Monday, April 28, 2014

Powershell Script to Get the Current Count of Windows Processes with the Same Name



Along with my colleagues, I have the privilege of serving many different technical roles at my place of employment. One of the most interesting and uniquely gratifying roles I serve is being one of the "the app monitoring guys" or "the SolarWinds guys". Since I literally wrote the book on SolarWinds Orion NPM it seems suiting that I wear that hat. Like thousands of other organizations, we use SolarWinds SAM to monitor a wide array of infrastructure and business applications. Recently we ran into a snag with trying to monitor one of our more critical apps, so I'd like to share how\what we did to resolve that problem using Windows Powershell....

One of our critical applications runs for a few hours each day starting at 6am then closes on its own anywhere from 10am or 4pm or even 2am the next day. When the application process finishes and closes depends on the day the application is launched - some days have more data to process than the others. In addition, there cannot be more than one instance of this application running at one time or the 4 or 10 or 24 hour process will have to start all over (which will delay some of our core business units' daily numbers). This poses a unique problem when trying to monitor this application in SolarWinds SAM.

Here is the biggest limitation of any application monitoring solution --- SAM expects an application to always be up\running in order for the alerts to properly work and also to show if the application is up\down on the web dashboard. This isn't only the default way SolarWinds SAM monitors applications, it is by design. Unfortunately there isn't an out-of-the-box solution for monitoring applications "intermittently". To be perfectly honest, I'm not surprised that SolarWinds SAM would include such a feature out-of-the-box. I mean, why the heck would you want to monitor an application only "part of the time" anyways? Trying to set up a proper alert for an intermittent application would be troublesome if not impossible. But this is just what I need to do with this specific business application. Also, I needed to monitor if there are more than one instance of the application running on the server. The default app monitors in SAM just won't suit my needs here. Instead, what I needed to do was utilize the feature in SAM where I can create my own custom app monitor using a script. And Windows Powershell does the job nicely.

I created a Windows Powershell script that finds out how many instances of the application's Windows process is running at the same time returns the value in the variable $stat, only if the process is running. Here is a copy of the script text:

# Change 'Notepad' to the process name of your liking. Remember to include the single quotes.
$processname = 'Notepad'
$process = Get-Process $processname -ErrorAction silentlycontinue

if ($process)
{
   $count = @($process).Count
    $msg = "$count instances of $processname running."
    $stat = $count  
}

else
{
  $msg = "$processname is not running."
  $stat = 0
}
Write-Host $msg
Write-Host "Statistic: $stat"


The script is simple but powerful. First, the script determines if the process name 'Notepad' (defined in $processname) is running at all. If it is, then it will find out the current instance count and store it in the variable $stat. If the process is not running, then $stat will equal a numeric '0'. Finally, we write the message information and statistic information to the screen. The message ($msg variable) is just for SolarWinds SAM use - it is something to display in the dashboard instead of leaving a big question mark on the app monitor details view. The $stat variable is the important one since this is the numeric value needed by SAM. We set the threshold to '1' in the SAM settings for this monitor. When the threshold is reached an alert will be generated in SolarWinds. Bada boom bada bing.

This monitor works great for us since it helps us utilize SAM without circumventing the way it works. The script monitor is in 'good' status (or 'green' status) when the value is 0 or 1, which is exactly what we expect because either the application is not running at the time the script is executed or there should only be one instance of the process running. We only want to know if there are 2 or more instances of the process running on the computer - nothing else. We have to use a different application monitor in SAM to find out if this 6am process did not execute when we needed it to, so I'm not concerned about including that information here at this time :)

This script can be used not only in SolarWinds SAM, but your own custom solutions or projects. It is designed to be extremely easy to modify. The only thing you have to change is the $processname! Just change ‘Notepad’ to some other process name!

If you find this Powershell script useful I'd love to know how you use it in your own environment. Or if you modified the script I'd love to hear what you did with it.

I hope this helps you create a solution in your own environment.

- Joe