Tivoli Monitoring: UNIX OS Agent


Version 6.1.0

User’s Guide

SC32-9446-00
 Tivoli Monitoring: UNIX OS Agent
®


Version 6.1.0

User’s Guide

SC32-9446-00
 Note
Before using this information and the product it supports, read the information in Appendix H, “Notices,” on page 125.

First Edition (November 2005)

This edition applies to version 6.1 of IBM Tivoli Monitoring: UNIX OS Agent (product number 5724–C04) and to all
subsequent releases and modifications until otherwise indicated in new editions.
© Copyright International Business Machines Corporation 2005. All rights reserved.
US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract
with IBM Corp.
Contents
Tables . . . . . . . . . . . . . . . v About attributes . . . . . . . . . . . . . 21
More information about attributes . . . . . . . 21
About this guide . . . . . . . . . . vii Attribute groups and attributes for the Monitoring
Agent for UNIX OS. . . . . . . . . . . . 22
Who should read this guide . . . . . . . . . vii
Disk Information attributes [UNIXDISK]. . . . 22
What this guide contains . . . . . . . . . . vii
Disk Performance attributes [UNIXDPERF] . . . 23
Publications . . . . . . . . . . . . . . viii
File Information attributes [FILEINFO] . . . . 24
Prerequisite publications . . . . . . . . . viii
Network attributes [UNIXNET] . . . . . . . 26
Related publications . . . . . . . . . . ix
NFS and RPC Statistics attributes [UNIXNFS] . . 30
Accessing terminology online . . . . . . . ix
Process attributes [UNIXPS] . . . . . . . . 36
Accessing publications online . . . . . . . ix
SMP CPU attributes [UNIXCPU] . . . . . . 42
Ordering publications . . . . . . . . . . ix
System attributes [UNIXOS] . . . . . . . . 45
Accessibility . . . . . . . . . . . . . . x
User attributes [UNIXUSER] . . . . . . . . 51
Tivoli technical training . . . . . . . . . . . x
Disk capacity planning for historical data . . . . 51
Support information . . . . . . . . . . . . x
Conventions used in this guide . . . . . . . . x
Typeface conventions . . . . . . . . . . x Chapter 6. Situations reference . . . . 55
Operating system-dependent variables and paths xi About situations . . . . . . . . . . . . . 55
More information about situations . . . . . . . 56
Chapter 1. Overview of the Monitoring Predefined situations . . . . . . . . . . . 56
Disk Usage workspace situations . . . . . . 57
Agent for UNIX OS . . . . . . . . . . 1 File Information workspace situation . . . . . 58
IBM Tivoli Monitoring overview . . . . . . . . 1 Network workspace situations . . . . . . . 58
Features of the Monitoring Agent for UNIX OS . . . 1 NFS Activity workspace situation . . . . . . 58
Monitoring Agent for UNIX OS components . . . . 2 Process workspace situation . . . . . . . . 59
User interface options . . . . . . . . . . . 2 System Information workspace situations . . . 60

Chapter 2. Requirements for the Chapter 7. Take Action commands

monitoring agent . . . . . . . . . . . 5 reference . . . . . . . . . . . . . . 63
About Take Action commands . . . . . . . . 63
Chapter 3. How to use the Monitoring More information about Take Action commands . . 63
Agent for UNIX OS . . . . . . . . . . 7 Predefined Take Action commands . . . . . . 63
View real-time data about UNIX . . . . . . . . 7 Sample_kill_Process action . . . . . . . . 64
Investigate an event . . . . . . . . . . . . 8
Recover the operation of a resource . . . . . . . 8 Chapter 8. Policies reference . . . . . 65
Customize your monitoring environment . . . . . 9 About policies . . . . . . . . . . . . . 65
Monitor with custom situations that meet your More information about policies . . . . . . . 65
requirements . . . . . . . . . . . . . . 10 Predefined policies . . . . . . . . . . . . 65
Collect and view historical data. . . . . . . . 11 UNIX_CPU_Busy policy . . . . . . . . . 65
UNIX_Disk_Space_Full policy . . . . . . . 66
Chapter 4. Workspaces reference . . . 13 UNIX_Virtual_Memory_High policy . . . . . 66
About workspaces . . . . . . . . . . . . 13
More information about workspaces . . . . . . 13 Appendix A. Attributes . . . . . . . . 67
Predefined workspaces . . . . . . . . . . 13 Overview . . . . . . . . . . . . . . . 67
UNIX OS workspaces . . . . . . . . . . 14 Tivoli Enterprise Portal reports and attributes . . . 67
Disk Usage workspaces . . . . . . . . . 14 Assignment of the N/A Value . . . . . . . . 67
File Information workspace . . . . . . . . 15 Cross referencing historical reports and attributes . 68
Network workspace . . . . . . . . . . 16
NFS Activity workspace . . . . . . . . . 16 Appendix B. Situations . . . . . . . . 69
Process workspace . . . . . . . . . . . 16
RPC Performance workspace . . . . . . . 18
System Information workspaces . . . . . . 18 Appendix C. Templates . . . . . . . . 73
Users workspace . . . . . . . . . . . 19 Default template . . . . . . . . . . . . . 73
Template state assignments for the provided
situations . . . . . . . . . . . . . . . 73
Chapter 5. Attributes reference . . . . 21
Assigning situations and templates . . . . . . 74

© Copyright IBM Corp. 2005 iii

 Assignment of managed objects . . . . . . 74 Setting RAS trace parameters . . . . . . . 102
Problems and workarounds . . . . . . . . 103
Appendix D. IBM Tivoli Enterprise Installation and configuration problem
Console event mapping . . . . . . . 75 determination . . . . . . . . . . . . 104
Agent problem determination . . . . . . . 107
Tivoli Enterprise Portal problem determination 112
Appendix E. Historical data . . . . . . 87 Problem determination for remote deployment 112
UNIXCPU historical table . . . . . . . . . 87 Workspace problem determination . . . . . 112
UNIXDISK historical table . . . . . . . . . 88 Situation problem determination . . . . . . 113
UNIXDPERF historical table . . . . . . . . . 88 Take Action command problem determination 116
UNIXFILE historical table . . . . . . . . . 89 Problem determination for UNIX . . . . . . 116
UNIXNET historical table. . . . . . . . . . 89 Support information . . . . . . . . . . . 117
UNIXNFS historical table . . . . . . . . . . 90 Searching knowledge bases . . . . . . . . 117
UNIXPS historical table . . . . . . . . . . 92 Obtaining fixes . . . . . . . . . . . . 118
UNIXOS historical table . . . . . . . . . . 93 Receiving weekly support updates . . . . . 118
UNIXUSER historical table . . . . . . . . . 96 Contacting IBM Software Support . . . . . 119

Appendix F. Problem determination . . 97 Appendix G. Accessibility . . . . . . 123

Gathering product information for IBM Software Navigating the interface using the keyboard . . . 123
Support . . . . . . . . . . . . . . . 97 Magnifying what is displayed on the screen . . . 123
Built-in problem determination features . . . . . 97
Problem classification . . . . . . . . . . . 98
Appendix H. Notices . . . . . . . . 125
Trace logging . . . . . . . . . . . . . . 98
Trademarks . . . . . . . . . . . . . . 127
Overview of log file management . . . . . . 98
Examples of trace logging . . . . . . . . 99
Principal trace log files . . . . . . . . . 99 Index . . . . . . . . . . . . . . . 129

