Forum Discussion

Keimond's avatar
Icon for Neophyte rankNeophyte
2 years ago

LinuxNewProcesses DataSource -- Auto discovery and key off of HOST-RESOURCES-MIB::hrSWRunName

Hello all!
I just wanted to share my edits. I never could get LinuxNewProcesses to work for my needs.. but we really wanted it to also have auto discovery and automatically add a list of toolsets that we have deployed across the board.

I did this LONG ago and my wildvalue was the PID… but that’s dangerous and I ended up creating thousands of entries in the LM database because my processes (thousands of them) were always changing. . . .this takes a different approach and keys off of the process name.

#1 You just need to have a property defined with a comma separated list
      These names need to be from “HOST-RESOURCES-MIB::hrSWRunName”

#2 My polling is every minute but don’t alert unless it’s been down for an hour… for my scenario, I do this on purpose because some of my applications run for about 5 minutes and then aren’t kicked off again for another 10… so adjust as needed :)

The status is under a security review right now.. I’ll post the lmLocator if it makes it!

Otherwise here’s the autodiscovery.. the collection script wont’ work and you’ll have to modify it 

import com.santaba.agent.groovyapi.snmp.Snmp;

def OID_NAME = ".";
def host = hostProps.get("system.hostname");
def services = hostProps.get("").split(',');
Map<String, String> result = Snmp.walkAsMap(host, OID_NAME, null)

index,value->index = index; value = value;
for (service in services) {
if (value ==~ /${service}/) {
def CMD_OID = "." + index;
def service_cmd = Snmp.get(host, CMD_OID);
def desc = index + " | " + service_cmd;
out.println value + "##" + value + "##" + desc

Script: Line 89:

            if ("${name}" == "${processPath}") {

3 Replies

  • I also have a datasource that seeks to help automate process discovery and monitoring sitting in Security Review (for about 10 months now -- Locator code: 9YLFYE; I doubt anyone can actually see this.)

    My approach was more or less reverse engineered from Zenoss’s process monitoring, where the user provides a list comma-delimited regular expressions, and the WILDVALUE reflects the regular expression as the instance. All data is rolled up into ‘# of matching processes,’ and their CPU/Mem values are rolled up as well. This was primarily important for Java process monitoring, as all Java processes will commonly have `java` as their hrSWRunPath, despite being many discrete applications sharing this hrSWRunPath.

    Of course, my solution was a means-to-an-end to achieve parity with our incumbent platform at the time, and I actively discourage any of our users to make further use of process monitoring. A better pattern is figuring out how to assess the operational health of a process through querying it directly instead of predicating it upon whether or not we see it in the process list. SNMP is also suboptimal for this, as it can show a process running even when it’s zombied or orphaned. But, alas, sometimes SNMP is all we have :)

  • A better pattern is figuring out how to assess the operational health of a process through querying it directly instead of predicating it upon whether or not we see it in the process list.

    This! I recently implemented something like this with my dockerized applications. I have one DS that checks if the container is up, but that doesn’t always mean the script is progressling/looping like it should. So i added some local logging at the end of each loop where the current timestamp is written to a file. A simple datasource later and i have “uptime in secs/mins/hours/days/weeks”.

  • Hi @Austin Culbertson 

    Your correct in that nobody can see you locator code until it’s passed security checks. (which given the timeframe its been sitting there means its unlikely to actually ever be seen :-( 

    Is there another way you can share you datasource privately? I know you can export a datasource as an XML file. If you would happy to share it that would be great.. I have something mostly working but struggling with the Datapoints mapping and feel like I’m reinventing the wheel here! Cheeky Dropbox download link for the in need?