I'm trying to use SNMP to map outgoing ports on my host computer with the application running on the computer that is responsible for that communication.
When running "netstat -ano" I get access to Protocol, Local Address (with port), Foreign Address (with port), State and PID. But I want to do this entirely without having to execute "cmd" from Java.
By using SNMP OID: .1.3.6.1.2.1.25.4 (.iso.org.dod.internet.mgmt.mib-2.host.hrSWRun) I get access to PID (ex. 1704), Name (ex. cmd.exe), Path (ex. C:\Windows\system32) among others. There is an SNMP OID: .1.3.6.1.2.1.6.13 (.iso.org.dod.internet.mgmt.mib-2.tcp.tcpConnTable) that give you access to TCP connection state, local address, local port, remote address, remote port. But NO PID.
So to sum up. My question again: Is there a way to "map" these tables together? Either directly in SNMP with other OID's or in conjunction with WMI / WMIC?
UPDATE: What I want is access to tcpConnectionProcess in TcpConnectionEntry (tcpConnectionTable). This is from RFC 4022. tcpConnectionProcess has OID: .1.3.6.1.2.1.6.19.1.8 (.iso.org.dod.internet.mgmt.mib-2.tcp.tcpConnectionTable.tcpConnectionEntry.tcpConnectionProcess)
The strange thing is that I get values from OID: .1.3.6.1.2.1.6.19.1.7 (.iso.org.dod.internet.mgmt.mib-2.tcp.tcpConnectionTable.tcpConnectionEntry.tcpConnectionState)
The main problem here is that in Windows, this table is empty. Probably my lack of knowledge with regards to installation on Windows, but any help would be a great help.