GitHub - ipcjk/alertPacket: monitors and prints warnings if certain packets on a network interface are missing. used to be run on interval by checkMk.

ipcjk / alertPacket Public

Notifications You must be signed in to change notification settings
Fork 0
Star 1

monitors and prints warnings if certain packets on a network interface are missing. used to be run on interval by checkMk.

1 star 0 forks Branches Tags Activity

Star

Notifications

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 16 Commits
.gitignore		.gitignore
README		README
alertp.sh		alertp.sh
go.mod		go.mod
learn.txt		learn.txt
main.go		main.go

Repository files navigation

# alertPacket

alertPackets snoops for incoming or outgoing packets, sums the bytes with a tcp/udp port
and ip destination tuple. Can be used for monitoring outgoing or incoming UDP streams and
writes CheckMK-specific local output to stdout.

# Learn mode with  five second packet interval
./alertPacket -l -i eno1 -t 5s > alertPacket_eno1.txt

# Edit the learned destinations, e.g. delete not needed destinations
vi eno1_learn.txt

# PROTOCOL:DESTINATION_IP:DESTINATION_PORT=EXPECTED_BYTES
UDP:237.0.0.25:5000=4441920
UDP:237.0.0.32:5000=3908352

# Test mode with default 10s capture interval
./alertPacket -f alertPacket_eno1.txt -i eno1

0 UDP:237.0.0.10:5000 - fine (4718784/2360064) bytes
1 UDP:237.0.0.17:5000 - missing (3815616/4386816) bytes
0 UDP:237.0.0.15:5000 - fine (2858688/1514688) bytes
0  UDP:237.0.0.32:5000 - fine (8651328/3908352) bytes