Recently I needed some utility that would log all unique IP addresses all the Java processes on a server communicated with.
I googled a bit and did not discovered nice and easy solution for this. So I decided to do some bash-fu and wrote the following script.
while true
do
netstat -nput 2>/dev/null | grep 'java' | tr -s ' ' | cut -f5 -d ' ' | cut -f1 -d ':' | uniq | while read -r ip; do grep -qxF $ip ip.log || echo $ip >> ip.log; done
sleep 5
done
Let's go over it step by step to explain what it does:
-
while true
- this means that when executed it will run until stopped, easy -
netstat -nputw 2>/dev/null
- netstat prints network connections-
-n
- show numerical address instead of trying to resolve host names -
-p
- show PID of the program -
-u
- include UDP connections -
-t
- include TCP connections
-
-
grep 'java'
- only take those lines that have Java in them (PID contains java for Java apps) -
tr -s ' '
- replaces each sequence of spaces with a single space -
cut -f5 -d ' '
- takes fifth column (separated by spaces) -
cut -f1 -d ':'
- takes first part (separated by :) - removes port -
uniq
- makes the list unique -
while read -r ip; do grep -qxF $ip ip.log || echo $ip >> ip.log; done
- adds it to a log file if it does not contain it already-
grep -qxF
-
-q
- quiet, do not write anything to standard output -
-x
- select only those matches that exactly match the whole line -
-F
- interpret PATTERNS as fixed strings
-
-
Hope this will help you or if you have a better solution please let me know.
You can follow me on Twitter to get more awesome content like this.
Top comments (0)