开发者

Pulling back remote netstat data with WMI

I am trying to get netstat information from a remote computer. Right now, my method is:

1) Execute a RemoteProc开发者_如何学编程ess in C# with the command netstat -a > C:\file.out 2) I map the remote C$ share to my local

3) I read the file from the mount

I'm looking to do this on many systems at once and am getting poor performance out of this method. I'm thinking a better way would be to query WMI but I can't find how to pull the netstat info from it from the class definitions on msdn. Anyone have any ideas? TIA!


I had the same problem and solved it by creating a remote WMI process with the following command line:

string commandLine = "cmd.exe /C netstat.exe -ano > \"{0}\"";

I basically just determined which flavor of OS I was working with (using WMI), and formatted the rest of the command line with either C:\users\public\output.txt or C:\Documents and Settings\All Users\output.txt. Then I simply read the results in and delete the source file.


Instead of using WMI, have you considered SNMP? SNMP seems to me like the most logical protocol for this.

Although my SNMP experience is limited to monitoring switches and UDPs, I'll try to give you some pointers on where to begin.

First of all, this requires the SNMP service to run on the monitored computers, and probably some investigation on which MIBs to use. I couldn't tell you exactly where to look, but I found a project where this has been done already (although not .NET, it should be useful for reference)

Link to project (script)

With some investigation, this script should give enough information to give it a shot.

I notice the following OIDs in his script

For TCP (included the full tree to give it some context):

1.3.6.1.2.1.6.13.1.1 - tcpConnState
1.3.6.1.2.1.6.13.1 - tcpConnEntry
1.3.6.1.2.1.6.13 - tcpConnTable
1.3.6.1.2.1.6 - tcp
1.3.6.1.2.1 - SNMP MIB-2
1.3.6.1.2 - IETF Management
1.3.6.1 - OID assignments from 1.3.6.1 - Internet
1.3.6 - US Department of Defense
1.3 - ISO Identified Organization
1 - ISO assigned OIDs

For UDP:

1.3.6.1.2.1.7.5.1.1 - udpLocalAddress
1.3.6.1.2.1.7.5.1 - udpEntry
1.3.6.1.2.1.7.5 - udpTable
1.3.6.1.2.1.7 - udp
1.3.6.1.2.1 - SNMP MIB-2
1.3.6.1.2 - IETF Management
1.3.6.1 - OID assignments from 1.3.6.1 - Internet
1.3.6 - US Department of Defense
1.3 - ISO Identified Organization
1 - ISO assigned OIDs
Top of OID tree

This link provides further information about working wiht SNMP

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