Process Monitoring

<< Click to Display Table of Contents >>

Navigation:  Monitoring with EventSentry > System Health Monitoring >

Process Monitoring

Process monitoring detects when a required processes is inactive and can evaluate the command line parameters of a process, and the minimum number of required instances of a process may be specified as well.

 

linux_penguin_transparent_80

Process Monitoring can also alert on inactive processes from a remote SNMP agent by polling SNMP counter values. Process monitoring alerts are identical between Windows and Non-Windows hosts.

 

SNMP data is collected by the Heartbeat Agent.

 

Process Monitoring

 

clip0155

 

Monitoring a process

To monitor a process, click the + button and specify the process name as well as the number of required instances (usually "1"). Wildcards can be specified for the process name, e.g. "java*" would match all processes starting with "java".

 

Command Line Parameters

If only processes with specific command-line parameters should be evaluated, then the required command line can be specified as well. If a command line is not specified, then it will be ignored. This parameter supports wildcards as well.

 

clip0187

 

Process Network Status (aka Netstat)

Enumerates all processes which have an active TCP network connection and makes that information available in the web reports, it provides the same data as the built-in netstat command. If "Detect Changes" is selected, optionally also generates an alert when a process starts listening on a previously inactive TCP connection and vice versa.

 

The following options are available:

 

Enabled (All Connections): Enumerates all processes which have an active TCP network connection, including both client-side and server-side processes.

Enabled (Listening Ports Only): Enumerates all processes which are listening for incoming TCP requests, usually server-side processes like web servers, database servers and such.

Disabled

 

Detect Changes

Detects when a previously closed TCP port is in the active listening state, or when a TCP port that was previously listening is now closed. Events are logged with the event severity selected in the Options below.

 

Interval

Determines how often the process state is refreshed.

 

Database

Sets the database where the process data is stored.

 

clip0339

 

 

warning_20

The Process Network Status feature is only available on Windows-based hosts.

 

Options

You can customize the severity with which an event is written to the event log by changing the "log errors as" option below the list. When a specified process is not active, event 10401 is logged to the event log once. When the process becomes active again event 10402 will be logged to the application event log (see also Event Log).

 

You can also configure a start-up delay to avoid false notifications for processes that start after the  EventSentry service is starting. Simply set the "Start monitoring processes" option to the number of seconds it takes for all processes to be active.

 

"Notify at most once every" sets how often an alert is generated when the required process(es) is not active.

 

clip0258