Olaf,
On 1/3/24 04:18, Olaf Kock wrote:
Here's an option:
On 03.01.24 09:41, Chaudhary, Mohit wrote:
Hi,
Please find below script code which has been written.
STAT=`netstat -luptn | grep 8080 | awk '{print $6}'`
if [[ "$STAT" != "LISTEN" ]];
then
echo "Tomcat instance down" >> $MESSAGE
mail -s "Tomcat Instance Down on $HOSTNAME" $mailto < $MESSAGE
Thanks & Regards,
Mohit Chaudhary
netstat -luptn contains the "p" option (which lists the PID/Program
name). It also contains -u, which includes UDP ports. Both most likely
not helpful in your case, and a sign that this script was quickly
gobbled together and not well designed.
grep 8080 does not just match for a port, but will also trigger for any
listed PID (or other output) containing those 4 characters. As you'll
also see numeric IPV6 addresses (local or foreign ones) - and even local
IPV6 addresses can change over time - there's another possibility for
unintended matches.
So, assuming that there is some other output from netstat that somewhere
contains "8080", but not "LISTEN" (or maybe if the output is
multi-line), you'll get a false positive hit.
To validate that you're running into such an issue, you can add the
grepped netstat output to the mail (before applying awk) - so either
cache that output, or simply execute it again, piping it to $MESSAGE.
+1
The regular expression used with grep should be improved a lot.
I would recommend at least the following:
STAT=`netstat -luptn 2>/dev/null | grep '^tcp.*:8080[^:0-9]' | awk
'{print $6}'`
In my Linux environment, if this check isn't being run by root, it will
print this message on stderr:
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
This is why I've added the 2>/dev/null to the netstat command.
The improved regexp will ignore non-TCP ports and will only match on a
proper port-number by requiring the presence of a : and being followed
by anything other than a : (which would indicate it's an IPv6 address)
or more numbers (which could be a port number like 80800 or more of an
IPv6 address).
netstat is a pretty crude tool to be used, here. Why not just connect to
the service on port 8080 and see if it responds? The process listening
on the port doesn't guarantee it's actually able to serve any requests...
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
