How to implement dynamic multi-process monitoring using ACC and a custom configuration table?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
Problem Statement:
We have a requirement to build a dynamic, data-driven process monitoring solution for a large fleet of Linux servers using Agent Client Collector (ACC). We want to manage all of our monitoring configurations from a centralized custom table inside ServiceNow, but we are completely new to this type of implementation and need architectural guidance on the best way to set it up.
We have a requirement to build a dynamic, data-driven process monitoring solution for a large fleet of Linux servers using Agent Client Collector (ACC). We want to manage all of our monitoring configurations from a centralized custom table inside ServiceNow, but we are completely new to this type of implementation and need architectural guidance on the best way to set it up.
Our Scenario:
We want to create a custom table (e.g., process monitoring inventory) where our team can easily add, remove, or toggle processes that need to be monitored. Each row in this table will look something like this:
We want to create a custom table (e.g., process monitoring inventory) where our team can easily add, remove, or toggle processes that need to be monitored. Each row in this table will look something like this:
- Process Name: (e.g., sshd, serverprocess2)
- User Context: (e.g., root, splunk, or "any")
- Target CI: (Can be left blank for a global fleet-wide rule, or linked to a specific Linux server CI for targeted monitoring)
- Target Severity: (Warning, Minor, Major, Critical)
- Alert Toggle: (True/False)
The Goal:
We want ACC to automatically look at this custom table, determine which processes apply to which Linux server, and check if those processes are running under the correct user.
Need Help:
We want ACC to automatically look at this custom table, determine which processes apply to which Linux server, and check if those processes are running under the correct user.
Need Help:
Specifically, we are looking for the best-practice implementation steps to answer these three core questions:
- Server-Wise Data Fetching: How do we query our custom table and feed that data into an ACC Check Definition so that each Linux server only receives the specific process monitoring list assigned to it (supporting both global rules and server-specific CI overrides)?
- Passing Input to the Endpoint Script: What is the supported method to take this filtered table data and pass it as an input parameter into our server-side plugin/shell script so the agent can accurately check the running process availability and counts?
- Process-Wise Event Generation: Once the script runs on the endpoint, how should it format and return its output to ServiceNow so that Event Management can automatically parse the payload and generate separate, individual events for each monitored process?
0 REPLIES 0
