This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.
PATROL for Linux
Linux KM versions: 1.2.00.xx
When using the Linux KM ‘Exclude filesystem’ feature on machine with 1000’s of filesystems (like Docker) the filtering might not work as expected.
As a result of that the Linux KM will create 1000’s of Filesystem monitoring instances and it will probably hang the PATROL agent or even break the connection between TSIM to PATROL agent, that will require restart of TSIM/TSPS.
1. Add the followings 2 pconfig variables:
/NUK/NUK_FileSystem_Container/moniList = DELETE
/NUK/NUK_FileSystem_Container/filterList = DELETE
2. Set explicitly the pconfig variable /AgentSetup/NUK_FileSystem.filterList with the regex(s) of all filesystems you would like to exclude from being monitoring.
For example, if you want to exclude all /var/lib/docker and /dev filesystems then you need to set it as followed:
/AgentSetup/NUK_FileSystem.filterList = var.lib.docker.*,^dev.*
Note that the ‘/’ (slash) will need to be replaced with a ‘.’ (dot) in regex.
For example, the regex for /var/lib/docker is var.lib.docker.*
Another example, if you want to exclude all the following filesystems:
You would set it as follows:
/AgentSetup/NUK_FileSystem.filterList = var.lib.docker.*,^dev.*, ^sys.*, var.lib.kubelet.*
Each regex needs to be separated by a ‘,’ (comma)
3. Configure the TSPS policy to monitor *ALL* filesystems. See below screenshot.
The recommendation is to do all the above 3 steps in the same Monitoring Policy to be applied at the same time.