src/go/plugin/go.d/modules/portcheck/integrations/tcp-udp_endpoints.md from firehol/netdata

src/go/plugin/go.d/modules/portcheck/integrations/tcp-udp_endpoints.md
Summary

Maintainability

Test Coverage

Issues
<!--startmeta
custom_edit_url: "https://github.com/netdata/netdata/edit/master/src/go/plugin/go.d/modules/portcheck/README.md"
meta_yaml: "https://github.com/netdata/netdata/edit/master/src/go/plugin/go.d/modules/portcheck/metadata.yaml"
sidebar_label: "TCP/UDP Endpoints"
learn_status: "Published"
learn_rel_path: "Collecting Metrics/Synthetic Checks"
most_popular: False
message: "DO NOT EDIT THIS FILE DIRECTLY, IT IS GENERATED BY THE COLLECTOR'S metadata.yaml FILE"
endmeta-->

# TCP/UDP Endpoints


<img src="https://netdata.cloud/img/globe.svg" width="150"/>


Plugin: go.d.plugin
Module: portcheck

<img src="https://img.shields.io/badge/maintained%20by-Netdata-%2300ab44" />

## Overview

Collector for monitoring service availability and response time. It can be used to check if specific ports are open or reachable on a target system.

It supports both TCP and UDP protocols over IPv4 and IPv6 networks.

| Protocol | Check Description                                                                                                           |
|----------|-----------------------------------------------------------------------------------------------------------------------------|
| TCP      | Attempts to establish a TCP connection to the specified ports on the target system.                                         |
| UDP      | Sends a 0-byte UDP packet to the specified ports on the target system and analyzes ICMP responses to determine port status. |

Possible TCP statuses:

| TCP Status | Description                                                 |
|------------|-------------------------------------------------------------|
| success    | Connection established successfully.                        |
| timeout    | Connection timed out after waiting for configured duration. |
| failed     | An error occurred during the connection attempt.            |

Possible UDP statuses:

| UDP Status    | Description                                                                                                                                                           |
|---------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| open/filtered | No response received within the configured timeout. This status indicates the port is either open or filtered, but the exact state cannot be determined definitively. |
| closed        | Received an ICMP Destination Unreachable message, indicating the port is closed.                                                                                      |




This collector is supported on all platforms.

This collector supports collecting metrics from multiple instances of this integration, including remote instances.


### Default Behavior

#### Auto-Detection

This integration doesn't support auto-detection.

#### Limits

The default configuration for this integration does not impose any limits on data collection.

#### Performance Impact

The default configuration for this integration is not expected to impose a significant performance impact on the system.


## Metrics

Metrics grouped by *scope*.

The scope defines the instance that the metric belongs to. An instance is uniquely identified by a set of labels.



### Per TCP endpoint

These metrics refer to the TCP endpoint.

Labels:

| Label      | Description     |
|:-----------|:----------------|
| host | The hostname or IP address of the target system, as specified in the configuration. |
| port | The TCP port being monitored, as defined in the 'ports' configuration parameter. |

Metrics:

| Metric | Dimensions | Unit |
|:------|:----------|:----|
| portcheck.status | success, failed, timeout | boolean |
| portcheck.state_duration | time | seconds |
| portcheck.latency | time | ms |

### Per UDP endpoint

These metrics refer to the UDP endpoint.

Labels:

| Label      | Description     |
|:-----------|:----------------|
| host | The hostname or IP address of the target system, as specified in the configuration. |
| port | The UDP port being monitored, as defined in the 'udp_ports' configuration parameter. |

Metrics:

| Metric | Dimensions | Unit |
|:------|:----------|:----|
| portcheck.udp_port_status | open/filtered, closed | status |
| portcheck.udp_port_status_duration | time | seconds |



## Alerts


The following alerts are available:

| Alert name  | On metric | Description |
|:------------|:----------|:------------|
| [ portcheck_service_reachable ](https://github.com/netdata/netdata/blob/master/src/health/health.d/portcheck.conf) | portcheck.status | TCP host ${label:host} port ${label:port} liveness status |
| [ portcheck_connection_timeouts ](https://github.com/netdata/netdata/blob/master/src/health/health.d/portcheck.conf) | portcheck.status | percentage of timed-out TCP connections to host ${label:host} port ${label:port} in the last 5 minutes |
| [ portcheck_connection_fails ](https://github.com/netdata/netdata/blob/master/src/health/health.d/portcheck.conf) | portcheck.status | percentage of failed TCP connections to host ${label:host} port ${label:port} in the last 5 minutes |


## Setup

### Prerequisites

No action required.

