Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 279
  • Last Modified:

script to show tcp connection in hourly period.

Hi Experts:

Could anyone help me create a vbscript or batch that will shows the tcp connection status ( ie, destination ip, name , port number  ) every hour?

Thanks in advance for your help!!
0
changjia
Asked:
changjia
  • 3
  • 3
  • 2
2 Solutions
 
ProSouthCommented:
The netstat command sounds like it will do what you want. How do you want this displayed - do you just want to leave a command prompt open and have it write to the screen each hour?
0
 
changjiaAuthor Commented:
Hi ProSouth:
I think you are right. netstat - will give me what I want. I would like a script to create a txt file that gives me the tcp ip activity for one hour period.
Could you help me with this?

Thanks
0
 
ProSouthCommented:
You could make a very simple batch file which creates text files of current activity. I've attached a code snippet which will create a batch file which will do this. I'd suggest using Windows scheduled tasks to run this every hour.

This will create a folder structure something like
C: \ Logs \ 2008-10-29 \ TCPLog-00.txt
                                       TCPLog-01.txt
                                       TCPLog-02.txt
                                       ...
                                       TCPLog-23.txt
                  2008-10-30 \ TCPLog-00.txt
                                       TCPLog-01.txt
                                       TCPLog-02.txt
                                       ...
                                       TCPLog-23.txt

Please note that this will only show the *current* connections at the time the script is run, not all connections for the past hour - this would create a fairly massive log!
@echo off
REM === HOURLY NETSTAT SCRIPT ===
 
REM Set target folder
set targ=c:\logs
 
REM Create Filename based on hour of day
if "%time:~0,1%" == " " (set fname=TCPLog-0%time:~1,1%.txt) else (set fname=TCPLog-%time:~0,2%.txt)
 
REM Create folder name with todays date in format yyyy-mm-dd
set dname=%date:~10,4%-%date:~7,2%-%date:~4,2%
 
REM Create folder with todays date
mkdir %targ%\%dname%
 
REM Run Netstat, send output to text file in date folder
netstat > %targ%\%dname%\%fname%

Open in new window

0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
changjiaAuthor Commented:
Great thanks to your script.
But it looks like it will only create netstat at the time when the script is excuted.
Is there a way to show the TCP activities for a time period, say from 1 pm to 2 pm?

Thanks
0
 
t0t0Commented:
Hiya changjia

The easiest way i can think of doing this is as follows:

I've written TWO batch files.... WTCP.BAT and WATCHTCP.BAT. Place both batch files in the same folder.

To monitor NETSTAT set Windows' Scheduler to run both batch files at the start-time in the following order:

    WTCP.BAT
    WATCHTCP.BAT.

At the same time of setting the start-time, you also need to set the stop-time. Do this by setting Windows' Scheduler to run just WTCP.BAT at the stop-time.


HOW IT WORKS

1) WTCP.BAT creates a file named WATCHTCP.ON if it doesn't already exist then,

2) When you run WATCHTCP.BAT it looks to see if the file WATCHTCP.ON exists and so long as it does, it continually runs in the background

3) When you run WTCP.BAT a second time, it toggles the file WATCHTCP.ON to WATCHTCP.OFF then,

4) When WATCHTCP.BAT no longer finds WATCHTCP.ON, it exits.

5) While WATCHTCP.BAT is running in the background, it outputs the result of the NETSTAT command to a file named TCP.LOG.


@rem =========================================================================
@rem WTCP.BAT - Paul Tomasi
@rem
@rem Create, or toggle WATCHTCP.ON / WATCHTCP.OFF
@rem Used with WATCHTCP.BAT
@rem =========================================================================
@echo off

if exist watchtcp.on (
   ren watchtcp.on watchtcp.off
) else if exist watchtcp.off (
   ren watchtcp.off watchtcp.on
) else (
   echo. > watchtcp.on
)



@rem =========================================================================
@rem WATCHTCP.BAT - Paul Tomasi
@rem
@rem If WATCHTCP.ON exists then continually write NET status to TCP.LOG file
@rem To create, or toggle WATCHTCP.ON / WATCHTCP.OFF run WTCP.BAT separately
@rem =========================================================================
@echo off

:loop
netstat -p tcp -s>>tcp.log

if exist watchtcp.on (
   goto loop
)

if exist watchtcp.off (
   del watchtcp.off > nul
)
0
 
t0t0Commented:
Oh, I forgot to mention.... Change the NETSTAT command in WATCHTCP.BAT to suit your needs.
0
 
changjiaAuthor Commented:
Hi t0t0 and Prosouth, Thank you all for the great help!! Points are awarded to both of you.
I also have another question posted on this website. The title is "VBscript help"
Could you help me with that question too?

Thank you again!
0
 
t0t0Commented:
changjia

Thank you for accepting my solution to your problem.

ProSouth

How do you like the 2-batch solution?
0

Featured Post

[Webinar] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

  • 3
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now