iv IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Tables
1. Requirements for the Monitoring Agent for 20. UNIXOS table column heads and the
UNIX OS . . . . . . . . . . . . . .5 corresponding System attributes . . . . . 94
2. Viewing real-time data about UNIX . . . . .7 21. UNIXUSER table column heads and the
3. Investigating an event . . . . . . . . .8 corresponding User attributes . . . . . . 96
4. Recovering the operation of a resource . . . .9 22. Information to gather before contacting IBM
5. Customizing your monitoring environment 9 Software Support . . . . . . . . . . 97
6. Monitoring with custom situations . . . . . 11 23. Trace log files for troubleshooting agents 100
7. Collecting and viewing historical data . . . 12 24. Problems and solutions for installation and
8. Capacity planning for historical data . . . . 52 configuration . . . . . . . . . . . 104
9. UNIX situations . . . . . . . . . . . 69 25. General problems and solutions for
10. UNIX template state assignments . . . . . 73 uninstallation . . . . . . . . . . . 106
11. Overview of Distributed Monitoring migrated 26. Agent problems and solutions on the UNIX
situations . . . . . . . . . . . . . 75 operating system . . . . . . . . . . 107
12. Overview of event slots to event classes 78 27. Tivoli Enterprise Portal problems and
13. UNIXCPU table column heads and the solutions . . . . . . . . . . . . . 112
corresponding SMP CPU attributes. . . . . 87 28. Remote deployment problems and solutions 112
14. UNIXDISK table column heads and the 29. Workspace problems and solutions . . . . 113
corresponding Disk Information attributes . . 88 30. Specific situation problems and solutions 113
15. UNIXDPERF table column heads and the 31. Problems with configuring situations that you
corresponding Disk Performance attributes . . 88 solve in the Situation Editor . . . . . . . 114
16. UNIXFILE table column heads and the 32. Problems with configuration of situations that
corresponding File Information attributes . . 89 you solve in the Workspace area . . . . . 115
17. UNIXNET table column heads and the 33. Problems with configuration of situations that
corresponding Network attributes . . . . . 89 you solve in the Manage Tivoli Enterprise
18. UNIXNSF table column heads and the Monitoring Services window . . . . . . 116
corresponding NFS and RPC Statistics 34. Take Action commands problems and
attributes . . . . . . . . . . . . . 90 solutions . . . . . . . . . . . . . 116
19. UNIXPS table column heads and the 35. Paging and memory issues for a system
corresponding Process attributes . . . . . 92 administrator to consider . . . . . . . 117

© Copyright IBM Corp. 2005 v

vi IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
About this guide
The IBM Tivoli Monitoring: UNIX OS Agent User’s Guide provides information about
installation requirements and how to use the IBM® Tivoli® Monitoring: UNIX® OS
Agent.

Use the requirements chapter in this guide along with the IBM Tivoli Monitoring
Installation and Setup Guide to install and set up the software.

Use the information in this guide along with the IBM Tivoli Monitoring User’s Guide
to monitor UNIX resources.

Who should read this guide

This guide is for system administrators who install and use the Monitoring Agent
for UNIX OS to monitor and manage UNIX resources.

Readers should be familiar with the following topics:

v Tivoli Enterprise Portal interface
v IBM Tivoli Monitoring application software
v IBM Tivoli Enterprise Console® (optional)
v AIX® operating systems
v Solaris operating systems
v HP-UX operating systems

What this guide contains

This guide contains the following chapters:
v Chapter 1, “Overview of the Monitoring Agent for UNIX OS,” on page 1
Provides an introduction to the Monitoring Agent for UNIX OS.
v Chapter 2, “Requirements for the monitoring agent,” on page 5
Provides the installation requirements for the Monitoring Agent for UNIX OS.
v Chapter 3, “How to use the Monitoring Agent for UNIX OS,” on page 7
Provides a list of tasks to perform when using the monitoring agent, a list of
procedures for completing each task, and references for where to find
information about the procedures. After completing installation and
configuration and becoming familiar with the information in Chapter 1 of this
guide, use this chapter to see how you can use the monitoring agent.
v Chapter 4, “Workspaces reference,” on page 13
Provides an overview of workspaces, references to additional information about
workspaces, and descriptions of predefined workspaces in this monitoring agent.
v Chapter 5, “Attributes reference,” on page 21
Provides an overview of attributes, references to additional information about
attributes, and descriptions of the attribute groups and attributes in this
monitoring agent.
v Chapter 6, “Situations reference,” on page 55

© Copyright IBM Corp. 2005 vii

 Provides an overview of situations, references to additional information about
situations, descriptions of the predefined situations in this monitoring agent, and
disk space requirements for historical data.
v Chapter 7, “Take Action commands reference,” on page 63
Provides detailed information about the Take Action commands, references to
additional information about Take Action commands, and descriptions of the
Take Action commands provided in this monitoring agent.
v Chapter 8, “Policies reference,” on page 65
Provides an overview of policies, references for detailed information about
policies, and descriptions of the predefined policies included in this monitoring
agent.
v Appendix A, “Attributes,” on page 67
Provides additional information about the attributes that are provided with this
monitoring agent.
v Appendix B, “Situations,” on page 69
Provides additional information about the predefined situations that are
provided with this monitoring agent.
v Appendix C, “Templates,” on page 73
Provides detailed information about the predefined templates that are provided
with this monitoring agent.
v Appendix E, “Historical data,” on page 87
Provides information about mapping historical data collection column heads to
the corresponding attributes that are used in the Monitoring Agent for UNIX OS.
v Appendix D, “IBM Tivoli Enterprise Console event mapping,” on page 75
Provides an overview of the IBM Tivoli Enterprise Console event mapping
information for this monitoring agent.
v Appendix F, “Problem determination,” on page 97
Provides information about troubleshooting the various components of the
Monitoring Agent for UNIX OS, information about log files and messages, and
information about your options for obtaining software support.
v Appendix G, “Accessibility,” on page 123
Provides information about the accessibility features in the Monitoring Agent for
UNIX OS.
v Appendix H, “Notices,” on page 125
Provides IBM and Tivoli notices and trademark information as it applies to the
Monitoring Agent for UNIX OS.

Publications
This section lists publications relevant to the use of the Monitoring Agent for UNIX
OS. It also describes how to access these publications online and how to order
these publications.

Prerequisite publications
To use the information in this guide effectively, you must have some knowledge of
IBM Tivoli Monitoring products, which you can obtain from the following
documentation:
v IBM Tivoli Monitoring Administrator’s Guide
v IBM Tivoli Monitoring Installation and Setup Guide
v IBM Tivoli Monitoring Problem Determination Guide

viii IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 v IBM Tivoli Monitoring: Upgrading from Tivoli Distributed Monitoring
v IBM Tivoli Monitoring User’s Guide
v Introducing IBM Tivoli Monitoring Version 6.1.0

Related publications
The following documents also provide useful information:
v IBM Tivoli Enterprise Console Adapters Guide
v IBM Tivoli Enterprise Console Event Integration Facility User’s Guide
v IBM Tivoli Enterprise Console Reference Manual
v IBM Tivoli Enterprise Console Rule Developer’s Guide

Accessing terminology online

The Tivoli Software Glossary includes definitions for many of the technical terms
related to Tivoli software. The Tivoli Software Glossary is available at the following
Tivoli software library Web site:

http://publib.boulder.ibm.com/tividd/glossary/tivoliglossarymst.htm

The IBM Terminology Web site consolidates the terminology from IBM product
libraries in one convenient location. You can access the Terminology Web site at the
following Web address:

http://www.ibm.com/ibm/terminology

Accessing publications online

IBM posts publications for this and all other Tivoli products, as they become
available and whenever they are updated, to the Tivoli software information center
Web site. Access the Tivoli software information center by first going to the Tivoli
software library at the following Web address:

http://www.ibm.com/software/tivoli/library

Scroll down and click the Product manuals link. In the Tivoli Technical Product
Documents Alphabetical Listing window, click M to access all of the IBM Tivoli
Monitoring product manuals.

Note: If you print PDF documents on other than letter-sized paper, set the option
in the File → Print window that allows Adobe Reader to print letter-sized
pages on your local paper.

Ordering publications
You can order many Tivoli publications online at the following Web site:

http://www.elink.ibmlink.ibm.com/public/applications/
publications/cgibin/pbi.cgi

You can also order by telephone by calling one of these numbers:

v In the United States: 800-879-2755
v In Canada: 800-426-4968

In other countries, contact your software account representative to order Tivoli

publications.

About this guide ix

Accessibility
Accessibility features help users with a physical disability, such as restricted
mobility or limited vision, to use software products successfully. With this product,
you can use assistive technologies to hear and navigate the interface. You can also
use the keyboard instead of the mouse to operate most features of the graphical
user interface.

For additional information, see Appendix G, “Accessibility,” on page 123.

Tivoli technical training

For Tivoli technical training information, refer to the following IBM Tivoli
Education Web site:

http://www.ibm.com/software/tivoli/education/

Support information
“Support information” on page 117 describes the following options for obtaining
support for IBM products:
v “Searching knowledge bases” on page 117
v “Obtaining fixes” on page 118
v “Contacting IBM Software Support” on page 119

Conventions used in this guide

This guide uses several conventions for special terms and actions, and operating
system-dependent commands and paths.

