This KB Article describes how to generate alarms using a logmon profile configured to use command mode, only if the command result exceeds the configured threshold for a defined logmon variable, e.g., in this case when a numeric value (the result of the command) is greater than or equal to the value. Moreover, the result of the command (the value) may differ.
Via the Infrastructure Manager (IM), open the logmon probe GUI
Right-click and select new to create a new logmon profile
Fill-in the profile settings shown below:
mode: commandcount=0;for pid in `ps -ef | grep root | grep -v grep | awk '{print $2}'` ; do let count=$count+`ls /proc/${pid}/fd | wc -l` ; done ; echo $count
Select Watcher Rules tab
Create a new rule, and select the standard tab
Fill-in the settings shown below:
Match expression: /^(?:[1-9]|\d\d\d*)$/In the Watcher rule, select the Variables tab and rt-click to create a new entry
Select the Variable settings that work with your command
Note: make sure to set the Expected value, as the condition here is the expected value, and the alarm will only be generated when the command output is outside the expected value or value range, <= >=, =