You may have the situation that you wanna monitor processes on a windows host. For example a process like e.g. winlogon,exe
This kbase article explains a very simple usecase where you want to get notified whenever this process is gone/crashed/disappeared.
Configuration
- Open the Windows Host in GL and click on Load Counter (make sure you have assigned the right Authentication Profile)
- drag'n'drop the Process Category to the right and save/close
- create a Performance Counter Sensor and assign the correct host
- leave the Settings
- Add an action and copy/paste the following condition string
${str:contains(result.details,'greenlight.perfcounter.counter.process(winlogon).elapsed_time')==false}
whenever the process is gone, this perfcounter key does not exist anylonger → this condition becomes true ad fires off the notification
- Add a notification text
for instance:
Winlogon Process on ${gl:commonName(config.nodeDefinition.name)} is NOT running!
save/close
DONE
Conclusion
from now on you get notified whenever the winlogon process is gone 