Trying to help one of my IMGate clients with his IMail box, I wanted to see what the TCP sessions were, so I made this stupid little script tcp_connect.bat, that could run every 5 minutes, to give you a history of the IMail box's TCP sessions. it outputs a log file per TCP port, with time stamp and count to TCP connections for the port.
:START echo off time /t >> c:\len\tcp25.log time /t >> c:\len\tcp143.log time /t >> c:\len\tcp80.log time /t >> c:\len\tcp110.log netstat -an | egrep -ic "tcp.*:25" >> c:\len\tcp25.log netstat -an | egrep -ic "tcp.*:80" >> c:\len\tcp80.log netstat -an | egrep -ic "tcp.*:110" >> c:\len\tcp110.log netstat -an | egrep -ic "tcp.*:143" >> c:\len\tcp143.log echo --- >> c:\len\tcp25.log echo --- >> c:\len\tcp143.log echo --- >> c:\len\tcp80.log echo --- >> c:\len\tcp110.log here's what the IMAP tcp143 log looks like: 1:50p 13 --- 1:57p 15 --- 2:02p 14 --- 4:11p 64 --- 11:44a 189 --- 11:45a 1 --- 11:56a 7 --- 11:57a 11 --- 12:22p 13 --- 12:31p 14 --- 1:01p 15 --- 2:47p 22 --- 3:39p 36 --- 4:11p 41 --- 4:11p 3 --- 4:12p 3 --- 4:13p 5 --- 5:08p 7 --- 5:48p 9 --- I wanted something quick and don't know Windows cmd/bat programming, so the script and its output are ugly. We were trying to see if there was any relation between TCP activity as shown by the TCP connections and iwebmsg blowing up for a few minutes and taking all of the CPU. If somebody wants to cleanup the script, like putting it on one line mm dd hh:mm xxxx where xxxx is the count. Of course, it would be useful to have these four log graphed as lines on one chart. Len
