1

I have a project with an architecture based on a RabbitMQ queue. Each day at 00:30 triggered by a CRON job, the producer process gets the information from a web page and writes in the queue in order to send the information to the consumer process which is subscribed to the queue.

It works fine, but, randomly I get a message in the queue around 2 hours later(It is not fixed, can be at 03.16 or at 03:44). I activated the log with RabbitMQ but I am not able to see which processes are opening that TCP socket. So I would like to log all processes that open a socket on the listening port (the queue) in order to see which process is writing randomly the queue.

Dave M
  • 4,514
  • 22
  • 31
  • 30
mapedraza
  • 11
  • 1
  • One method available on Linux (*BSD too but I don't know its use cases) if network activity isn't overwhelming is the audit facility. look in this site for questions about networking and mentioning auditd, eg: https://serverfault.com/search?q=%5Bnetwork%5D+auditd – A.B Apr 11 '20 at 14:45

1 Answers1

0

You can use the command lsof, which is used to figure out what processes are opening what files. In your case you could use

lsof -i TCP:22

which will give you the command, pid, and the user accessing the socket along with a few other things.

KazikM
  • 215
  • 1
  • 3
  • 11
kriipke
  • 1
  • 1
  • 1
    The problem is that command will show the connections just in that right moment. I need something I can run in the background and show every event happens since starting the logger. The problem is I don't know when the process is going to run. – mapedraza Apr 11 '20 at 14:29