Monitoring which user is running a service/process

Aaron Segura Aaron.Segura at cabelas.com
Fri Oct 10 16:28:55 CEST 2008

Previous message: Monitoring which user is running a service/process
Next message: Monitoring which user is running a service/process
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Yes.  Note the '-u' option.

 

$ ./check_procs -h

check_procs (nagios-plugins 1.4.2) 1.46

Copyright (c) 1999 Ethan Galstad <nagios at nagios.org>Copyright (c)
2000-2004 Nagios Plugin Development Team

      <nagiosplug-devel at lists.sourceforge.net>

 

Checks all processes and generates WARNING or CRITICAL states if the
specified

metric is outside the required threshold ranges. The metric defaults to
number

of processes.  Search filters can be applied to limit the processes to
check.

 

Usage: check_procs -w <range> -c <range> [-m metric] [-s state] [-p
ppid]

                  [-u user] [-r rss] [-z vsz] [-P %cpu] [-a
argument-array]

                  [-C command] [-t timeout] [-v]

 

Required Arguments:

 -w, --warning=RANGE

   Generate warning state if metric is outside this range

 -c, --critical=RANGE

   Generate critical state if metric is outside this range

 

Optional Arguments:

 -m, --metric=TYPE

   Check thresholds against metric. Valid types:

   PROCS   - number of processes (default)

   VSZ     - virtual memory size

   RSS     - resident set memory size

   CPU     - percentage cpu

   ELAPSED - time elapsed in seconds

 -t, --timeout=INTEGER

    Seconds before connection times out (default: 10)

 -v, --verbose

   Extra information. Up to 3 verbosity levels

 

Optional Filters:

 -s, --state=STATUSFLAGS

   Only scan for processes that have, in the output of `ps`, one or

   more of the status flags you specify (for example R, Z, S, RS,

   RSZDT, plus others based on the output of your 'ps' command).

 -p, --ppid=PPID

   Only scan for children of the parent process ID indicated.

 -z, --vsz=VSZ

   Only scan for processes with vsz higher than indicated.

 -r, --rss=RSS

   Only scan for processes with rss higher than indicated.

 -P, --pcpu=PCPU

   Only scan for processes with pcpu higher than indicated.

 -u, --user=USER

   Only scan for processes with user name or ID indicated.

 -a, --argument-array=STRING

   Only scan for processes with args that contain STRING.

 -C, --command=COMMAND

   Only scan for exact matches of COMMAND (without path).

 

RANGEs are specified 'min:max' or 'min:' or ':max' (or 'max'). If

specified 'max:min', a warning status will be generated if the

count is inside the specified range

 

This plugin checks the number of currently running processes and

generates WARNING or CRITICAL states if the process count is outside

the specified threshold ranges. The process count can be filtered by

process owner, parent process PID, current state (e.g., 'Z'), or may

be the total number of running processes

 

Examples:

 check_procs -w 2:2 -c 2:1024 -C portsentry

   Warning if not two processes with command name portsentry. Critical

   if < 2 or > 1024 processes

 

 check_procs -w 10 -a '/usr/local/bin/perl' -u root

   Warning alert if > 10 processes with command arguments containing 

   '/usr/local/bin/perl' and owned by root

 

 check_procs -w 50000 -c 100000 --metric=VSZ

   Alert if vsz of any processes over 50K or 100K

 check_procs -w 10 -c 20 --metric=CPU

   Alert if cpu of any processes over 10% or 20%

________________________________

From: Kenneth Holter [mailto:kenneho.ndu at gmail.com] 
Sent: Friday, October 10, 2008 8:18 AM
To: nagios-users at lists.sourceforge.net
Subject: [Nagios-users] Monitoring which user is running a
service/process

 

Hello all.

 

 

I have some processes that are meant to be run by user A, but are often
(for some human error reason) run by the root user. Is there a way to
set up Nagios to alert me whenever this happens?

 

 

Regards,

Kenneth Holter

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20081010/cb028430/attachment.html>
-------------- next part --------------
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: Monitoring which user is running a service/process
Next message: Monitoring which user is running a service/process
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list