Getting Data In

Process monitoring in Windows

Gowtham0809
New Member

Hi,

In our system, there will be multiple java.exe process will be running, we are in need for monitoring the cpu and memeory usage of all the java,exe process running.

I tried white listing in inputs.conf file it did not work. We do not need monitoring of other process in our windows server.

Is there any specific commands to be used in inputs,conf file to monitor only Java.exe running. or is there is any App to monitor Java Process. we could not configure JMX, as our Apache used is completely customized by our product owner and we could not edit further.

Thanks

0 Karma
1 Solution

inventsekar
SplunkTrust
SplunkTrust

please update us your inputs.conf file..
the other logfiles from this same host are getting indexed properly ah?

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !

View solution in original post

0 Karma

inventsekar
SplunkTrust
SplunkTrust

please update us your inputs.conf file..
the other logfiles from this same host are getting indexed properly ah?

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !
0 Karma

Gowtham0809
New Member

Hi,

I added
[WinHostMon://process]
type = process
interval = 60

this in my inputs.conf file this monitored all the process. then I white listed java.exe. but it didnt not work and still monitored all the process.

other logs in inputs.conf is working without any issues

Thanks,

0 Karma

inventsekar
SplunkTrust
SplunkTrust

looks like whitelisting (blacklisting as well) attribute does not apply to WinHostMon.
https://answers.splunk.com/answers/306764/why-are-all-services-still-being-indexed-even-with-1.html

maybe, check wmi
https://www.splunk.com/blog/2014/05/30/monitoring-windows-service-state-history.html

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !
0 Karma
Get Updates on the Splunk Community!

Leveraging Detections from the Splunk Threat Research Team & Cisco Talos

  Now On Demand  Stay ahead of today’s evolving threats with the combined power of the Splunk Threat Research ...

New in Splunk Observability Cloud: Automated Archiving for Unused Metrics

Automated Archival is a new capability within Metrics Management; which is a robust usage & cost optimization ...

Calling All Security Pros: Ready to Race Through Boston?

Hey Splunkers, .conf25 is heading to Boston and we’re kicking things off with something bold, competitive, and ...