Monitor a process including the arguments (note the flag value) and create a managed Object: Class=notepad, Instance=bad, Attribute=alive, state=severity
watch process procAlive 'notepad.*bad.*' 122 0x800 30 absolute nop 0 'Description: procAlive(notepad)' '''notepad' ‘bad’ 'alive' 'minor'
Create a procgroup to monitor properties for a group of processes. Attributes (like RSS=Real memory Resident Set) of that proggroup can then be monitored like any other oid with a monitor directive.
watch procgroup 'svchost' 222 0x0 30 'Descr: procgroup(svchost)' '' monitor processGroupMonEntry svchost pgmonRSS 20 0x0 60 absolute > 15000 'Descr: procgroup svchost' '' ProcHealth svchost pgmonRSS critical
|
Copyright © 2013 CA.
All rights reserved.
|
|