Forum Discussion

Vitor_Santos's avatar
Vitor_Santos
Icon for Advisor rankAdvisor
5 years ago

Monitoring Linux Processes (their status, resource usage, etc ) via SSH?

Hello,

Is there anything already developed that allows the monitoring of Linux Processes via SSH. I know it's possible via SNMP (however, if possible we would like to avoid configuring SNMP individually per server).

Yesterday I was searching in the Exchange module &* found the 'Linux_SSH_ServiceStatus' but it doesn't work & doesn't seem to capture processes resource usage.

Does anyone had this need in the past?
I'm not that into Linux therefore, I'm not sure how to/if it's possible to have a datasource for this.

Thank you!

Regards,

11 Replies

Sort By
  • Stuart_Weenig's avatar
    Stuart_Weenig
    Icon for Mastermind rankMastermind
    3 years ago

    Sorry, here's the original if you want to compare to @Austin Culbertson's. 

    Discovery Script: 

    import com.jcraft.jsch.JSch
import com.santaba.agent.util.Settings
host = hostProps.get("system.hostname")
user = hostProps.get("ssh.user")
pass = hostProps.get("ssh.pass")
port = hostProps.get("ssh.port") ?: 22
cert = hostProps.get("ssh.cert") ?: '~/.ssh/id_rsa'
timeout = 15000 // timeout in milliseconds
try {
  def userCmd = getCommandOutput('ps ax -o pid,user,tty')
  if (userCmd[0]==2) {
    println(userCmd[1])
    return 2
  } else {
    users = userCmd[1].readLines().collectEntries{[it.tokenize(" ")[0], [it.tokenize(" ")[1],it.tokenize(" ")[2]]]}
    output = getCommandOutput('ps ax -o pid,command')
    if (output[0] == 2){
      return 3
    } else {
      def processes = output[1].readLines()
      processes.subList(2,processes.size()-2).each{
        e = it.tokenize(" ")
        pid = e[0]
        command = e[1..e.size()-1].join(" ")
        print("${pid}##[${pid}]${command}######")
        print("pid=${pid}")
        if (users[pid]){
          print("&tty=${users[pid][1]}")
          print("&user=${users[pid][0]}")
        } else {
          print("&user=UnknownUser")
        }
        print("\n")
      }
      return 0
    }
  }
}
catch (Exception e) {println "Unexpected Exception : " + e; return 1}

def getCommandOutput(String input_command) {
  try {
    jsch = new JSch()
    if (user && !pass) {jsch.addIdentity(cert)}
    session = jsch.getSession(user, host, port)
    session.setConfig("StrictHostKeyChecking", "no")
    String authMethod = Settings.getSetting(Settings.SSH_PREFEREDAUTHENTICATION, Settings.DEFAULT_SSH_PREFEREDAUTHENTICATION)
    session.setConfig("PreferredAuthentications", authMethod)
    session.setTimeout(timeout)
    if (pass) {session.setPassword(pass)}
    session.connect()
    channel = session.openChannel("exec")
    channel.setCommand(input_command)
    def commandOutput = channel.getInputStream()
    channel.connect()
    def output = commandOutput.text
    channel.disconnect()
    return [0,output]
  }
  catch (Exception e) {
    e.printStackTrace()
    return [2,"Error in SSH connection"]
  }
  finally {session.disconnect()}
}

     

    Collection Script: 

    import com.jcraft.jsch.JSch
import com.santaba.agent.util.Settings
host = hostProps.get("system.hostname")
user = hostProps.get("ssh.user")
pass = hostProps.get("ssh.pass")
port = hostProps.get("ssh.port") ?: 22
cert = hostProps.get("ssh.cert") ?: '~/.ssh/id_rsa'
timeout = 15000 // timeout in milliseconds
try {
  def output = getCommandOutput('ps aux')
  if (output[0] == 2){
    println(output[1])
    return 2
  } else {
    output = output[1].readLines()
    output.subList(2,output.size()-2).each{line ->
      e = line.tokenize(" ")
      println("${e[1]}.cpu: ${e[2]}")
      println("${e[1]}.mem: ${e[3]}")
      println("${e[1]}.vsz: ${e[4]}")
      println("${e[1]}.rss: ${e[5]}")
    }
    return 0
  }
}
catch (Exception e) {println "Unexpected Exception : " + e; return 1}

def getCommandOutput(String input_command) {
  try {
    jsch = new JSch()
    if (user && !pass) {jsch.addIdentity(cert)}
    session = jsch.getSession(user, host, port)
    session.setConfig("StrictHostKeyChecking", "no")
    String authMethod = Settings.getSetting(Settings.SSH_PREFEREDAUTHENTICATION, Settings.DEFAULT_SSH_PREFEREDAUTHENTICATION)
    session.setConfig("PreferredAuthentications", authMethod)
    session.setTimeout(timeout)
    if (pass) {session.setPassword(pass)}
    session.connect()
    channel = session.openChannel("exec")
    channel.setCommand(input_command)
    def commandOutput = channel.getInputStream()
    channel.connect()
    def output = commandOutput.text
    channel.disconnect()
    return [0,output]
  }
  catch (Exception e) {
    e.printStackTrace()
    return [2,"Problem with SSH connection"]
  }
  finally {session.disconnect()}
}

     

    I have these discovery filters setup to make it easy to pick and choose which processes are monitored based on properties set on the group/resource:

    I also group by user because that's often helpful:

     

  • Vitor_Santos's avatar
    Vitor_Santos
    Icon for Advisor rankAdvisor
    5 years ago

    Hey Stuart,

    I've deployed & it works just fine!

