Port 9100 (TCP) is the standard for Prometheus node_exporter. Prometheus node_exporter — host-level metrics (CPU, RAM, disk, network). Port 9100 — HTTP endpoint /metrics in Prometheus-compatible format. The standard for monitoring Linux m
Below: what uses this port, security considerations, online check, FAQ.
Free online tool — ping & port checker: instant results, no signup.
Prometheus node_exporter
Prometheus node_exporter — host-level metrics (CPU, RAM, disk, network). Port 9100 — HTTP endpoint /metrics in Prometheus-compatible format. The standard for monitoring Linux machines, installed on every server.
node_exporter is unauthenticated by default. Bind private network only or put nginx basic_auth in front. Metrics contain sensitive info (mounted paths, process names).
Enterno.io Ping + Port checker tests TCP reachability of any port from 3 regions (Moscow / Frankfurt / Virginia).
Port 9100 (TCP) is the designated communication channel for the Prometheus node_exporter, a critical component in the Prometheus monitoring ecosystem. This port serves as the endpoint through which host-level metrics are exposed, allowing Prometheus to scrape data efficiently. The node_exporter is responsible for collecting various system metrics, including CPU usage, memory consumption, disk I/O, and network statistics.
When the node_exporter is running, it listens on port 9100 and provides an HTTP endpoint at /metrics. This endpoint returns metrics in a Prometheus-compatible format, which can be queried by Prometheus servers. The metrics collected can be visualized using tools like Grafana, enabling real-time monitoring and alerting based on system performance.
To configure the node_exporter, ensure that it is installed on your target host. Start the service by running the following command:
./node_exporter This will initiate the node_exporter and bind it to port 9100 by default. You can verify that it is running by accessing http:// in your web browser, which should display a list of metrics being collected.
While port 9100 is essential for monitoring, it also poses potential security risks if not properly managed. By default, the node_exporter does not implement any authentication or encryption mechanisms, which can expose sensitive system metrics to unauthorized users if the port is publicly accessible.
To mitigate these risks, consider the following security best practices:
iptables, you can add a rule like:iptables -A INPUT -p tcp --dport 9100 -s -j ACCEPT server { listen 443 ssl; server_name ; ssl_certificate /path/to/cert.pem; ssl_certificate_key /path/to/key.pem; location /metrics { proxy_pass http://localhost:9100; auth_basic "Restricted Access"; auth_basic_user_file /etc/nginx/.htpasswd; } } By implementing these security measures, you can significantly reduce the risk of unauthorized access to your monitoring data, ensuring that your metrics remain confidential and secure.
To effectively use port 9100 for monitoring with Prometheus node_exporter, you need to understand how to configure it and integrate it with your Prometheus instance. Below are practical examples that illustrate how to set up and query metrics.
1. **Installing node_exporter**: First, download the latest version of node_exporter from the official GitHub repository:
wget https://github.com/prometheus/node_exporter/releases/latest/download/node_exporter-.linux-amd64.tar.gz Extract the downloaded file:
tar -xvf node_exporter-.linux-amd64.tar.gz Navigate to the extracted directory and start the node_exporter:
cd node_exporter-.linux-amd64 ./node_exporter 2. **Configuring Prometheus**: Next, you need to configure your Prometheus server to scrape data from the node_exporter. Edit the prometheus.yml configuration file to include the following scrape configuration:
scrape_configs: - job_name: 'node' static_configs: - targets: [':9100'] 3. **Querying Metrics**: After setting up the node_exporter and configuring Prometheus, you can start querying metrics. For example, to check CPU usage, you can use the following Prometheus query:
rate(node_cpu_seconds_total[5m]) This query will return the rate of CPU usage over the last 5 minutes, allowing you to monitor system performance effectively.
By following these steps, you can harness the power of Prometheus and node_exporter over port 9100 to gain valuable insights into your system's health and performance.
No, modern cloud providers (AWS, Google Cloud, Yandex) close all incoming ports by default. You must explicitly allow port 9100 in a Security Group or firewall.
Use <a href="/en/ping">Enterno Ping + Port Checker</a>. Or in shell: <code>nc -vz example.com 9100</code>.
Depends on the service. Prometheus node_exporter should never be exposed publicly without authentication + TLS. See <a href="/en/s/research-open-ports-exposure-2026">our 2026 exposure research</a>.
Free plan — 10 monitors, checks every 5 min, no card required. Upgrade for 1-minute interval and multi-region monitoring.