### Configuration

#### File

The configuration file name for this integration is `go.d/portcheck.conf`.


You can edit the configuration file using the `edit-config` script from the
Netdata [config directory](/docs/netdata-agent/configuration/README.md#the-netdata-config-directory).

```bash
cd /etc/netdata 2>/dev/null || cd /opt/netdata/etc/netdata
sudo ./edit-config go.d/portcheck.conf
```
#### Options

The following options can be defined globally: update_every, autodetection_retry.


<details open><summary>Config options</summary>

| Name | Description | Default | Required |
|:----|:-----------|:-------|:--------:|
| update_every | Data collection frequency. | 5 | no |
| autodetection_retry | Recheck interval in seconds. Zero means no recheck will be scheduled. | 0 | no |
| host | Remote host address in IPv4, IPv6 format, or DNS name. |  | yes |
| ports | Target TCP ports. Must be specified in numeric format. |  | no |
| udp_ports | Target UDP ports. Must be specified in numeric format. |  | no |
| timeout | HTTP request timeout. | 2 | no |

</details>

#### Examples

##### Check TCP ports (IPv4)

An example configuration.

<details open><summary>Config</summary>

```yaml
jobs:
  - name: local
    host: 127.0.0.1
    ports:
      - 22
      - 23

```
</details>

##### Check TCP ports (IPv6)

An example configuration.

<details open><summary>Config</summary>

```yaml
jobs:
  - name: local
    host: "[2001:DB8::1]"
    ports:
      - 80
      - 8080

```
</details>

##### Check UDP ports (IPv4)

An example configuration.

<details open><summary>Config</summary>

```yaml
jobs:
  - name: local
    host: 127.0.0.1
    udp_ports:
      - 3120
      - 3121

```
</details>

##### Check UDP ports (IPv6)

An example configuration.

<details open><summary>Config</summary>

```yaml
jobs:
  - name: local
    host: [::1]
    udp_ports:
      - 3120
      - 3121

```
</details>

##### Multi-instance

> **Note**: When you define multiple jobs, their names must be unique.

Multiple instances.


<details open><summary>Config</summary>

```yaml
jobs:
  - name: server1
    host: 127.0.0.1
    ports:
      - 22
      - 23

  - name: server2
    host: 203.0.113.10
    ports:
      - 22
      - 23

```
</details>



## Troubleshooting

### Debug Mode

**Important**: Debug mode is not supported for data collection jobs created via the UI using the Dyncfg feature.

To troubleshoot issues with the `portcheck` collector, run the `go.d.plugin` with the debug option enabled. The output
should give you clues as to why the collector isn't working.

- Navigate to the `plugins.d` directory, usually at `/usr/libexec/netdata/plugins.d/`. If that's not the case on
  your system, open `netdata.conf` and look for the `plugins` setting under `[directories]`.

  ```bash
  cd /usr/libexec/netdata/plugins.d/
  ```

- Switch to the `netdata` user.

  ```bash
  sudo -u netdata -s
  ```

- Run the `go.d.plugin` to debug the collector:

  ```bash
  ./go.d.plugin -d -m portcheck
  ```

### Getting Logs

If you're encountering problems with the `portcheck` collector, follow these steps to retrieve logs and identify potential issues:

- **Run the command** specific to your system (systemd, non-systemd, or Docker container).
- **Examine the output** for any warnings or error messages that might indicate issues.  These messages should provide clues about the root cause of the problem.

#### System with systemd

Use the following command to view logs generated since the last Netdata service restart:

```bash
journalctl _SYSTEMD_INVOCATION_ID="$(systemctl show --value --property=InvocationID netdata)" --namespace=netdata --grep portcheck
```

#### System without systemd

Locate the collector log file, typically at `/var/log/netdata/collector.log`, and use `grep` to filter for collector's name:

```bash
grep portcheck /var/log/netdata/collector.log
```

**Note**: This method shows logs from all restarts. Focus on the **latest entries** for troubleshooting current issues.

#### Docker Container

If your Netdata runs in a Docker container named "netdata" (replace if different), use this command:

```bash
docker logs netdata 2>&1 | grep portcheck
```