What Is TCP Monitoring? Port-Level Health Checks

By WatchCron Team

Most monitoring tools check HTTP endpoints, but plenty of critical services never serve a web page. A PostgreSQL database on port 5432, a Redis cache on 6379, an SMTP relay on 587 — these listen on TCP ports and have no HTTP interface to probe. TCP monitoring fills that gap by attempting a connection to a specific host and port, then reporting whether the handshake completed or not.

The check itself is simple. The monitor sends a SYN packet, waits for SYN-ACK, and completes the three-way handshake. If the connection establishes, the service is up. If the host actively refuses the connection, the service has stopped or crashed. If nothing comes back at all, the host is down, the port is firewalled, or there is a network problem between the monitor and the target. Each outcome points to a different root cause, which is more than a binary up/down can tell you.

When TCP checks matter more than HTTP

HTTP monitoring works when there is an HTTP endpoint to hit. For everything else, TCP is the right tool. Database servers, message brokers like RabbitMQ on port 5672, Memcached on 11211, SSH on 22 — none of these speak HTTP. A TCP check confirms the process is listening and accepting connections. It also measures connection latency at the transport layer, stripped of any application overhead, which makes it useful for tracking network-level performance between your monitor and the target host.

The trade-off is scope. A successful TCP handshake proves the port is open, not that the service behind it is healthy. A MySQL instance that accepts connections but rejects every query with "too many connections" still passes a TCP check. For services that support it, pairing a TCP port check with an application-level health check covers both layers.

TCP monitoring and WatchCron

Port monitoring in WatchCron opens a TCP connection to any host and port on a schedule you choose. When the connection fails, alerts go out through the same channels as every other monitor type: email, Slack, Telegram, SMS, or voice depending on your plan. Port monitors are unlimited and do not count against check limits, so there is no reason to skip a database or cache server just to save quota. Response time is recorded per check, giving you a baseline to spot network degradation before it turns into a full outage.

Related terms: health check, uptime, DNS monitoring, P99 latency, SLO

WatchCron checks TCP, UDP, DNS, and ICMP endpoints on any schedule. Port monitors are unlimited on every plan, with alerts through Slack, email, Telegram, or SMS.

Start Free

Frequently Asked Questions

TCP monitoring checks whether a specific port on a host accepts connections. It attempts a TCP handshake and reports the service as up if the connection establishes, or down if the connection is refused or times out.
Any service that does not serve HTTP traffic: databases like PostgreSQL on port 5432 or MySQL on 3306, caches like Redis on 6379, mail servers on SMTP port 587, message brokers, and SSH on port 22. If it listens on a TCP port, a TCP check can watch it.
Not necessarily. A TCP check confirms the port accepts connections, but it does not verify application-level health. A database that accepts connections but rejects queries still passes a TCP check. For full coverage, pair TCP checks with application-level health checks.

Start monitoring in under 2 minutes

Free plan includes 20 checks. No credit card required.

See Plans & Pricing