Typeface conventions
This guide uses the following typeface conventions:
Bold
v Lowercase commands and mixed case commands that are otherwise
difficult to distinguish from surrounding text
v Interface controls (check boxes, push buttons, radio buttons, spin
buttons, fields, folders, icons, list boxes, items inside list boxes,
multicolumn lists, containers, menu choices, menu names, tabs, property
sheets), labels (such as Tip:, and Operating system considerations:)
v Keywords and parameters in text
Italic
v Words defined in text
v Emphasis of words
v New terms in text (except in a definition list)
v Variables and values you must provide
Monospace
v Examples and code examples
v File names, programming keywords, and other elements that are difficult
to distinguish from surrounding text
v Message text and prompts addressed to the user

x IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 v Text that the user must type
v Values for arguments or command options

Operating system-dependent variables and paths

The direction of the slash for directory paths might vary in this documentation. No
matter which type of slash you see in the documentation, use the following
guidelines for a slash:
v If using UNIX, use a forward slash (/).
v If using Windows®, use a backslash (\).

The names of environment variables are not always the same in Windows and
UNIX. For example, %TEMP% in Windows is equivalent to $TMPDIR in UNIX.

For environment variables, use the following guidelines:

v If using UNIX, use $variable.
v If using Windows, use %variable%.

Note: If you are using the bash shell on a Windows system, you can use the UNIX
conventions.

About this guide xi

xii IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
Chapter 1. Overview of the Monitoring Agent for UNIX OS
The Monitoring Agent for UNIX OS provides you with the capability to monitor
UNIX, and to perform basic actions with UNIX. This chapter provides a
description of the features, components, and interface options for the Monitoring
Agent for UNIX OS.

IBM Tivoli Monitoring overview

IBM Tivoli Monitoring is the base software for the Monitoring Agent for UNIX OS.
IBM Tivoli Monitoring provides a way to monitor the availability and performance
of all the systems in your enterprise from one or several designated workstations.
It also provides useful historical data that you can use to track trends and to
troubleshoot system problems.

You can use IBM Tivoli Monitoring to do the following:

v Monitor for alerts on the systems that you are managing by using predefined
situations or custom situations.
v Establish your own performance thresholds.
v Trace the causes leading to an alert.
v Gather comprehensive data about system conditions.
v Use policies to perform actions, schedule work, and automate manual tasks.

The Tivoli Enterprise Portal is the interface for IBM Tivoli Monitoring products. By
providing a consolidated view of your environment, the Tivoli Enterprise Portal
permits you to monitor and resolve performance issues throughout the enterprise.

See the IBM Tivoli Monitoring publications listed in “Prerequisite publications” on

page viii for complete information about IBM Tivoli Monitoring and the Tivoli
Enterprise Portal.

Features of the Monitoring Agent for UNIX OS

The Monitoring Agent for UNIX OS offers a central point of management for your
UNIX server environment. This monitoring agent provides a way to monitor the
availability and performance of all the systems in your enterprise from one or
several designated workstations. This monitoring agent also provides useful
historical data that you can use to track trends and to troubleshoot system
problems. Information is standardized across all systems (AIX, HP-UX, and
Solaris).

The Monitoring Agent for UNIX OS lets you easily collect and analyze
server-specific information, such as the following:
v Operating system and CPU performance
v UNIX disk information and performance analysis
v Process status analysis
v Network performance

The Monitoring Agent for UNIX OS provides the following benefits:

© Copyright IBM Corp. 2005 1

 v Simplifies application and system management by managing applications,
platforms, and resources across your system.
v Increases profits by providing you with real-time access to reliable,
up-to-the-minute data that allows you to make faster, better informed operating
decisions.
v Scales and ports to a wide variety of UNIX platforms.
v Enhances system performance because you can integrate, monitor, and manage
your environment, networks, console, and mission-critical applications. For
example, the Monitoring Agent for UNIX OS can alert you when a condition in
your environment meet or exceed the thresholds you set. These alerts notify
your system administrator to limit and control system traffic. You can view data
gathered by the Monitoring Agent for UNIX OS in reports and charts that
inform you of the status of your managed UNIX systems.
v Enhances efficiency by monitoring diverse platforms and networks. Depending
on the configuration of this monitoring agent, you can collect and monitor data
across platforms. The Monitoring Agent for UNIX OS gathers and filters status
information at the managed system rather than at the Hub, eliminating
unnecessary data transmission and sending only data that is relevant to changes
in status conditions.

Monitoring Agent for UNIX OS components

After you install and set up the Monitoring Agent for UNIX OS, you have an
environment that contains the client, server, and monitoring agent implementation
for IBM Tivoli Monitoring that contains the following components:
v Tivoli Enterprise Portal client with a Java™-based user interface for viewing and
monitoring your enterprise.
v Tivoli Enterprise Portal Server that is placed between the client and the Tivoli
Enterprise Monitoring Server and enables retrieval, manipulation, and analysis
of data from the monitoring agents.
v Tivoli Enterprise Monitoring Server, which acts as a collection and control point
for alerts received from the monitoring agents, and collects their performance
and availability data.
v Monitoring Agent for UNIX OS, which is installed on the systems or subsystems
that you want to monitor. This monitoring agent collects and distributes data to
a Tivoli Enterprise Portal Server.
v IBM Tivoli Enterprise Console is an optional component, which acts as a central
collection point for events from a variety of sources, including those from other
Tivoli software applications, Tivoli partner applications, custom applications,
network management platforms, and relational database systems. You can view
these events through the Tivoli Enterprise™ Portal (using the event viewer), and
you can forward events from IBM Tivoli Monitoring situations to the IBM Tivoli
Enterprise Console component.

User interface options

Installation of the base software and other integrated applications provides the
following interfaces that you can use to work with your resources and data:
Tivoli Enterprise Portal browser client interface
The browser interface is automatically installed with Tivoli Enterprise
Portal. To start Tivoli Enterprise Portal in your Internet browser, enter the
URL for a specific Tivoli Enterprise Portal browser client installed on your
Web server.

2 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Tivoli Enterprise Portal desktop client interface
The desktop interface is a Java-based graphical user interface (GUI) on a
Windows workstation.
IBM Tivoli Enterprise Console
Event management application
Manage Tivoli Enterprise Monitoring Services window
The window for the Manage Tivoli Enterprise Monitoring Services utility is
used for configuring the agent and starting Tivoli services not already
designated to start automatically.

Chapter 1. Overview of the Monitoring Agent for UNIX OS 3

4 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
Chapter 2. Requirements for the monitoring agent
This chapter contains information about the requirements for the Monitoring Agent
for UNIX OS.

In addition to the requirements described in the IBM Tivoli Monitoring Installation

and Setup Guide, the Monitoring Agent for UNIX OS has the requirements listed in
Table 1.
Table 1. Requirements for the Monitoring Agent for UNIX OS
Operating system UNIX
Operating system versions v AIX V5.1, 5.2, 5.3 (32-bit or 64-bit)
v HP-UX 11i (32-bit or 64-bit) with PHSS_30966
v Solaris V8, 9, 10 (32-bit or 64-bit)
Memory v 256 MB RAM at a minimum although 512 MB or
higher for better performance
Disk space v 164 MB of disk space for the monitoring agent
v Historical data disk space: see “Disk capacity planning
for historical data” on page 51
Other requirements v A POSIX-compliant threads package must be installed
on the monitored machine.
v Ethernet or token ring LAN capability.
v CD-ROM drive.
v Native X-term monitor for UNIX or Hummingbird®
Exceed X-windows emulators for PCs only.
v For Solaris: X11.
v For AIX: A compatible version of libperfstat. For
example, AIX 5.1 requires libperfstat V5.1, AIX 5.2
requires libperfstat V5.2, and so forth.
v The monitoring agent must have the permissions
necessary to perform requested actions. For example, if
the user ID you used to log onto the system to install
the monitoring agent (locally or remotely) does not
have the permission to perform a particular action
being monitored by the monitoring agent (such as
running a particular command), the monitoring agent
will be unable to perform the requested action.
v For remote administration, the Monitoring Agent for
UNIX OS must be installed and running.

© Copyright IBM Corp. 2005 5

6 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
Chapter 3. How to use the Monitoring Agent for UNIX OS
After you have installed and configured the Monitoring Agent for UNIX OS, you
can begin using this monitoring agent to monitor your resources.

