1. First add these arguments in JVM options (Configuration → Updates, monitoring, and logging → JVM options) -

-Dcom.sun.management.jmxremote

`-Dcom.sun.management.jmxremote.port=9910`

`-Dcom.sun.management.jmxremote.rmi.port=9910`

`-Dcom.sun.management.jmxremote.ssl=false`

`-Dcom.sun.management.jmxremote.authenticate=false`

`-Djava.rmi.server.hostname=localhost`

1. Then wait for server to restart. Once connected via ssh, run the below command to check open ports used by java - sudo ss -ntlp | grep java

Output will be something like this -

![Untitled](<https://prod-files-secure.s3.us-west-2.amazonaws.com/7bd6b1d8-b078-45bd-8410-98eb8b35ecbf/6edd8bae-0ffc-4dd5-b502-01053fcb2dd6/Untitled.png>)

It should show the JMX process running on port **9910** along with other Java processes

1. Now, forward everything from local port 9910 to [**localhost:9910](<http://localhost:9910>)** on instance. Replace the ip according to the instance you want to monitor.
****`ssh -i <your pem file> -L 9910:localhost:9910 [[email protected]](<mailto:[email protected]>)`

2. Go to VisualVM. Right click the Local icon and select the “Add JMX Connection” option.  Set the Connection field as localhost:9910 as shown below.

   

   This connects us to desired ec2 instance server via the SSH tunnel running on localhost port 9910.