    Thanks a lot for the sharing.

  • John_Lockie's avatar
    John_Lockie
    3 years ago

    That link is dead....updated link maybe?  Sorry to resurrect and old thread.

  • AustinC's avatar
    AustinC
    Icon for Neophyte rankNeophyte
    3 years ago

    I have got a better solution for Linux process monitoring that I've been meaning to upload to the exchange (both SNMP and SSH). It gets a little over-bearing using Regular Expressions, but we've used it to great effect after we migrated into LogicMonitor. I have to do a bunch of cleanup for it to anonymize it and make it clear how to use it, but I'll see if I can finish it up this week. It was developed with multi-instance Active Discovery in mind, because adding instances manually is a huge no-no to me ? 

    That being said, my personal belief is that process monitoring is wholly insufficient for monitoring the state of your hosts and processes (good for collecting metrics, though). I would encourage folks to investigate how they can introspect the health of their process/services via whatever means available when possible (Think: performing a DB query instead of monitoring for MySQL/Postgres; Running `service <name> status` commands instead of simply checking if the process is running, etc). This takes a little more work, but is ABSOLUTELY worth the time investment.

    I'll update this thread when I think I've got this uploaded. 

  • AustinC's avatar
    AustinC
    Icon for Neophyte rankNeophyte
    3 years ago
    3 hours ago, John Lockie said:

    That link is dead....updated link maybe?  Sorry to resurrect and old thread.

    Looks like I was further along than I expected :)/emoticons/smile@2x.png 2x" title=":)" width="20" />

    I've published both an SSH and an SNMP version:

    Locator Code: 9YLFYE - LinuxRegexProcessMonitoring_withAD_SSH
    Locator Code: JDCMLM - LinuxRegexProcessMonitoring_withAD_SNMP

    Let me know if you have any problems locating these. These are the first datasources I've published, so I'm not sure the best way to facilitate it.

  • AustinC's avatar
    AustinC
    Icon for Neophyte rankNeophyte
    3 years ago
    1 hour ago, Austin Culbertson said:

    Looks like I was further along than I expected :)/emoticons/smile@2x.png 2x" title=":)" width="20" />

    I've published both an SSH and an SNMP version:

    Locator Code: 9YLFYE - LinuxRegexProcessMonitoring_withAD_SSH
    Locator Code: JDCMLM - LinuxRegexProcessMonitoring_withAD_SNMP

    Let me know if you have any problems locating these. These are the first datasources I've published, so I'm not sure the best way to facilitate it.

    I can't figure out how to edit my post, so here's some additional guidance for how these work (which probably means it's already overly-complicated :)/emoticons/smile@2x.png 2x" title=":)" width="20" /> BUT, we have been entirely hands off with this ever since I wrote this 2 years ago, outside of adding a process here and there, so it works!
     

    How it Works

    • Active Discovery runs every 15 minutes and queries each device for all of its running processes.

    • The script pulls down the process.groupProcessesToMonitor and process.deviceProcessesToMonitor, and combines them with the universalProcesses to get a comprehensive list of processes for which to check devices.

    • The script indexes each running process by the configured regex, while also capturing the PIDs associated with all of the processes that are running

    • The script then combines the hrSWRunPath with the hrSWRunParameters to get the full process run string

    • The script then runs through each discovered process and uses a simple =~ to validate if any given process matches a process that is running on the device.

    • All discovered processes have a property associated with them that includes the PID in the property key, along with the run path of all matched processes.

    • PIDs which match the corresponding RegEx are added together, so that we can detect when a process restarts. This can be overridden by adding the exact same process regex to the 'process.universalProcessesRestartToIgnore' property

  • Stuart_Weenig's avatar
    Stuart_Weenig
    Icon for Mastermind rankMastermind
    3 years ago
    23 minutes ago, Austin Culbertson said:

    The script pulls down the process.groupProcessesToMonitor and process.deviceProcessesToMonitor, and combines them with the universalProcesses to get a comprehensive list of processes for which to check devices.

    Really like this mechanism!

  • John_Lockie's avatar
    John_Lockie
    3 years ago

    Very cool - thank you all so much!  We are building this out now :)/emoticons/smile@2x.png 2x" title=":)" width="20" /> will try to post back our solution.