This chapter provides information about how to use the Monitoring Agent for
UNIX OS to perform the following tasks:
v “View real-time data about UNIX”
v “Investigate an event” on page 8
v “Recover the operation of a resource” on page 8
v “Customize your monitoring environment” on page 9
v “Monitor with custom situations that meet your requirements” on page 10
v “Collect and view historical data” on page 11

For each of these tasks, there is a list of procedures that you perform to complete
the task. For the procedures, there is a cross-reference to where you can find
information about performing that procedure. Information about the procedures is
located in subsequent chapters and appendixes of this user’s guide and in the IBM
Tivoli Monitoring documentation.

View real-time data about UNIX

After you install, configure, and start the Monitoring Agent for UNIX OS, the
monitoring agent begins monitoring.

Table 2 contains a list of the procedures for viewing the real-time data about UNIX
that the monitoring agent collects. The table also contains a cross-reference to
where you can find information about each procedure.
Table 2. Viewing real-time data about UNIX
Procedure Where to find information
View the hierarchy of your monitored IBM Tivoli Monitoring User’s Guide:
resources from a system point of view ″Navigating through workspaces″ (in
(Navigator view organized by operating ″Monitoring: real-time and event-based″
platform, system type, monitoring agents, chapter)
and attribute groups).
View the indicators of real or potential
problems with the monitored resources
(Navigator view).
View changes in the status of the resources IBM Tivoli Monitoring User’s Guide: ″Using
that are being monitored (Enterprise workspaces″ (in ″Monitoring: real-time and
Message Log view). event-based″ chapter)
View the status of the agents in the Chapter 4, “Workspaces reference,” on page
managed enterprise that you are monitoring 13 in this guide
(Monitoring Agent Status view).

© Copyright IBM Corp. 2005 7

 Table 2. Viewing real-time data about UNIX (continued)
Procedure Where to find information
View the number of times an event has been IBM Tivoli Monitoring User’s Guide: ″Using
opened for a situation during the past 24 workspaces″ (in ″Monitoring: real-time and
hours (Open Situations Count view). event-based″ chapter)

Chapter 4, “Workspaces reference,” on page

13 in this guide

Chapter 6, “Situations reference,” on page 55

in this guide
Manipulate the views in a workspace. IBM Tivoli Monitoring User’s Guide: ″Using
views″ (in ″Monitoring: real-time and
event-based″ chapter)

Investigate an event
When the conditions of a situation have been met, an event indicator is displayed
in the Navigator. When an event occurs, you want to obtain information about that
event so you can correct the conditions and keep your enterprise running
smoothly. The situation must be associated with a Navigator Item in order to
appear.

Table 3 contains a list of the procedures for investigating an event and a

cross-reference to where you can find information about each procedure.
Table 3. Investigating an event
Procedure Where to find information
Determine which situation opened the event IBM Tivoli Monitoring User’s Guide: ″Opening
and identify the attributes that have values the situation event workspace″ (in
that are contributing to the alert. ″Monitoring: real-time and event-based″
chapter, ″Responding to alerts″ section)
Review available advice. Chapter 4, “Workspaces reference,” on page
13 in this guide
Notify other users that you have taken IBM Tivoli Monitoring User’s Guide:
ownership of the problem related to an ″Acknowledging an situation event″ (in
event and are working on it. ″Monitoring: real-time and event-based″
chapter, ″Responding to alerts″ section)
Remove the event from the Navigator. IBM Tivoli Monitoring: UNIX OS Agent User’s
Guide: ″Closing the situation event
workspace″ (in ″Monitoring: real-time and
event-based″ chapter, ″Responding to alerts″
section)

Recover the operation of a resource

When you find out that a resource is not operating as desired, you can control it
manually or automatically using Take Action commands.

Table 4 on page 9 contains a list of the procedures for recovering the operation of a
resource and a cross-reference to where you can find information about each
procedure.

8 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 Table 4. Recovering the operation of a resource
Procedure Where to find information
Take an action on a resource manually. IBM Tivoli Monitoring User’s Guide:
v ″Other views″ (in ″Custom workspaces″
chapter, ″Workspace views″ section)
v ″Take action – reflex automation″ (in
Situations for event-based monitoring″
chapter, ″Event-based monitoring
overview″ section)

Chapter 7, “Take Action commands

Take an action on a system condition
automatically by setting up a situation to
run a Take Action command.
reference,” on page 63 in this guide
IBM Tivoli Monitoring User’s Guide:
″Situations for event-based monitoring″
chapter
v ″Customizing a situation″
v ″Creating a situation″
v ″Specify an action to take″
v ″Distribute the situation″

Chapter 7, “Take Action commands

Take multiple actions on system conditions
automatically using a policy.
Take actions across systems, monitoring
agents, or computers using a policy.
reference,” on page 63 in this guide
IBM Tivoli Monitoring User’s Guide: ″Policies
for automation″ chapter
v ″Creating a policy″
v ″Maintaining policies″
v ″Workflows window″
Chapter 8, “Policies reference,” on page 65 in
this guide

Customize your monitoring environment

You can change how your monitoring environment looks by creating new
workspaces with one or more views in it.

Table 5 contains a list of the procedures for customizing your monitoring

environment and a cross-reference to where you can find information about each
procedure.
Table 5. Customizing your monitoring environment
Procedure Where to find information
Display data in tables or charts (views) in IBM Tivoli Monitoring User’s Guide:
Tivoli Enterprise Portal. v ″Custom workspaces″
v ″Table and chart views″
Display an overview of changes in the status IBM Tivoli Monitoring User’s Guide: ″Message
of the situations for your monitored log view″ (in ″Situation event views:
resources (Message Log View). message log, situation event console,,
graphic, and Tivoli Enterprise Console″
chapter)

Chapter 3. How to use the Monitoring Agent for UNIX OS 9

 Table 5. Customizing your monitoring environment (continued)
Procedure Where to find information
Specify which attributes to retrieve for a IBM Tivoli Monitoring User’s Guide: ″Creating
table or chart so you can retrieve only the custom queries″ (in ″Table and chart views″
data you want by creating custom queries. chapter)

Chapter 5, “Attributes reference,” on page 21

in this guide

Appendix A, “Attributes,” on page 67 in this

Build links from one workspace to another.
Identify which predefined situations started
running automatically when you started the
Tivoli Enterprise Monitoring Server.
guide
IBM Tivoli Monitoring User’s Guide:
v ″Link from a workspace″ (in ″Custom
workspaces″ chapter)
v ″Link from a table or chart″ (in ″Table and
chart ciews″ chapter)
IBM Tivoli Monitoring User’s Guide: ″What
the enterprise workspace shows″ (in
″Monitoring: real-time and event-based″
chapter, ″Using workspaces″ section)

Chapter 6, “Situations reference,” on page 55

in this guide

Appendix B, “Situations,” on page 69 in this

guide
Determine whether to run situations as Chapter 6, “Situations reference,” on page 55
defined, modify the values in situations, or in this guide
create new situations to detect possible
problems.

Monitor with custom situations that meet your requirements

When your environment requires situations with values that are different from
those in existing situations, or when you need to monitor conditions not defined
by the existing situations, you can create custom situations to detect problems with
resources in two ways:
v Create an entirely new situation
v Create a situation by copying and editing a predefined situation

Note: When you create and run a situation, an IBM Tivoli Enterprise Console
event is created. For information on how to define event severities from
forwarded IBM Tivoli Monitoring situations and other event information,
see the IBM Tivoli Monitoring Administrator’s Guide.

