How to write a Shell script to monitor other servers' TCP connections

Question

I'm seeking help to write a Shell script on Linux to monitor other servers' TCP connections. Every hour, this script will output the name list of servers whose TCP connection numbers exceed 100 into a text file. Any thoughts on this? Thanks.

Answer 1

Each hour:
(can be done by a cron job)
  Log in on each server and:
  (can be done by ssh with pre-installed keys)
    list all TCP connections
    (can be done by netstat or cat /proc/net/tcp or similar)
    count them
    (can be done by wc)

E. g.:

for host in $(cat hostnames)
do
  n=$(ssh "$host" 'cat /proc/net/tcp | wc -l')
  [ "$n" -gt 100 ] && echo "$host: $n connections"
done >> logfile.txt

Answer 2

1. Dump package for specific network interface

   sudo tcpdump -i eth0 -n -q > /tmp/ccc 2>&1

2. Filter it by your favorite tool (run it each hour by cron)

   cat /tmp/ccc|sed -e 's/.IP\ //g' -e 's/\ >.//g'|sort|uniq

3. It's a very rough concept. In practical still need to concern many think like file retention and clean up the /tmp/ccc every hour