how monitor number of active connections in particular port.Like 22, 9090, 15672 etc using elk
Hello @dinesh1, You can do that with metricbeat and the System socket metricset, this will catch all the TCP connection you have on the machine and you can filter them by ports in kibana.
can i get how many active connection on particular port
The way the metricset works is it will periodically poll the kernel to ask to retrieve the number of TCP Socket connection. It will create a new document per connection, so you can filter by port and create a graph in kibana that will show the number of connection over time.
When a connection is dropped the next poll won't detect it, so you will only have the active TCP connection.
The result of the socket metricset is similar to a 'lsof' output.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.