I need to collect certain monitoring data every minute and send it to a monitoring server. The source of that data must be parseable using standard Linux tools. For example, to monitor number of current connections every minute, I use netstat -nat | awk '{print $6}' | sort | uniq -c | sort -n, and then I extract the necessary numbers using, again, awk.
Now I also need to monitor:
- network traffic (data send / received per minute)
- number of newly established connection in last minute
Please give me hints to tools which would produce grep-able and awk-able output.
Note: Measurements are done on a dedicated machine, so it doesn't matter if I get data for one interface (eth0) or for the whole host.
Note: I need just TCP connections.
Best Answer
iptables rules that are set up to ACCEPT all traffic and all SYN packets (new connections) could be used as counters
then run
and pipe through as many cut cat sort grep awk sed perl ruby and similar commands as needed to get your numbers. The -Z will atomically zero out the counters every time you run this so there is no race-condition where you lose a few packets during the counting process.