NetXMS Support Forum

I need to monitor a java process on some Windows hosts with the NetXMS Agent installed and running. The regular Process.Count and Process.CountEx only work for the process name, which is "java". This is not enough for my needs, since I need to make sure that java is run with certain arguments.

In linux, I would simply to a ps aux | grep <Java class or jar name> | wc -l which works for all user permissions.

I'm not very familiar with neither Windows nor Powershell, but I did manage to construct this one-liner for doing (sort of) the same thing:

(WMIC path win32_process get Commandline | select-string <Java class name>).Matches.count

This command returns the number of matches, or null if none were found.

This works when I manually start a powershell with elevated permissions. It does not work through an ExternalParameter in the Agent though. When querying in the DCI config it returns "" even when the process is running. Is this because powershell commands are not run with elevated privileges? The agent itself is run elevated as far as I know.

The full external parameter line in the config looks like this:
ExternalParameter = ProcMon.SymmetricLauncher:powershell -Command "& {(WMIC path win32_process get Commandline | select-string <Java class name>).Matches.count}"

I also tried ExternalParameterShellExec, but it didn't work either.

Are there any simple solutions to my problem?

I see now in the docs that CountEx should be able to match the command line as well. It does not work for me unfortunately.

Process.CountEx(java, <Java class name>) still returns 0. Is there some subtle feature here that I'm missing?

NetXMS agent version is 2.0.6. Agent is running on a Windows 7 host.
NetXMS server version is 2.0.3.

Hi,

just tested in on Windows - works as expected. Please provide exact details - process name and command line and how you specify Process.CountEx parameter.

Best regards,
Victor

Quote from: Victor Kirhenshtein on January 24, 2017, 08:17:28 PM
Hi,

just tested in on Windows - works as expected. Please provide exact details - process name and command line and how you specify Process.CountEx parameter.

Best regards,
Victor

Thanks for your reply.

There are two Java processes running on the agent host.

The process I need to monitor has a long command line (700+ chars), mostly consisting of class path declarations and jvm arguments. I can't give the exact details, but it looks basically like this:

"java" -cp "C:\SomePath1\;C:\SomePath2\;C:\SomePath3" -DsomeJvmArg1=someValue1 -DsomeJvmArg2=someValue2 com.domain.package.ClassName --someArg someValue

The above is what comes up when I run the PowerShell command
WMIC path win32_process get Commandline | select-string ClassName

Process.CountEx(java) returns "2" as expected.

Process.CountEx(java,ClassName) returns "0". I understand this might be because the command line is longer than the MAX_PATH defined in the source code? Since ClassName appears at the end of the long command line.

However:

Process.CountEx(java, SomePath1) also returns 0. As does any attempt to match on anything at the beginning of the command line.

The Windows host seems to be a 32 bit system.

Remember that second argument is regular expression, so certain characters have special meaning. For example, \ is an escape character, so to match it you should specify it as \\. As for class name you're probably right - agent extracts only first 255 characters of process command line. I'll fix that in next release.

Best regards,
Victor

Quote from: Victor Kirhenshtein on January 25, 2017, 10:07:57 AM
Remember that second argument is regular expression, so certain characters have special meaning. For example, \ is an escape character, so to match it you should specify it as \\. As for class name you're probably right - agent extracts only first 255 characters of process command line. I'll fix that in next release.

Best regards,
Victor

Thank you. I have not used any special characters in the second argument.

I just did some testing. The class path of one of the java processes contains the word "symmetric".

Process.CountEx(java) returns 2 as expected.
Process.CountEx(java,symmetric) returns 0.
Process.CountEx(java,s) returns 1, even though the character "s" is present in the command line of both java processes.
Process.CountEx(java,sy) returns 0.
Process.CountEx(java,.) returns 1.

Process.CountEx(java,_) returns 1 even though _ is not present in either command line.

It seems no matter what I put as matching pattern, CountEx returns 0 if the pattern is longer than one character (other than regex special chars), and 1 if the pattern is one character.

Any ideas?

Quote from: Victor Kirhenshtein on January 24, 2017, 08:17:28 PM
just tested in on Windows - works as expected.

I did some further testing on different nodes. Process.CountEx works as expected on Windows 8.1 Pro, but not on Windows 7 Home Premium (don't ask, not my system design  ).

Is the Windows subagent supposed to be generic, or do you have a specific version subset that is supported?

It is supposed to be generic. I'll check it on Windows 7.

Best regards,
Victor