1 Reply Latest reply on Jan 11, 2018 8:58 AM by Michael Evans

    Best method to execute linux script on remote server with Patrol, triggered by TSIM event

    Roberto Barnes



      We have a TSOM 10.5. Our server admins are asking us to execute remediation scripts based on specific events (clear log directory on filesystem full events, restart service on application failure events, trigger Oracle DB table truncation on tablespace full events etc.).


      What would be the recommended method to perform this while using TSOM 10.5? Is it possible to have the Patrol agent execute the script or is using a TSIM remote action the solution? Any other alternatives?




        • 1. Re: Best method to execute linux script on remote server with Patrol, triggered by TSIM event
          Michael Evans

          Folks –

          we use ONLY policies in TSOM - so we worked with BMC to translate the old Patrol Console methods to Policy methods.


          Using the attached general description doc I’ve created a policy that will execute an Agent Action when a threshold is triggered.

          see https://docs.bmc.com/docs/display/public/esgkm2900/Enabling+PATROL+KM+for+Event+Management+Recovery+Actions for more


          Policy  example

          Monitoring - System_Kernel Agent Actions

          Agent Actions (via Configuration Variables) triggers an action when System_Kernel > 15%


          Below are 4 configuration rules that are placed into the Configuration Variables section of the Policy





          • This tuning variable rule value gives the information of Ranges / threshold on PROCPrivTimePercent  parameters


          1, 1, -1, 1, 0.000000, 100.000000, OK, 1, 0.000000, 14.999999, OK, 1, 15.000000, 100.000000, ALARM, 0, 0, 1, 1, 1, 1, EOD









          <Single line to execute; i.e. script file or single command>






          Usage notes

          • This requires the Event Management KM to be installed. 
            • It is NOT installed by default (in our environment) but can be quickly pushed from TSPS as needed
            • you can run a Patrol Agent Solutions report from TSPS to confirm if it is deployed to the target in question.
          • The threshold is an Agent Side threshold created by policy Configuration Variables.  All of our normal thresholds are Server Side.
          • To identify the Monitor/Parameter/Value we can use the Patrol Console and load a graph which will show the path needed to add to the Tuning and  EVENTSPRING config variables
            • Note the alarm ranges on the graph as created by the ___TUNING___ variable applied (see below)
            • PatrolConsoleGraph.png
          • The Parameter can be tested via the Agent Query window (in TSPS > Managed Devices)
            • Run the command     %PSL set("NT_PROCESS/SYSTEM_KERNEL/PROCPrivTimePercent /value" ,20);
          • Test the script carefully before deploying.   If you are running a .bat or .exe or .sh then it needs to exist on the target.
            • WARNING: the command line execution automatically includes additional parameters at the end of the command line: <Instance Name> <Parameter> <Value> <Severity>
              • e.g. "SYSTEM_KERNEL" PROCPrivTimePercent 60 ALARM"
            • full command line as captured by Procmon on the target windows server
              • Command line: cmd.exe /C cmd.exe /x /c "[your command here]" "0" "SYSTEM_KERNEL" PROCPrivTimePercent 60 ALARM"



          Hope that helps!