You can specify the following information for a situation:

v Name
v Attribute group and attributes
v Qualification to evaluate multiple rows when a situation has a multiple-row
attribute group (display item)
v Formula
v Take Action commands
v Run at startup

10 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 v Sampling interval
v Persistence
v Manual or automatic start
v Severity
v Clearing conditions
v Expert Advice
v When a true situation closes
v Available Managed Systems
Table 6 contains a list of the procedures for monitoring your resources with custom
situations that meet your requirements and a cross-reference to where you can find
information about each procedure.
Table 6. Monitoring with custom situations
Procedure
Create an entirely new situation.
Create a situation by copying and editing a
predefined situation.
Run a situation on a managed system.
Collect and view historical data
When you collect historical data, you specify the following configuration
requirements:
v Attribute groups for which to collect data
v Collection interval
Chapter 3. How to use the Monitoring Agent for UNIX OS
Where to find information
IBM Tivoli Monitoring User’s Guide: ″Creating
a new situation″ (in ″Situations for
event-based monitoring″ chapter, ″Creating a
situation″ section)
Chapter 5, “Attributes reference,” on page 21
in this guide
Appendix A, “Attributes,” on page 67 in this
guide
IBM Tivoli Monitoring User’s Guide:
″Customizing a situation″ (in ″Situations for
event-based monitoring″ chapter)
Chapter 6, “Situations reference,” on page 55
in this guide
Appendix B, “Situations,” on page 69 in this
guide
Chapter 5, “Attributes reference,” on page 21
in this guide
Appendix A, “Attributes,” on page 67 in this
guide
IBM Tivoli Monitoring User’s Guide:
″Situations for event-based monitoring″
chapter
v ″Associate situations with navigator
items″
v ″Distribute the situation″ (in ″Customizing
a situation″ section)
v ″Start, stop or delete a situation″
11
 v Summarization and pruning of attribute groups
v Roll-off interval to a data warehouse, if any
v Where to store the collected data (at the agent or the Tivoli Enterprise
Monitoring Server)

Table 7 contains a list of the procedures for collecting and viewing historical data
and a cross-reference to where you can find information about each procedure.
Table 7. Collecting and viewing historical data
Procedure Where to find information
Configure and start collecting short-term IBM Tivoli Monitoring User’s Guide:
data (24 hours). ″Historical reporting″ (in ″Table and chart
views″ chapter)
Configure and start collecting longer-term
data (more than 24 hours). IBM Tivoli Monitoring Administrator’s Guide
View historical data in the Tivoli Enterprise
Portal. “Disk capacity planning for historical data”
on page 51 in this guide
Create reports from historical data using
third-party reporting tools.
Filter out unwanted data to see specific
areas of interest.

12 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Chapter 4. Workspaces reference
This chapter contains an overview of workspaces, references for detailed
information about workspaces, and descriptions of the predefined workspaces
included in this .

About workspaces
A workspace is the working area of the Tivoli Enterprise Portal application
window. At the left of the workspace is a Navigator that you use to select the
workspace you want to see.

As you select items in the Navigator, the workspace presents views pertinent to
your selection. Each workspace has at least one view. Some views have links to
workspaces. Every workspace has a set of properties associated with it.

This monitoring agent provides predefined workspaces. You cannot modify the
predefined workspaces, but you can create new workspaces by editing them and
saving the changes with a different name.

More information about workspaces

For more information about creating, customizing, and working with workspaces,
see the IBM Tivoli Monitoring User’s Guide.

For a list of the predefined workspaces for this monitoring agent and a description
of each workspace, refer to the Predefined workspaces section below and the
information in that section for each individual workspace.

Predefined workspaces
The Monitoring Agent for UNIX OS provides the following predefined workspaces,
which are organized by Navigator item:
v UNIX OS
– Enterprise UNIX System Summary
– UNIX Detail
– UNIX Summary (default)
v Disk Usage
– Disk Usage
– Disk Usage Details
v File Information
v Network
v NFS Activity
v Process
v RPC Performance
v System Information
– Solaris System CPU Workload Summary
– System Details
– System Information
© Copyright IBM Corp. 2005 13
 v Users

UNIX OS workspaces
This section describes the workspaces related to the UNIX OS Navigation item.
The UNIX OS workspaces provide data on general system performance of servers
and networks in your UNIX environment. Monitored data includes information on
hardware configuration, software activity, and performance statistics. Use the UNIX
OS workspaces to obtain a quick at-a-glance view of your UNIX systems.

Enterprise UNIX System Summary workspace

The Enterprise UNIX System Summary workspace provides a summary of all
UNIX systems that are online. This workspace requires that the hub and remote
Tivoli Enterprise Monitoring Servers are seeded with the Monitoring Agent for
UNIX OS seed data.

This workspace includes the following views:

v UNIX System Summary table
v Memory Usage Summary chart
v Load Average Summary chart
v CPU % Summary chart

Based on the information that this workspace provides, you can make changes, set
up situations, and verify that changes are improving performance.

UNIX Details workspace

The UNIX Details workspace provides a summary of all UNIX systems that are
online.

This workspace provides the following views:

v Top CPU Time – Processes table
v Top Memory % table
v Top Virtual Size table
v Top Space Used % table
v System Virtual Memory table

UNIX Summary workspace (default)

The UNIX Summary workspace provides a summary of all UNIX systems that are
online. The UNIX Summary workspace is the default workspace.

The UNIX Summary workspace provides the following views:

v Top CPU Time chart
v Memory % – Top Ten chart
v Disk Space Use % – Top Ten chart
v Virtual Size – Top Ten chart
v Virtual Memory Availability chart

Disk Usage workspaces

This section describes the workspaces related to the Disk Usage Navigator item.

14 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 Disk Usage workspace
The Disk Usage workspace displays information on disk usage and disk
performance. This workspace provides data that can help you identify disk
performance problems caused by slow rates of data transfer from disk to memory
or high disk usage.

This workspace provides the following views:

v Space Used % – Top Ten chart
v Inodes Used % – Top Ten chart
v Disk Busy % chart
v Disk Utilization table
The Disk Utilization table can help you quickly solve disk-related problems by
providing information on devices with excessive I/O activity or long service
times.

Based on the information that this workspace provides, you can make changes, set
up situations, and verify that changes are improving performance.

Disk Usage Details workspace

The Disk Usage Details workspace displays information on disk usage and disk
performance. This workspace provides access to the Disk Usage for Mount Point
workspace.

This workspace provides the following views:

v Disk Inodes table
v Disk Performance table, which you can use to identify disk performance
problems caused by slow rates of data transfer from disk to memory, or high
disk usage.
v Disk Utilization table, which can help you solve disk related problems quickly
by providing information on devices with excessive I/O activity or long service
times or both.

Disk Utilization for Mount Point workspace

This workspace provides the following views:
v Disk Utilization for Mount Point table
v Disk Utilization for Mount Point chart

File Information workspace

This section describes the workspaces related to the File InformationNavigator
item.

File Information workspace

The File Information workspace provides data that helps you identify files that are
consuming the largest amount of disk space. This workspace also provides detailed
information about a specific file, such as file path, file attributes, and time data.
This workspace includes the following views:
v File Size – Top Ten chart
v File Size table

All Files workspace

The All Files workspace includes the following views:
v Top 10 chart

Chapter 4. Workspaces reference 15

 v All Files table

The File Information navigator item provides access to the following workspaces:
v All Files workspace
This workspace provides the following views:
– File Size – Top Ten chart
– All Files table
v Specific File Information workspace
This workspace provides the following views:
– File Information for file_name table
– Take Action

Based on the information that this workspace provides, you can make changes, set
up situations, and verify that changes are improving performance.

Network workspace
The Network workspace provides data about various aspects of the network, such
as network input and output errors, whether network interfaces are operational,
and how much data your network interfaces transmit and receive. This workspace
includes the following views:
v Errors and Collisions chart
v Frames Transfer Data chart
v Network table
The Network table contains numerical attributes that view the changing
workload for an interface throughout each work day.

Based on the information that this workspace provides, you can make changes, set
up situations, and verify that changes are improving performance.

Note: The Network table and the network attributes display frame counts. Frames
and packets are not necessarily the same. System administrators might
define the interface so that multiple frames are sent or received in a packet.

NFS Activity workspace

The NFS Activity workspace provides data to help you monitor various aspects of
NFS server activity, such as NFS calls to the managed system and calls from the
managed system to NFS servers. This workspace includes the following views:
v NFS Server Statistics chart
v NFS Client Statistics chart
v NFS Server Activity table
v NFS Client Activity table

Based on the information that this workspace provides, you can make changes, set
up situations, and verify that changes are improving performance.

Process workspace
This section describes the workspaces related to the Process Navigator item.

16 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Process workspace
The Process workspace provides data to help you monitor processes that are
utilizing the highest amount of CPU time and memory. This workspace provides
the following views:
v Memory % – Top Ten chart
v Top CPU Time % Processes chart
v Top CPU Time % Processes table
v Virtual Size – Top Ten chart

When monitoring process information, pay special attention to the following

attributes values:
v Large values in the CPU Utilization column indicate a CPU-intensive process.
These result in a lower process priority. Small values indicate an I/O intensive
process. These result in a higher process priority.
v A CPU utilization value that is greater than 100 indicates that a process is
consuming a large amount of the CPU. If this value is high, check the Execution
State column to see if the process is running and the Time column to see how
long the process has been running.

