Get-Netstat 1,0 (modification of post by glnsize view diff)
diff | embed code: <script type="text/javascript" src="http://PoshCode.org/embed/884"></script>download | new post
It would really be sweet if I could get-netstat -sate CLOSE_WAIT
I have a server issue I’m trying to track down after it hangs upon a sudden plethora of CLOSE_WAIT s I plan to modify it to log or email every few minutes all the close_waits so I can try and narrow down the first client that seems to get there to help pinpoint.
Very helpful script though…
- $null, $null, $null, $null, $netstat = netstat -a -n -o
- [regex]$regexTCP = '(?<Protocol>\S+)\s+(?<LocalAddress>\S+)\s+(?<RemoteAddress>\S+)\s+(?<State>\S+)\s+(?<PID>\S+)'
- [regex]$regexUDP = '(?<Protocol>\S+)\s+(?<LocalAddress>\S+)\s+(?<RemoteAddress>\S+)\s+(?<PID>\S+)'
- foreach ($net in $netstat)
- {
- switch -regex ($net.Trim())
- {
- $regexTCP
- {
- $process = "" | Select-Object Protocol, LocalAddress, RemoteAddress, State, PID, ProcessName
- $process.Protocol = $matches.Protocol
- $process.LocalAddress = $matches.LocalAddress
- $process.RemoteAddress = $matches.RemoteAddress
- $process.State = $matches.State
- $process.PID = $matches.PID
- $process.ProcessName = ( Get-Process -Id $matches.PID ).ProcessName
- $process
- continue
- }
- $regexUDP
- {
- $process = "" | Select-Object Protocol, LocalAddress, RemoteAddress, State, PID, ProcessName
- $process.Protocol = $matches.Protocol
- $process.LocalAddress = $matches.LocalAddress
- $process.PID = $matches.PID
- $process.ProcessName = ( Get-Process -Id $matches.PID ).ProcessName
- $process
- continue
- }
- }
- }
Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.