The procinfo module allows you to monitor the details of specific processes. The modules cpustat, memstat, and proccount report globally on processes on the system. With procinfo, you can view the CPU, memory, runtime, and state (on non-Windows platforms) on desired processes. Processes can be specified by name (full or match), PID, parent PID, pidfile, parent pidfile, or user. If only one process matches the input, procinfo will report its name, CPU usage, memory usage, runtime, and state. Should multiple processes match the criteria, procinfo will give the number of processes, total CPU and memory usage, average runtime, and all process states.
On Linux, process information is collected through files in the "/proc" directory. Specifically, "/proc/meminfo", "/proc/uptime", "/proc/x/cmdline", and "/proc/x/stat" are used, where in the last two "x" represents the PIDs of processes on the machine.
On the Solaris OS, information is gathered through "/proc/x/psinfo" and "/proc/x/lwp", where "x" represents the PIDs of processes on the machine.
Windows 2000/XP/2003 uses the Performance Data Helper to gather all process information. Unfortunately this module is not available in Windows 9x/NT.
Procinfo can be configured to access any number of processes. Each entry is given a name, and some method of indentifying the specific process (or processes). These methods include specifying exact process names, partial matches of process names, a PID, a parent PID (PPID), pidfile, parent pidfile (ppidfile), or owning user (on non-Windows machines). Multiple forms of identification may be given to further specify an entry.
Windows users may input this information by accessing the Configuration tab for procinfo in the RSPD configuration dialog box (see Chapter 2).
In the RSPD config file, entries are specified in a manner similar to thresholds. Each entry is given a name, and then fields of the entry may be filled in by giving the name followed by a dot and then the field name. The following example should make this clear.
config { # Any process with "qmail" in the name name = qmail qmail.matches = qmail # Process must have "/usr/sbin/mysqld" as the exact name name = mysqld mysqld.equals = /usr/sbin/mysqld # The specific process whose parent PID is in the file name = sshd sshd.ppidfile = /var/run/sshd.pid # All processes with 921 as the parent PID name = children children.ppid = 921 # Process with jsmith as the owner and "perl" in the name name = smith_perl smith_perl.user = jsmith smith_perl.matches = perl } |
There are many ways of indentifying processes. If available, pidfiles are preferable to inputing specific PIDs as these PIDs may change if the program is restarted, whereas the name of the pidfile should remain constant. If multiple matching criteria are given, such as in the last example, all criteria must be true for a process to match.
Thresholds may be set on any of the defined process entries by specifying to their names. The thresholds may refer to any of the information gathered by procinfo.
All thresholds be compared to values with any of the basic logical operators (==, !=, <, >, <=, >=). CPU and memory usage are referred to by "cpu" and "mem", and may be compared to percent values. The number of matching processes is referred to as "count" and may be compared to a number with any basic logical operator. Runtime, referred to as "runtime", can be compared to lengths of time. Examples are "2 hours", "5 days, 2 hours, 2 minutes", "1 min". Finally, on non-Windows platforms, each process state may be compared against the number of matching processes with that state. The following states are allowed: unint_sleep, running, runnable, sleeping, stopped (also known as traced), paging, dead and zombie.
Here are some example thresholds:
# Example thresholds for procinfo thresh1.threshold = ProcInfo.sshd.mem > 10% thresh2.threshold = ProcInfo.qmail.count == 0 thresh3.threshold = ProcInfo.smith_perl.runtime > 3 days thresh4.threshold = ProcInfo.mysqld.dead > 0 OR ProcInfo.mysqld.zombie > 0 |