Note: The CPU Utilization value is computer-dependent and also varies according
to the version of the UNIX operating system that is running.

All Processes workspace

The All Process workspace provides the following views:
v Memory % – Top Ten chart
v Top CPU Time % Processes chart
v Top CPU Time % Processes table
v Virtual Size – Top Ten chart

Top CPU, Memory %, VSize Details workspace

The Top CPU, Memory %, VSize Details workspace provides the following views:
v Top CPU Time table
v Top Memory % Used table
v Top Virtual Size table
v Take Action

The Process Navigator item also provides access the following workspaces:
v Application for Process
This workspace provides the following views:
– Application for Process ID table
– Take Action
v Child Processes
This workspace provides the following views:
– Child Processes for Process ID table
– Take Action
v Command for Process
This workspace provides the following views:
– Command for Process ID table
– Take Action

Chapter 4. Workspaces reference 17

 v Resource for Process
This workspace provides the following views:
– Resource for Process ID table
– Take Action
v Processes for Group Leader
This workspace provides the following views:
– Processes for Group Leader ID table
– Take Action

Based on the information that this workspace provides, you can make changes, set
up situations, and verify that changes are improving performance.

RPC Performance workspace

The RPC Performance workspace displays data related to Remote Procedure Call
(RPC) server and client call rates and errors. This workspace provides the
following views:
v RPC Server Statistics chart
The RPC Server Statistics view graphically displays the following attributes:
– RPC Client Calls Rejected by Server
– RPC Server Times RPC Packet Unavailable
– RPC Server Packets Too Short
– RPC Server Packets with Malformed Header
v RPC Client Statistics chart
The RPC Client Statistics view graphically displays the following attributes:
– RPC Client Calls Rejected by Server
– RPC Client Calls Retransmitted
– RPC Client Replies Not Matching Calls
– RPC Client Calls Timed Out
v RPC Server Performance table
The RPC Server Performance table contains statistics on attributes that refer to
Remote Procedure Call (RPC) server call rates and errors (RPC calls made to the
managed system).
v RPC Client Performance table
The RPC Client Performance table contains statistics on attributes that refer to
Remote Procedure Call (RPC) client call rates and errors (RPC calls made by the
managed system to RPC servers).

System Information workspaces

This section describes the workspaces related to the System Information
Navigation item. The System Information workspaces provide data to help you
monitor various aspects of your UNIX systems. Use the System Information
workspaces to identify the following types of problems:
v Managed systems with high CPU utilization
v Imbalances between user and system CPU demands
v Long CPU waits caised by I/O bottlenecks.

Solaris System CPU Workload Summary workspace

The Solaris System CPU Workload Summary workspace is applicable to only
Solaris systems. This workspace includes the following views:
18 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
 v Solaris System CPU Workload Summary table
v Take Action

System Details workspace

The System Details workspace includes the following views, which provide
detailed information about system statistics:
v System CPU table
v System table
v System Load Average table
v System Workload table
v System Cache and Buffers table

You can access the Solaris System CPU Workload Summary workspace from the
System CPU table.

System Information workspace

The System Information workspace includes the following views:
v Virtual Memory Availability chart
v Page Fault Statistics chart
v Total Real and Virtual Memory chart
v CPU % chart
v Load Averages chart

Based on the information that this workspace provides, you can make changes, set
up situations, and verify that changes are improving performance.

Users workspace
This section describes the workspaces related to the Users Navigator item.

Users workspace
The Users workspace provides data to help you monitor various aspects of user
activity. By viewing the monitored user data collected by the Monitoring Agent for
UNIX OS on remote systems, you can do the following:
v Troubleshoot problems and solve them quickly using reliable, real-time
information about users and the programs they use.
v Use this information to pinpoint problem processes, and the user or users
responsible for them. You can then eliminate the process, contact the user
responsible for the problem, and take corrective action.

This workspace includes the following views:

v Users table
v Take Action

User Processes workspace

To view the processes started by a user, right click the row for that user in the
Users view to display the User Processes workspace. This workspace provides the
following views:
v Processes for User ID user_ID table
This view provides access to the Process Resource workspace.
v Take Action

Chapter 4. Workspaces reference 19

20 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
Chapter 5. Attributes reference
This chapter contains informatoin about the following topics:
v Overview of attributes
v References for detailed information about attributes
v Descriptions of the attributes for each attribute group included in this
monitoring agent
v Disk space requirements for historical data

About attributes
Attributes are the application properties being measured and reported by the
Monitoring Agent for UNIX OS, such as the amount of memory usage or the
message ID.

Attributes are organized into groups according to their purpose. The attributes in a
group can be used in the following two ways:
v Chart or table views
Attributes are displayed in chart and table views. The chart and table views use
queries to specify which attribute values to request from a monitoring agent.
You use the Query editor to create a new query, modify an existing query, or
apply filters and set styles to define the content and appearance of a view based
on an existing query.
v Situations
You use attributes to create situations that monitor the state of your operating
system, database, or application. A situation describes a condition you want to
test. When you start a situation, the Tivoli Enterprise Portal compares the values
you have assigned to the situation attributes with the values collected by the
Monitoring Agent for UNIX OS and registers an event if the condition is met.
You are alerted to events by indicator icons that appear in the Navigator.

Some of the attributes in this chapter are listed twice, with the second attribute
having a ″(Unicode)″ designation after the attribute name. These Unicode attributes
were created to provide access to globalized data. Use the globalized attribute
names because this is where the monitoring agent is putting the data. If you were
using a previous Candle® OMEGAMON® release of this monitoring agent, you
must run the Application Migration Tool to create globalized attributes for your
customized queries, situations, and policies. Refer to the IBM Tivoli Monitoring
Installation and Setup Guide for more information.

More information about attributes

For more information about using attributes and attribute groups, see the IBM
Tivoli Monitoring User’s Guide.

For a list of the attributes groups, a list of the attributes in each attribute group,
and descriptions of the attributes for this monitoring agent, refer to the Attribute
groups and attributes section in this chapter.

© Copyright IBM Corp. 2005 21

Attribute groups and attributes for the Monitoring Agent for UNIX OS
This monitoring agent contains the following attribute groups. The attribute groups
are collected in attribute tables that are designated in brackets [ ] after the group
name. The table names are used for collection of historical data.
v Disk [UNIXDISK]
v Disk_Performance [UNIXDPERF]
v File_Information [FILEINFO]
v Network [UNIXNET]
v NFS and RPC Statistics [UNIXNFS]
v Process [UNIXPS]
v SMP_CPU [UNIXCPU]
v System [UNIXOS]
v User [UNIXUSER]

The following sections contain descriptions of these attribute groups, which are
listed alphabetically. Each description contains a list of attributes in the attribute
group.

Disk Information attributes [UNIXDISK]

Use the Disk Information attributes to monitor disk characteristics, such as inode
size, inodes used, mount point, and space available. The Disk Information attribute
group is a multiple-instance attribute group.

Inodes Free [INODEFREE]: The number of inodes currently available on your file
system. Use this attribute to avoid a pending crisis. Corrective action might include
freeing up unneeded space or deleting temporary files. Valid entries are numeric
values in the range 0 to 99999999, including the use of *AVG, *MAX, *MIN, *SUM,
Count, and Value functions.

Inode Size [INODESIZE]: The number of inodes allocated on a file system. For
example, a value of 163817 indicates that the number of inodes allocated is 163
817. Valid values are numeric values in the range 0 to 2147483647, including the
use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Inodes Used [INODEUSED]: The number of inodes currently allocated to files on

the file system. This value equals the value of the Inode Size attribute minus the
value of the Inodes Free attribute. Valid values are numeric values in the range 0
to 99999999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions.

Inodes Used Percent [PCTINDUSED]: The percentage of inode space currently

allocated to files. Valid entries are numeric values in the range 0 to 100, such as 85
for 85 percent, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions.

Mount Point [MOUNTPT]: The path name of the directory to which a file system
is mounted. This is the virtual name for the directory. Valid entries are strings up
to 32 letters or numbers that represent a directory path.

