Browse Prior Art Database

Capability to trace sockets and dynamically respond to socket field changes Disclosure Number: IPCOM000019346D
Original Publication Date: 2003-Sep-11
Included in the Prior Art Database: 2003-Sep-11
Document File: 3 page(s) / 42K

Publishing Venue



This concept provides the ability to provide specific responses to anticipated events during communication via tcp or udp communication between computer systems.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 3

Capability to trace sockets and dynamically respond to socket field changes

It is currently difficult to capture comprehensive information for intermittently reproducible problems involving tcp/udp applications/protocol using current tracing tools in conjunction with manually entered commands. These tools log filtered information that must be analyzed manually after a problem has occurred. This process also requires that commands be executed manually to gather system/application/network information without precise indicators to ensure that commands are executed at the appropriate time in the problem's sequence of events. It is therefore necessary to repeat these steps to fine tune them in an effort to gather the necessary problem determination information at an appropriate time. Schemes must be devised that are external to the tracing/logging process to gather problem determination data that is not in the tcp/udp protocol stream.

This invention adds the capability to trace tcp/udp sockets according to configurable filters to identify specific sockets by fields in each socket. A socket is a finite state machine that reflects tcp/udp protocol status/events and application requests of and responses to protocol events. This invention also adds the ability to identify changes to preselected fields of a sockets and execute scripts to gather problem determination data at a meaningful time.

A single socket or group of sockets will be chosen for monitoring according to criteria documented in a config file. A process which is started manually will continuously look for sockets defined in the config file. If a socket is discovered for the first time, it's contents with or without queued data will be copied to process memory and a log file. Additional criteria in the config file will define fields within the discovered socket that will be monitored for change when said socket is rediscovered in the continuous search of sockets. When a socket change is detected, the changed socket contents with or without queued data will be copied to process memory and a log file. The config file will provide for optional definition of script files which will be executed when a change is detected in a preselected socket field.

This invention has four basic advantages over existing trace and status commands. This invention requires less resources than current trace tools that must process multiple protocol packets before a socket changes state. This invention reports complete socket contents versus current commands(netstat) that report part of socket contents. This invention also allows scripts to be executed at a meaningful time during problem determination. The scripts are dynamic in that they can provide a specific response depending on the socket field which changes and the manner in which it changes.

Privileged users will run a command to invoke socket monitoring and tracing. The command will read a default or user named config file. Th...