sockets look for specific open ports on your system. Many applications (web server, sshd, mail server) need one or more open ports on your system and sockets can look for them. For each port you can configure a specific interface, if you want. This is important for multihomed hosts.
SOCKETS is the enclosing tag for all port entries.
0 or 1. If you don't define SOCKET, no socket check will run.
<SOCKETS>
<CHECK4SOCKET>
<INTERFACE>0.0.0.0</INTERFACE>
<PORT>80</PORT>
<ERRORLEVEL>ERROR</ERRORLEVEL>
</CHECK4SOCKET>
<CHECK4SOCKET>
<INTERFACE>192.168.1.2</INTERFACE>
<PORT>ssh</PORT>
<ERRORLEVEL>ERROR</ERRORLEVEL>
</CHECK4SOCKET>
</SOCKETS>
This entity describes the interface, that is the IP address on which the socket is present. To configure "all interfaces", you have on to say "0.0.0.0" on some systems, or ":::" on others. Look at the output from netstat -an. It is also possible to give a hostname for an interface. socket do a gethostbyname to resolve this hostname
Hostnames or any chars describing interfaces in your system
1
Look at SOCKETS.
sockets can use your own netstat command/script/pipe. You have to specify in which column are the opened sockets. (given in []). Example: /bin/netstat[1] means, that sockets analyses the 2. column for the checks
Look at COMMAND , too.
absolute path to the binary + binary and the column in []
0 or 1. If you don't define COMMAND, the default for your system is used.
<SOCKETS>
<!-- specify command if netstat is not /bin/netstat[2] and opened sockets are not in column 3 -->
<COMMAND>/user/specific/netstat[1]</COMMAND>
<CHECK4SOCKETG>
<INTERFACE>192.168.1.1</INTERFACE>
<PORT>80</PORT>
<ERRORLEVEL>ERROR</ERRORLEVEL>
</CHECK4SOCKET>
<CHECK4SOCKETG>
<INTERFACE>0.0.0.0</INTERFACE>
<PORT>22</PORT>
<ERRORLEVEL>ERROR</ERRORLEVEL>
</CHECK4SOCKET>
</SOCKETS>