Process Discovery RegEx

Srik1234 · July 30, 2020, 8:26pm

Team,

I am very new to use Check_MK tool to setup monitors to pull out all processes running on our Linux Server based on specific User.
From “Process Discovery” page, I had set rules as below.

Process Name: Test %u
Name of the User: Selected “Grab User from found processes”
Select “Default parameters for detected services”

When i checked details on one of the Host WATO Services tab, its not showing up all our process running with the user.

Also tried using “Process Matching” regular expressions, not able to obtain the expected result. Any help or guidance for the documentations to refer for setting up this?

Thanks
Srikanth

andreas-doehler · July 31, 2020, 5:44am

Can you provide a example what is found by the discovery with a specific user and how the real processes of this user looks like?

r.sander · July 31, 2020, 7:05am

Remove %u from the Service Description and you will get all processes in one service check.

Srik1234 · August 1, 2020, 9:15pm

Hi Andreas,

Please find below in details.
Initially this was set as below referring to sample PID and able to obtain alerts when its down or started back.

Regular Expression: /usr/tibco/./([a-z,A-Z,0-9])\s./(.)/(\2)-.
Process Name: %1 for Interface %2 – InstanceName %4

Alert Description (Result):
Process bwengine for Interface I-2107_TravelIntegration_BCD_DC-1 – InstanceName BCD_TravelIntegration_All_Timer_Pd_WC_B_222

Sample PID:
/usr/tibco/devsetb/bw/5.13/bin/bwengine --pid --run --propFile /usr/tibco/devsetb/tra/domain/tibdev07/application/I-2107_TravelIntegration_BCD_DC-1/I-2107_TravelIntegration_BCD_DC-1-BCD_TravelIntegration_All_Timer_Pd_WC_B_222.tra

But for the below (higher version of TIBCO process) is not getting monitored as expressions was not matching.

Sample Higher Version PID:
/usr/tibco/TIBCO6x/bw/6.4/domains/tibdev6x/appnodes/AS_MultiAppAS_WC/AN_tibdev6x_N8/bin/bwappnode-AN_tibdev6x_N8 --propFile /usr/tibco/TIBCO6x/bw/6.4/domains/tibdev6x/appnodes/AS_MultiAppAS_WC/AN_tibdev6x_N8/bin/bwappnode-AN_tibdev6x_N8.tra -config /usr/tibco/TIBCO6x/bw/6.4/domains/tibdev6x/appnodes/AS_MultiAppAS_WC/AN_tibdev6x_N8/config.ini

So adjust expressions to match both version of PIDs as below, but its not listing the processes due to issue with Process Name expression. Provided user friendly input under “Process Name” value, still no luck

/usr/tibco/./([a-z,A-Z,0-9])/(.*).

Then thought to monitor using User based rules.

Srik1234 · August 1, 2020, 9:16pm

Hi Sander,

Tried with that option, but it was given the result as below instead of each processes as individual to monitor (attached screenshot)

Srik1234 · August 1, 2020, 9:17pm

Rule Set as below

Looking to get results as each individual processes to monitor, but coming as single process which says its found 55 processes

Srik1234 · August 1, 2020, 9:20pm

RegEx rule set as below

system · September 1, 2020, 7:20am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.