Overview

The SNMP Process Event Monitor uses the SNMP protocol to connect to network devices and retrieve data about the processes that are running on them. Note that not all SNMP devices make this information available. For some devices, it may be available but inaccessible by default. You may need to make configuration changes to your SNMP equipment to make it available. Windows and Linux systems typically make process data available when SNMP support has been enabled.

Use Cases

• Detecting when specific processes are running
• Detecting stopped processes

Monitoring Options

This event monitor provides the following options:

SNMP Version

Select the SNMP version that will be used to collect the inventory data. The best version to use will depend on how your network devices have been configured. Most devices support SNMPv1, but some may require SNMPv2 or SNMPv3.

Community

Enter the SNMP community string that will be used to connect. The community string is equivalent to a password. The default community string for read-only access is "public" so use this value if you are unsure of what community string your devices are configured to use. The community string is only required for SNMPv1 and SNMPv2c connections. SNMPv3 uses different authentication parameters.

Port Number

The standard port number for SNMP requests is 161. If your devices have been configured to use a different port, you can specify it here.

Timeout

The timeout tells the event monitor how long to wait for a response. The default value is best for almost all situations, but you can increase or decrease it if you choose.

Retries

Since SNMP runs on UDP, packet delivery and response are not guaranteed. For this reason it is good practice to tell the event monitor to retry one or more times if it does not receive a response.

Username (SNMPv3 Only)

Specify the user name that will be used when connecting to the network device. This is a required value for the SNMPv3 protocol.

Context (SNMPv3 Only)

In rare cases a context string is required to establish the SNMPv3 connection. If required by your devices, enter it here. This value is optional.

Security Level (SNMPv3 Only)

SNMPv3 connections can support both authentication and privacy. Authentication means that a valid passphrase must be supplied, or the SNMP unit will not accept the connection. Privacy means that the connection to the SNMP device must be encrypted, otherwise the device will not accept it. Both are optional. If your devices do not require either, select noAuthNoPriv. If you devices require authentication but not privacy, select authNoPriv. If your devices require both authentication and privacy, select authPriv.

Auth. Protocol Level (SNMPv3 Only)

If authNoPriv or authPriv is selected for the security level, you must specify the authentication protocol for the connection. Supported values are MD5, SHA, SHA-224, SHA-256, SHA-384 and SHA-512. Consult the documentation and configuration of your network devices to determine which protocol they support.

Auth. Passphrase (SNMPv3 Only)

Enter the authentication passphrase that your SNMP devices have been configured to accept. This value is required when authNoPriv or authPriv is selected for the security level.

Privacy Protocol (SNMPv3 Only)

If authPriv is selected for the security level, the privacy protocol must be selected. The supported values are DES and AES.

Priv. Passphrase (SNMPv3 Only)

Enter the privacy passphrase that your SNMP devices have been configured to accept. This value is required when authPriv is selected for the security level.

Alert with [Info/Warning/Error/Critical] if specified processes are found to be running

Use this option to get alerts if the event monitor detects that any specified processes are running. Enter the process names that you want to check for. If you're not sure what values to use, leave this field blank and run the event monitor once. Check the resulting event history record to see the names of the processes detected so that you can use the exact same values.

Alert with [Info/Warning/Error/Critical] if specified processes are not running

Use this option to get alerts if the event monitor detects that any specified processes are not running. Enter the process names that you want to check for. If you're not sure what values to use, leave this field blank and run the event monitor once. Check the resulting event history record to see the names of the processes detected so that you can use the exact same values.

Authentication and Security

For SNMPv1 and SNMPv2c, a community string for the device being monitored is required. For SNMPv3, a username and other SNMPv3 parameters are required.

Protocols

Data Points

This event monitor generates the following data points:

Data Point	Description
Process Count	The number of processes detected.

Sample Output

Tutorial

To view the tutorial for this event monitor, click here.