Monitoring connections

HAA monitors all TCP connections to a set of defined hosts. The hosts list is configured at the machine level in the HostAccessAnalyzerServiceConfiguration.conf file in the product configuration location.

To add hosts to the list, edit the file and apply your changes to the monitoredHosts entry. For example:

    "connectionMonitoring": {
    "enabled": true,        
    "monitoredHosts": {
        "Popeye": "*",          
        "Olive": "23",      
        "Bluto": "22, 23",  
        "Wimpy": "20 - 30", 
        "10.10.10.100": "*" 
    },
    "connectionPollingInterval": 5
}

where:

This line ... Means ...
"enabled": true, Enable/disable all connection monitoring.
"Popeye": "*", Monitor all ports of a host.
"Olive": "23", Monitor a specific port of a host.
"Bluto": "22, 23", Monitor a comma-separated list of ports of a host.
"Wimpy": "20 - 30", Monitor a range of ports of a host.
"10.10.10.100": "*" Monitor all ports of a host address.
Notes:
  • If a task misses its schedule, for example, if a machine is offline, it runs automatically at the first available opportunity.
  • To turn off monitoring, you can either delete all hosts from this list or change the enabled setting to false.
  • connectionPollingInterval is a setting that applies to how often, in seconds, monitoring TCP connections executes on Windows 7. It should be left unchanged unless a valid reason exists to the contrary.