do this by setting Windows' Scheduler to run just WTCP.BAT at the stop-time.


HOW IT WORKS

1) WTCP.BAT creates a file named WATCHTCP.ON if it doesn't already exist then,

2) When you run WATCHTCP.BAT it looks to see if the file WATCHTCP.ON exists and so long as it does, it continually runs in the background

3) When you run WTCP.BAT a second time, it toggles the file WATCHTCP.ON to WATCHTCP.OFF then,

4) When WATCHTCP.BAT no longer finds WATCHTCP.ON, it exits.

5) While WATCHTCP.BAT is running in the background, it outputs the result of the NETSTAT command to a file named TCP.LOG.


@rem =========================================================================
@rem WTCP.BAT - Paul Tomasi
@rem
@rem Create, or toggle WATCHTCP.ON / WATCHTCP.OFF
@rem Used with WATCHTCP.BAT
@rem =========================================================================
@echo off

if exist watchtcp.on (
   ren watchtcp.on watchtcp.off
) else if exist watchtcp.off (
   ren watchtcp.off watchtcp.on
) else (
   echo. > watchtcp.on
)



@rem =========================================================================
@rem WATCHTCP.BAT - Paul Tomasi
@rem
@rem If WATCHTCP.ON exists then continually write NET status to TCP.LOG file
@rem To create, or toggle WATCHTCP.ON / WATCHTCP.OFF run WTCP.BAT separately
@rem =========================================================================
@echo off

:loop
netstat -p tcp -s>>tcp.log

if exist watchtcp.on (
   goto loop
)

if exist watchtcp.off (
   del watchtcp.off > nul
)
0
 
LVL 16

Expert Comment

by:t0t0
ID: 22842721
Oh, I forgot to mention.... Change the NETSTAT command in WATCHTCP.BAT to suit your needs.
0
 

Author Comment

by:changjia
ID: 22852807
Hi t0t0 and Prosouth, Thank you all for the great help!! Points are awarded to both of you.
I also have another question posted on this website. The title is "VBscript help"
Could you help me with that question too?

Thank you again!
0
 
LVL 16

Expert Comment

by:t0t0
ID: 22881604
changjia

Thank you for accepting my solution to your problem.

ProSouth

How do you like the 2-batch solution?
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

TOMORROW TOMORROW.BAT is inspired by a question I get asked over and over again; that is, "How can I use batch file commands to obtain tomorrow's date?" The crux of this batch file revolves around the XCOPY command - a technique I discovered w…
This is pretty cool.  The purpose of this VB Script is to help you document where JAR (Java ARchive) files and specifically java class files are located so that you can address issues seen with a client or that you can speak intelligently with a dev…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses
Course of the Month8 days, 6 hours left to enroll

766 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question