Guest User

Untitled

a guest
Aug 13th, 2021
28
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.06 KB | None | 0 0
  1.  
  2. Hello
  3.  
  4.  
  5.  
  6. So, we have basic monitor Current Disk Queue Length (Logical Disk)
  7.  
  8.  
  9.  
  10. It is completely useless because there are no process list in alert (also 'pls see alert context for details in 2021' - but its another story)
  11.  
  12.  
  13.  
  14. I have some challenge to add process list to alert, but i dont want to change wmi datasource (DS1) to script datasource
  15.  
  16.  
  17.  
  18. Peace of code
  19.  
  20.  
  21.  
  22. <ConditionDetection TypeID="SystemPerf!System.Performance.ConsecutiveSamplesCondition" ID="CD1">
  23.  
  24. <Threshold>$Config/Threshold$</Threshold>
  25.  
  26. <Direction>$Config/Direction$</Direction>
  27.  
  28. </ConditionDetection>
  29.  
  30.  
  31.  
  32.  
  33.  
  34. <ConditionDetection TypeID="System!System.ExpressionFilter" ID="CDSufficientSamples">
  35.  
  36. <Expression>
  37.  
  38. <SimpleExpression>
  39.  
  40. <ValueExpression>
  41.  
  42. <XPathQuery Type="Double">Value</XPathQuery>
  43.  
  44. </ValueExpression>
  45.  
  46. <Operator>GreaterEqual</Operator>
  47.  
  48. <ValueExpression>
  49.  
  50. <Value Type="Double">$Config/NumSamples$</Value>
  51.  
  52. </ValueExpression>
  53.  
  54. </SimpleExpression>
  55.  
  56. </Expression>
  57.  
  58. </ConditionDetection>
  59.  
  60.  
  61.  
  62. <ConditionDetection TypeID="System!System.ExpressionFilter" ID="CDInSufficientSamples">
  63.  
  64. <Expression>
  65.  
  66. <SimpleExpression>
  67.  
  68. <ValueExpression>
  69.  
  70. <XPathQuery Type="Double">Value</XPathQuery>
  71.  
  72. </ValueExpression>
  73.  
  74. <Operator>Less</Operator>
  75.  
  76. <ValueExpression>
  77.  
  78. <Value Type="Double">$Config/NumSamples$</Value>
  79.  
  80. </ValueExpression>
  81.  
  82. </SimpleExpression>
  83.  
  84. </Expression>
  85.  
  86. </ConditionDetection>
  87.  
  88. </MemberModules>
  89.  
  90.  
  91.  
  92.  
  93.  
  94. <RegularDetections>
  95.  
  96. <RegularDetection MonitorTypeStateID="ConditionTrue"> <!--error-->
  97.  
  98. <Node ID="CDSufficientSamples">
  99.  
  100. <Node ID="CD1">
  101.  
  102. <Node ID="DS1" />
  103.  
  104. </Node>
  105.  
  106. </Node>
  107.  
  108. </RegularDetection>
  109.  
  110. <RegularDetection MonitorTypeStateID="ConditionFalse">
  111.  
  112. <Node ID="CDInSufficientSamples">
  113.  
  114. <Node ID="CD1">
  115.  
  116. <Node ID="DS1" />
  117.  
  118. </Node>
  119.  
  120. </Node>
  121.  
  122. </RegularDetection>
  123.  
  124. </RegularDetections>
  125.  
  126.  
  127.  
  128. Is it good idea to add something like Microsoft.Windows.PowerShellPropertyBagProbe after CDSufficientSamples ? Like that:
  129.  
  130.  
  131.  
  132.  
  133. ​<Node ID="PSDS">
  134.  
  135. <Node ID="CDSufficientSamples">
  136.  
  137. <Node ID="CD1">
  138.  
  139. <Node ID="DS1"/>
  140.  
  141. </Node>
  142.  
  143. </Node>
  144.  
  145. </Node>
  146.  
  147.  
  148.  
  149.  
  150.  
  151.  
  152.  
  153. Or only good way is do use script datasource instead of wmi ?
Add Comment
Please, Sign In to add comment