How to log port assignments and opening and closing?

[jringoot]

I am trying to find a good/easy way to log ports assignments and opening and closing them in linux. It should log at least every 10 seconds. (So crontab is not a good option=minumum interval is 1 minute)

Until now the best option I could come up with is trying to use systemd timers to start this

Code: Select all

ss -aenp &>> /var/log/sslog-`date +%F`.log

Or for transmission:

Code: Select all

systemd-run --on-calendar="*-*-* *:*:*/6" ss -aenp | grep transmi &>> /var/log/sslog-`date +%F`.log

But it is not working

Code: Select all

root@localhost:~# systemd-run --on-calendar="*-*-* *:*:1/6" ss -aenp | grep transmi &>> /var/log/ss-`date +%F`.log
Running timer as unit: run-r4f7f393ed93d4b7ca0e5097ebfa679ec.timer
Will run service as unit: run-r4f7f393ed93d4b7ca0e5097ebfa679ec.service
root@localhost:~# updatedb
root@localhost:~# locate run-r4f7f393ed93d4b7ca0e5097ebfa679ec.timer
root@localhost:~# locate run-r4f7f393ed93d4b7ca0e5097ebfa679ec.service
root@localhost:~# 
root@localhost:~# ls -al /var/log/ss-*
-rw-r--r-- 1 root root 0 Apr 30 15:45 /var/log/ss-2020-04-30.log
root@localhost:~# 

The log keeps emtpty and the created timer files cannot be found.

BTW: this bevaviour is the same on centos 8 and debian 10, (yes crossposted on ubuntu/debian)

What could have went wrong?

[KernelOops]

Instead of oncalendar, try the solution described here:

https://stackoverflow.com/a/53557536

[TrevorH]

What are you really trying to do ? The end goal of this that is?