Logging unique IP addresses your Java code communicates with

Pavel Polívka - Oct 1 '20 - - Dev Community

Recently I needed some utility that would log all unique IP addresses all the Java processes on a server communicated with.

I googled a bit and did not discovered nice and easy solution for this. So I decided to do some bash-fu and wrote the following script.

while true
do
    netstat -nput 2>/dev/null | grep 'java' | tr -s ' ' | cut -f5 -d ' ' | cut -f1 -d ':' | uniq | while read -r ip; do grep -qxF $ip ip.log || echo $ip >> ip.log; done
    sleep 5
done

Let's go over it step by step to explain what it does:

  • while true - this means that when executed it will run until stopped, easy
  • netstat -nputw 2>/dev/null - netstat prints network connections
    • -n - show numerical address instead of trying to resolve host names
    • -p - show PID of the program
    • -u - include UDP connections
    • -t - include TCP connections
  • grep 'java' - only take those lines that have Java in them (PID contains java for Java apps)
  • tr -s ' ' - replaces each sequence of spaces with a single space
  • cut -f5 -d ' ' - takes fifth column (separated by spaces)
  • cut -f1 -d ':' - takes first part (separated by :) - removes port
  • uniq - makes the list unique
  • while read -r ip; do grep -qxF $ip ip.log || echo $ip >> ip.log; done - adds it to a log file if it does not contain it already
    • grep -qxF
      • -q - quiet, do not write anything to standard output
      • -x - select only those matches that exactly match the whole line
      • -F - interpret PATTERNS as fixed strings

Hope this will help you or if you have a better solution please let me know.


You can follow me on Twitter to get more awesome content like this.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .