|Version 15 (modified by broken, 4 years ago) (diff)|
This check checks the state of one or more processes on the system and generates a critical state if any process is not in the required state.
|match=(strings|substr|regexp)||Specifies if the supplied value must match the actual process name or command line exactly (strings, the default), must match a part of the actual value (substr), or if it should be matched as a regular expression.|
|cmdLine||If present, the process name specified is compared to the entire command line. By default it is matched to the process name only.|
|ShowAll||A flag to toggle if all process states should be listed.|
|ShowFail?||(default)||A flag to indicate if only failed process states should be listed.|
|process=state||A process name and a state the process should have. The state can be either started or stopped. If no state is given started is assumed. The name is the name of the executable.|
|Alias||alias||Give a process an alias|
|ignore-perf-data||If present performance data will be stripped out|
|Proc:<alias>=<state>||A process name and a state the process should have.|
|(Max|Min)(Warn|Crit)Count||number||Process count bounds For instance: MaxCritCount?=4 means if a process has more then 4 instances it will be a critical condition.|
The commands given in the examples below should be edited (for your own needs) and copied to the nsc.ini file (comes with installation and can be found in the monitored machine, aka the client) under section [External Alias].
Please remember that for each external alias there's a command declared (under NSCA command or NRPE command sections – depends what you're working with) that uses the external alias declared.
The command also need to have identical name to the value defined for that service check in the Nagios linux server (usually windows.cfg file and service_description field in define Service block).
Let's start with a simple one – check that a file named NameOfMonitoredFileReplaceWithYours?.exe is running (aka in started state in the windows machine).
In the [External Alias] section in the nsc.ini file there's an alias that looks like this:
so we will leave it and we just have to supply it with our file name as an argument.
We will need to add the following line to the command section (NRPE command section if that's what you are working with).
NSCA is all client side, so if you're working with NSCA you cant use arguments and probably the following line (without the alias section) will be good for you: Check Process=CheckProcState NameOfMonitoredFileReplaceWithYours?.exe=started
again, Check Process is the name declared in Nagios server and it has to be the same.
For other options and more complicated ones:
Check that quake.exe is not running and NSClient++.exe is running:
checkProcState ShowAll quake.exe=stopped NSClient++.exe=started quake.exe : Stopped - NSClient++.exe : Running
Check that quake.exe is not running and my.exe and NSClient++.exe is running and only show problems:
checkProcState my.exe quake.exe=stopped NSClient++.exe=started my.exe : Stopped checkProcState MinCritCount=50 svchost.exe=started
Check that cmd.exe with substring printloop in commandline is running:
NSClient++ /test checkProcState match=regexp cmdLine ShowAll .*cmd.*printloop.*=started
Check if there's any notepad.exe running. OK if there's none, warn if there's 3, critical when there's 10:
CheckProcState MaxWarnCount=3 MaxCritCount=10 ShowAll notepad.exe=running