Mount Point (Unicode) [UMOUNTPT]: The path name of the directory to which a
file system is mounted. This is the virtual name for the directory. Valid entries are
strings up to 768 bytes that represent a directory path. This attribute is globalized.

22 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 Name [DSKNAME]: The name of the physical disk partition where the file system
is mounted. This is the physical location of the disk. Valid entries are strings up to
32 letters or numbers.

Name (Unicode) [UDSKNAME]: The name of the physical disk partition where
the file system is mounted. This is the physical location of the disk. Valid entries
are strings up to 96 bytes. This attribute is globalized.

Size [DSKSIZE]: The total size of a file system, expressed in KB. For example,
1000000 represents one GB. Valid entries are numeric values in the range in the
range 0 to 99999999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and
Value functions.

Space Available [SPCAVAIL]: The amount of unused space currently available to

non-superusers on a file system, expressed in KB. For example, 40000 represents 40
MB. Valid entries are numbers up to 99999999.

Space Available Percent [PCTSPCAV]: The percentage of space available. Valid

entries are whole numbers in the range 0 to 100, such as 10 for 10 percent,
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Space Used [SPCUSED]: The amount of disk space currently in use on a file
system, expressed in KB. Valid entries are numeric values in the range 0 to
99999999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions.. For example, 5000 represents 5 MB.

Space Used Percent [PCTSPCUSED]: The space currently used on the file system,
expressed as a percentage of the sum of used and available space. The Space Used
Percent attribute reflects the percentage of disk space which is available to
non-superusers. A high value in this column alerts you to critical disk space
conditions. Valid entries are whole numbers in the range 0 to 100, such as 80 for 80
percent, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions.

System Name [ORIGINNODE]: The host name of a monitored system. Valid

entries are simple text strings up to 64 letters and numbers.

Timestamp [TIMESTAMP]: The date and time the agent collects information as set
on the monitored system.

Disk Performance attributes [UNIXDPERF]

Use the Disk Performance attributes to monitor disk operations, such as data
transfer rates, average waiting times, and percentage busy. The Disk Performance
attribute group is a multiple-instance attribute group.

Avg Serv [AVGSERV]: Average amount of disk time used in milliseconds over the
sampling period. For example, in terms of a bank teller queue, it is the time spent
at the teller’s window. Valid entries are numeric values in the range 0 to 999999,
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Avg Queue [DSKAVQUE]: Average number of disk requests outstanding during

the sampling period. Valid entries are numeric values in the range 0 to 1000,
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Chapter 5. Attributes reference 23

 Avg Wait [DSKAVWAIT]: Average time waiting for disk access expressed in
milliseconds. For example, in terms of a bank teller queue, it is the time from when
you first join the queue until you advance to the teller window to be serviced.
Valid entries are numeric values in the range 0 to 999999, including the use of
*AVG, *MAX, *MIN, or *SUM functions.

Busy Percent [DSKBUSY]: The percentage of time a disk has been busy
transferring data. Valid entries are whole numbers in the range 0 to 100, such as 35
for 35 percent, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions. Use the Busy Percent attribute to check whether a process is I/O bound.
Values greater than 30 percent usually indicate excessive paging out to disk, or that
a process is I/O bound. If the Busy Percent value is high (greater than 30 percent)
and CPU utilization is also high (greater than 80 percent), your system is probably
overloaded and experiencing degradation of performance.

Disk Name [DSKNAME]: The name of the physical disk that might be
partitioned. Valid entries are simple text strings up to 32 letters or numbers.

Disk Name (Unicode) [UDSKNAME]: The name of the physical disk that might
be partitioned. Valid entries are simple text strings up to 96 bytes. This attribute is
globalized.

System Name [ORIGINNODE]: The host name of a monitored system. Valid

entries are simple text strings up to 64 letters and numbers.

Timestamp [TIMESTAMP]: The date and time the agent collects information as set
on the monitored system.

Transfer Rate [DSKXFERRAT]: The number of data transfers per second during a
monitoring interval. Valid entries are numeric values in the range 0 to 2147483647,
including the use of *AVG, *MAX, *MIN, or *SUM functions.

Transferred Bytes [DSKBYTESIZ]: The total number of KB that have been

transferred during the recording interval. The Transferred Bytes attribute is one
indicator of how fast your disk is moving data. It does not account for variables,
such as disk format and efficiency of space usage that also affect the speed of data
transfer. Valid values are numeric values in the range 0 to 2147483647, including
use of the *AVG, *MAX, *MIN, or *SUM functions.

File Information attributes [FILEINFO]

Use the File Information attributes to monitor file and directory characteristics,
such as name, size, owner, access rights, and links. The File Information attribute
group is a multiple-instance attribute group.

Access [ACCESS]: This attribute defines a four-digit octal number representing the
access rights for a file. You specify access rights using a four-digit number that
represents the permissions associated with a file. Each digit is the decimal
equivalent of a binary three-bit string. Valid entries are numeric strings in the
range 0000 to 7777. From left to right, each digit has the following meaning:
1st digit
Determines whether, upon execution, the file takes on the ID of the user or
group that owns the file. This permission assignment applies to users who
neither own the file they are trying to run nor belong to the group that
owns the file.

24 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

2nd digit
Determines the access permissions of the user that owns the file.
3rd digit
Determines the access permissions of the group that owns the file.
4th digit
Determines the access permissions for other users.

From right to left, the bits for the first digit have the following meanings:
1st bit The meaning if this bit depends on the type of UNIX operating system you
are monitoring.
2nd bit
If the value of this bit is 1, the system runs the file with the group ID of
the group that owns the file. If the value of this bit is 0, the system runs
the file with the group ID of the user that ran the file. If the file is a
directory and this bit is 1, all files created in that directory inherit the
group ID of that directory.

File [FILE]: The name of a file or directory. If the file is a symbolic link, the link
name is shown in the Link Name attribute. Valid entries are simple alphanumeric
text strings with a maximum length 768 characters.

File (Unicode) [UFILE]: The name of a file or directory. If the file is a symbolic
link, the link name is shown in the Link Name attribute. Valid entries are simple
alphanumeric text strings with a maximum length 256 bytes. This attribute is
globalized.

Group [GROUP]: The name of the logical group to which a file owner belongs.
Valid entries are simple alphanumeric text strings with a maximum length 16
characters

Group (Unicode) [UGROUP]: The name of the logical group to which a file owner
belongs. Valid entries are simple alphanumeric text strings with a maximum length
48 bytes. This attribute is globalized.

Last Accessed Time [ACCESSEDTM]: The date and time of the last file access.

Last Changed Time [CHANGEDTM]: The date and time of the last change to a
file.

Links [LINKS]: The number of links to a file. Valid entries are numeric values in
the range 0 to 64535, including use of the *AVG, *MAX, *MIN, or *SUM functions.

Link Name [LINKNAME]: The name of the file for which this file is a symbolic
link. If this field is blank, the file is not a link. Valid entries are simple
alphanumeric text strings, with a maximum length of 256 characters.

Link Name (Unicode) [ULINKNAME]: The name of the file for which this file is a
symbolic link. If this field is blank, the file is not a link. Valid entries are simple
alphanumeric text strings, with a maximum length of 768 bytes. This attribute is
globalized.

Owner [OWNER]: The name of the file owner. Valid entries are simple
alphanumeric text strings with a maximum length 16 characters.

Chapter 5. Attributes reference 25

 Owner (Unicode) [UOWNER]: The name of the file owner. Valid entries are simple
alphanumeric text strings with a maximum length 768 bytes. This attribute is
globalized.

Path [PATH]: The full path that contains a particular file or directory. Valid entries
are alphanumeic text strings that represent the full path of the file with a
maximum length of 256 characters.

Path (Unicode) [UPATH]: The full path that contains a particular file or directory.
Valid entries are alphanumeic text strings that represent the full path of the file
with a maximum length of 768 bytes. This attribute is globalized.

Size [SIZE]: The size of a file in bytes. Valid entries are numeric values in the
range 0 to 2147483647, including the use of *AVG, *MAX, *MIN, *SUM, Count, and
Value functions.

Size MB [SIZEMB]: The size of a file in MB. Valid entries are numeric values in
the range 0 to 2147483647.

System Name [ORIGINNODE]: The name of the managed system that the agent
is monitoring. Valid entries are simple alphanumeric text strings with a maximum
length of 64 characters.

