Status of stopped process

holiveira · April 16, 2019, 12:17pm

how to capture the status of the process when it is stopped? I only have the status when it is running.

Metricbeat 7.0.0 (Windows Server 2008 R2)
Elasticsearch 7.0.0 (Ubuntu Server 18.04 LTS)

jsoriano · April 16, 2019, 5:27pm

Hi @holiveira and welcome to discuss

Metricbeat only collects information from things that are there, it cannot monitor things that are not there. For processes it only gets information from running processes, as top would do. It can at some moments get a process in stopped state if it has just been stopped but is still in the process table, but this is quite rare.

If you don't want to miss that a process has stopped, you can use the Auditbeat system module, that sends events when processes start or stop.

holiveira · April 16, 2019, 5:40pm

Hmmm, right. Thanks for the feedback.

system · May 14, 2019, 5:40pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Monitoring process status Beats metricbeat , heartbeat	4	437	August 19, 2022
Event stopped process Beats auditbeat	5	610	June 26, 2019
Monitor if a process is running or stopped Beats metricbeat	2	480	January 16, 2022
Why metricbeat data showing process state as sleeping Beats metricbeat	2	923	June 16, 2020
Are we able to monitor if a process is running or not using metricbeat? Beats metricbeat	2	317	February 21, 2019

Status of stopped process

Related topics