Discovery log - Other TCP connection states found: ["FIN_WAIT_2","TIME_WAIT","CLOSE_WAIT","SYN_SENT"

Richard Nelson
Giga Guru

‎11-28-2025 02:18 AM

Hi all, I have noticed that our discovery log has started to report numerous messages relating to the TCP connection states.  This appears be a recent phenomena and I'm trying to understand if its an indication of an issue or simply an increase on the level of logging.

 

Other TCP connection states found: ["FIN_WAIT_2","TIME_WAIT","CLOSE_WAIT","SYN_SENT"]

 

Has anyone else noticed these or know why they are being reported?

 

Thanks,  Richard 

Labels:
0 Helpfuls
  • 845 Views
3 REPLIES 3

alexandrede
Tera Contributor

‎02-25-2026 10:00 AM

Ola , boa tarde, tambem estou observando isso nos meus discoverys, alguem mais ? temos solucao ?

0 Helpfuls

Richard Nelson
Giga Guru
In response to alexandrede

3 weeks ago

Hi Alexandrede, No I did not find a solution.  I'm still open to explanations if anyone out there has one.

0 Helpfuls

Marinus _Ronald
Tera Contributor

Monday

Hi Richard,

 

This log entry is generated by the Windows – Active Connections multisensor, which is part of the Windows – ADM multiprobe. The multisensor categorizes TCP connections using the following system properties:

 

glide.discovery.windows_tcp_listening_connections
glide.discovery.windows_tcp_established_connections

 

Connection states that do not match the values defined in these two properties are placed into a separate list and logged by the multisensor.

 

The part I question is the severity. Since ADM only seems to care about listening/established states, logging the other normal TCP states as a warning feels misleading. Informational or no log at all would make more sense.

 

I am opening a HI ticket to ask ServiceNow why this is warning-level logging and whether this is expected behavior or something they plan to change.

 

Br,

Ronald