Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to telnet or ping on a specific port at certain intervals in Splunk to check if the port is listening on a host?

rakulka
Engager
‎05-18-2016 10:30 PM

Hi Team

I am getting a list of hosts and their corresponding ports in the indexed data and I want to keep checking whether the port is listening on that host using Splunk every say 3 min. How can I do this?

e.g. Data I am getting from indexing
HOST=abc.pqr.com,PORT=9001
HOST=11.11.11.11,PORT=9242

In Linux, I can check if a port is listening using standard telnet command. How can I do the same in Splunk?
I found the telnetstatus app, but the same is not considering a specific port. Any simple and direct app suggestions appreciated.

Reply

woodcock
Esteemed Legend
‎05-29-2016 05:42 AM

You need to write your own scripted input (which I am sure is all that the telnetstatus app is):

http://docs.splunk.com/Documentation/Splunk/6.4.1/AdvancedDev/ScriptedInputsIntro
http://docs.splunk.com/Documentation/Splunk/6.4.1/AdvancedDev/ScriptSetup

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...