sentry-netstat
Retrieves the network connection list from a remote sentry.
Command properties
| Property | Description |
|---|---|
| Command type | Transforming |
| Required permission | Administrator |
| License usage | N/A |
| Parallel execution | Supported |
| Distributed execution | Not supported |
Syntax
Options
timeout=INT- RPC timeout in seconds. Accepts a value between 1 and 600. (Default:
30)
Input fields
| Field | Type | Required | Description |
|---|---|---|---|
| guid | string | Required | Sentry unique identifier. |
Output fields
| Field | Type | Description |
|---|---|---|
| guid | string | Sentry unique identifier. |
| pid | integer | Process ID. |
| protocol | string | Protocol (tcp, tcp6, udp, udp6). |
| local_ip | ipaddr | Local IP address. |
| local_port | integer | Local port number. |
| remote_ip | ipaddr | Remote IP address. |
| remote_port | integer | Remote port number. |
| state | string | Connection state (e.g., LISTEN, ESTABLISHED, TIME_WAIT). |
| _error | string | Error message added to the original record if an error occurs. |
Error codes
Parsing errors
| Error code | Message | Description |
|---|---|---|
| 23100 | No permission to call sentry RPC. | A user without administrator privileges ran the command. |
| 23101 | Invalid sentry RPC timeout option value. Use a value between 1 and 600. | The timeout option value is not an integer or is outside the range 1–600. |
Runtime errors
Errors are returned via the _error field:
| Error message | Description |
|---|---|
| guid is null | The guid field value in the input record is null. |
| guid should be string | The guid field value in the input record is not a string. |
| guid should be non empty string | The guid field value in the input record is an empty string. |
| not connected | The sentry is not connected. |
| timeout | The RPC request timed out. |
| disconnected | The connection was lost while processing the RPC request. |
Other RPC exception messages may be returned depending on the state of the system where the sentry is installed.
Description
The sentry-netstat command reads the guid field of each input record, sends an asynchronous RPC message to the corresponding sentry, and retrieves the network connection list. It returns connection information for TCP, TCP6, UDP, and UDP6 protocols, with a protocol field added to each connection to identify the protocol type.
Results are returned in the order RPC response messages are received from sentries, so the output record order may differ from the input record order.
The maximum length of the asynchronous RPC request queue is 100 by default and can be adjusted using the logpresso.core.sentry_rpc_parallel environment variable.
To retrieve results from all Data Nodes at once in a cluster environment, use the sonar-sentry-netstat command.
Examples
-
Retrieve the network connection list from all sentries
sentry | fields guid | sentry-netstatRetrieves the current network connection list from all connected sentries.
-
Retrieve only LISTEN connections from a specific sentry
sentry | fields guid | sentry-netstat | search state == "LISTEN"Filters only network connections in the LISTEN state from all sentries.
-
Retrieve with a 60-second timeout
sentry | fields guid | sentry-netstat timeout=60Retrieves the network connection list from sentries with the RPC timeout set to 60 seconds.