如何使用“Get-wmiObject”监视 Windows Java 进程

发布于 2024-12-11 03:29:17 字数 621 浏览 0 评论 0原文

我有一些 java 组件有时会死掉，我知道的唯一方法是当用户抱怨他们遇到错误时。

我在监控系统上所做的就是计算服务器上运行的 java 进程的数量。如果某个组件死亡，我会收到 java 阈值低于正常值的警报，然后我登录以找出哪个 java 组件死亡。它有效，但我认为它可以细化到哪个组件死亡并且能够远程启动java进程。

所以我的想法是编写一个从监控系统执行的Powershell脚本。我想我已经掌握了大部分“一行”，但需要更多帮助才能到达终点线，因为我认为这个脚本不需要详细说明。

到目前为止我所得到的是：

$theProcess = Get-WmiObject win32_process -Filter "name like '%java%'" | select commandLine

这个命令的输出给了我发送到JVM的所有参数，包括组件的名称，让我们调用组件“COMP_Number1”，通常有5个java组件进程在运行，所以名称组件的编号为“COMP_Number2”、“COMP_Number3”等。

我的问题是：给定 $theProcess 的输出，如何检查所有 java 进程以验证所有组件都在运行？如果没有，哪一个没有运行？

非常感谢！

原文

I have some java components that sometimes die and the only way I know is when a user compains they've gotten an error.

What I've done on our monitoring systems is count the amount of java processes running on the server. If a component dies, I get alerted that the java threshold is below normal and I log in to find out which one of the java components died. It works, but I think it could be refined to which component died and be able to start the java process remotely.

So what I was thinking is writing a Powershell script that is executed from the monitoring system. I think I have most of the 'one liner' but need a little more help getting me to the finish line, as I think this script doesn't need to be elaborate.

What I have so far is:

$theProcess = Get-WmiObject win32_process -Filter "name like '%java%'" | select commandLine

The output of this command gives me all the parameters sent to the JVM, including the name of the component, lets call the component "COMP_Number1", and usually there are 5 java component processes running, so the name of the components are "COMP_Number2", "COMP_Number3", and so on.

My question is: Given the output of $theProcess, how do I check all the java processes to validate that all of the components are running? And if not, which one is not running?

Much Appreciated!

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

御弟哥哥 2024-12-18 03:29:17

你可以这样做：

$components = @("COMP_Number1","COMP_Number2")
$theProcess | %{ 
    $p = $_
    $running = $components | ?{$p.commandline -match $_}
    $notrunning = $components | ?{ $running -notcontains $_ }
}

$notrunning

You can do something like this:

$components = @("COMP_Number1","COMP_Number2")
$theProcess | %{ 
    $p = $_
    $running = $components | ?{$p.commandline -match $_}
    $notrunning = $components | ?{ $running -notcontains $_ }
}

$notrunning

回复收藏 0 原文

甜味超标? 2024-12-18 03:29:17

如果您可以在服务器上使用 WMI，则可以使用 WMI 事件来检测已停止的进程。

Register-WMIEvent -Query "SELECT * FROM Win32_ProcessStopTrace WHERE ProcessName like 'notepad%'" -Action {Write-Host "kind of notepad process is died"; Write-Host $args}

在这里，您将检测到 notepad.exe 和 notepad++.exe。

您可以使用 Get-EventSubscriber 检索您订阅的事件，并使用 Unregister-Event 取消订阅。

脚本块被视为一项工作，因此请小心导入其中需要的所有模块。

脚本块接收两个参数：

1) System.Management.ManagementEventWatcher< /a>

2) System.Management.EventArrivedEventArgs

以下是 $args[1].newevent 的参数：

ExitStatus          Property   System.UInt32 ExitStatus {get;set;}
ParentProcessID     Property   System.UInt32 ParentProcessID {get;set;}
ProcessID           Property   System.UInt32 ProcessID {get;set;}
ProcessName         Property   System.String ProcessName {get;set;}
SECURITY_DESCRIPTOR Property   System.Byte[] SECURITY_DESCRIPTOR {get;set;}
SessionID           Property   System.UInt32 SessionID {get;set;}
Sid                 Property   System.Byte[] Sid {get;set;}

示例：

Register-WMIEvent -Query "SELECT * FROM Win32_ProcessStopTrace WHERE ProcessName like 'notepad%'" -Action {Write-Host "$($args[1].newevent.ProcessName) process is died"}

If you can use WMI on the the server you can use WMI events to detects the processes that are stopped.

Register-WMIEvent -Query "SELECT * FROM Win32_ProcessStopTrace WHERE ProcessName like 'notepad%'" -Action {Write-Host "kind of notepad process is died"; Write-Host $args}

Here you'll detect notepad.exe die and also notepad++.exe.

You can use Get-EventSubscriber to retreive events you suscribe to and Unregister-Event To unsuscribe.

The script block is considered as a job, so be carefull to import all the modules you need inside.

The script block receive two parameters :

1) System.Management.ManagementEventWatcher

2) System.Management.EventArrivedEventArgs

Here are the parameters of $args[1].newevent :

ExitStatus          Property   System.UInt32 ExitStatus {get;set;}
ParentProcessID     Property   System.UInt32 ParentProcessID {get;set;}
ProcessID           Property   System.UInt32 ProcessID {get;set;}
ProcessName         Property   System.String ProcessName {get;set;}
SECURITY_DESCRIPTOR Property   System.Byte[] SECURITY_DESCRIPTOR {get;set;}
SessionID           Property   System.UInt32 SessionID {get;set;}
Sid                 Property   System.Byte[] Sid {get;set;}

Exemple :

Register-WMIEvent -Query "SELECT * FROM Win32_ProcessStopTrace WHERE ProcessName like 'notepad%'" -Action {Write-Host "$($args[1].newevent.ProcessName) process is died"}

回复收藏 0 原文

凉城已无爱 2024-12-18 03:29:17

$components = @("COMP_Number1","COMP_Number2")
$running = @()
do {
   Get-WmiObject win32_process -Filter "name like '%java%'" | select commandLine | Foreach-Object {
      $running += ($_.commandLine -replace ".*(COMP_Number\d).*",'$1')
   }
   if ($running.Count -lt $components.Count) {
     Compare-Object ($running | Sort-Object) ($components | Sort-Object)
   }
   $running = @()
   Start-Sleep 50000
} until (1 -lt 0)

正则表达式肯定需要改进。您可以添加一些其他警告方法（电子邮件？），甚至尝试自动重新启动 if 语句中缺少的进程。

$components = @("COMP_Number1","COMP_Number2")
$running = @()
do {
   Get-WmiObject win32_process -Filter "name like '%java%'" | select commandLine | Foreach-Object {
      $running += ($_.commandLine -replace ".*(COMP_Number\d).*",'$1')
   }
   if ($running.Count -lt $components.Count) {
     Compare-Object ($running | Sort-Object) ($components | Sort-Object)
   }
   $running = @()
   Start-Sleep 50000
} until (1 -lt 0)

The regexp most certainly needs work on. You might add some other warning method (e-mail?) or even try to automatically restart the missing process in the if statement.

回复收藏 0 原文

~没有更多了~