Timestamp [TIMESTAMP] The date and time the agent collects information as set
on the monitored system.

Type [TYPE]: The type of file. Valid entries for this attribute are as follows:
Dir Directory
File File
Sock Socket
Link Link
Spec Special File

Network attributes [UNIXNET]

Use the Network attributes to monitor network characteristics, such as received
count, sent count, network interface name, and interface status. The Network
attribute group is a multiple-instance attribute group.

Note: The Received Count (frames) and Transmitted Count (frames) show the raw
frame counts for the interface. Frames and packets are not necessarily the
same thing. System administrators might define the interface so that
multiple frames are sent or received in a packet. The network report and the
network attributes display frame counts.

Avg Coll Rate 1 [AVCOL1]: The average number of collisions on all network
interfaces during the last minute. Valid entries are integers in the range 0 to
99999999. N/C (not collected) is displayed if the monitoring agent has been
running for less than one minute.

Avg Coll Rate 5 [AVCOL5]: The average number of collisions on all network
interfaces during the last five minutes. Valid entries are integers in the range 0 to
99999999. N/C (not collected) is displayed if the monitoring agent has been
running for less than five minutes.

26 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Avg Coll Rate 15 [AVCOL15]: The average number of collisions on all network
interfaces during the last 15 minutes. Valid entries are integers in the range 0 to
99999999. N/C (not collected) is displayed if the monitoring agent has been
running for less than 15 minutes.

Avg Coll Rate 60 [AVCOL60]: The average number of collisions on all network
interfaces during the 60 minutes. Valid entries are integers in the range 0 to
99999999. N/C (not collected) is displayed if the monitoring agent has been
running for less than 60 minutes.

Avg In Rate 1 [AVGINS1]: The average number of frames received on all network
interfaces during the last minute. Valid entries are integers in the range 0 to
99999999. N/C (not collected) is displayed if the monitoring agent has been
running for less than one minute.

Avg In Rate 5 [AVGINS5]: The average number of frames received on all network
interfaces during the last five minutes. Valid entries are integers in the range 0 to
99999999. N/C (not collected) is displayed if the monitoring agent has been
running for less than five minutes.

Avg In Rate 15 [AVGINS15]: The average number of frames received on all

network interfaces during the last 15 minutes. Valid entries are integers in the
range 0 to 99999999. N/C (not collected) is displayed if the monitoring agent has
been running for less than 15 minutes.

Avg In Rate 60 [AVGINS60]: The average number of frames received on all

network interfaces during the last 60 minutes. Valid entries are integers in the
range 0 to 99999999. N/C (not collected) is displayed if the monitoring agent has
been running for less than 60 minutes.

Avg InErr Rate 1 [AVGINERR1]: The average number of frames with errors that
were received on all network interfaces during the last minute. Valid entries are
integers in the range 0 to 99999999. N/C (not collected) is displayed if the
monitoring agent has been running for less than one minute.

Avg InErr Rate 5 [AVGINERR5]: The average number of frames with errors that
were received on all network interfaces during the last five minutes. Valid entries
are integers in the range 0 to 99999999. N/C (not collected) is displayed if the
monitoring agent has been running for less than five minutes.

Avg InErr Rate 15 [AVGINERR15]: The average number of frames with errors that
were received on all network interfaces during the last 15 minutes. Valid entries
are integers in the range 0 to 99999999. N/C (not collected) is displayed if the
monitoring agent has been running for less than 15 minutes.

Avg InErr Rate 60 [AVGINERR60]: The average number of frames with errors that
were received on all network interfaces during the last 60 minutes. Valid entries
are integers in the range 0 to 99999999. N/C (not collected) is displayed if the
monitoring agent has been running for less than 60 minutes.

Avg Out Rate 1 [AVGOUT1]: The average number of frames transmitted on all
network interfaces during the last minute. Valid entries are integers in the range 0
to 99999999. N/C (not collected) is displayed if the monitoring agent has been
running for less than one minute.

Chapter 5. Attributes reference 27

 Avg Out Rate 5 [AVGOUT5]: The average number of frames transmitted on all
network interfaces during the last five minutes. Valid entries are integers in the
range 0 to 99999999. N/C (not collected) is displayed if the monitoring agent has
been running for less than five minutes.

Avg Out Rate 15 [AVGOUT15]: The average number of frames transmitted on all
network interfaces during the last 15 minutes. Valid entries are integers in the
range 0 to 99999999. N/C (not collected) is displayed if the monitoring agent has
been running for less than 15 minutes.

Avg Out Rate 60 [AVGOUT60]: The average number of frames transmitted on all
network interfaces during the last 60 minutes. Valid entries are integers in the
range 0 to 99999999. N/C (not collected) is displayed if the monitoring agent has
been running for less than 60 minutes.

Avg OutErr Rate 1 [AVGOERR1]: The average number of frames with errors that
were transmitted on all network interfaces during the last minute. Valid entries are
integers in the range 0 to 99999999. N/C (not collected) is displayed if the
monitoring agent has been running for less than one minute.

Avg OutErr Rate 5 [AVGOERR5]: The average number of frames with errors that
were transmitted on all network interfaces during the last five minutes. Valid
entries are integers in the range 0 to 99999999. N/C (not collected) is displayed if
the monitoring agent has been running for less than five minutes.

Avg OutErr Rate 15 [AVGOERR15]: The average number of frames with errors
that were transmitted on all network interfaces during the last 15 minutes. Valid
entries are integers in the range 0 to 99999999. N/C (not collected) is displayed if
the monitoring agent has been running for less than 15 minutes.

Avg OutErr Rate 60 [AVGOERR60]: The average number of frames with errors
that were transmitted on all network interfaces during the last 60 minutes. Valid
entries are integers in the range 0 to 99999999. N/C (not collected) is displayed if
the monitoring agent has been running for less than 60 minutes.

Collisions [FCOLLSNS]: The number of times during the sampling period that a
frame transmitted by the network interface collided with another frame. This
occurs when another interface on the same local network transmits a frame at
nearly the same time. Valid entries are integers in the range 0 to 99999999. Use this
attribute to determine if a network interface has an unacceptable number of frame
collisions. Frame collisions cause the interface to retransmit the frame. With this
increased traffic, the likelihood of future collisions increases. This can result in a
steady increase of network traffic to critical levels.

Frames Received [FIFRAMES]: The number of frames received by the interface

during the sampling period. Valid entries are integers in the range 0 to 9999.

Frames Transmitted [FOFRAMES]: The number of frames transmitted by the

interface during the sampling period. Valid entries are integers in the range 0 to
99999999.

Input Errors [FIERRORS]: The number of frames with errors received by the
interface during the sampling period. Valid entries are integers in the range 0 to
99999999.

28 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Interface DNS Name [FDNSNAME]: The Dynamic Name Server (DNS) entry
associated with the IP address of the network interface. Valid entries are
alphanumeric strings with a maximum 32 characters.

Interface IP Address [FIPADDR]: The Internet Protocol (IP) address of the

network interface. A gateway computer has more than one interface, each with a
separate IP address. Valid entries are IP addresses in the form a.b.c.d. where a, b, c,
and d are integers in the range 0 to 255.

Interface Status [FSTATUS]: This attribute indicates if a network interface is

currently available. Valid entries for each Network interface are:
UP The interface is in service.
Down The interface is not in service.

Network Interface Name [FNAME]: Identifies the network interface adapter. Valid
entries are simple alphanumeric text strings, comprised of Interface Name, Unit
Number, where:
Interface Name
Is a two-character representation of the adapter, based on the hardware,
operating system, and installation procedure.
Unit Number
represents the physical adapter number installed in the system with a
typical range of 0-7.

For example, on an AIX system, typical network adapters are represented as

follows:
en Ethernet
lo Loopback
tr Token Ring
sl SLIP

Network Packet Collision Rate: The total number of packet collisions per minute
on all interfaces during a specified sampling period. Use this attribute to monitor
excessive packet collisions. Valid entries are 1, 5, 15, or 60. The default sample
period is 1 minute.

Network Packet Input Rate: The total number of packets received per minute on
all interfaces during a specified sampling period. Use this attribute to monitor
network activity. Valid entries are 1, 5, 15, or 60. The default sample period is 1
minute.

Network Packet Input Error Rate: The total number of input packet errors per
minute on all interfaces during a specified sampling period. Valid entries are 1, 5,
15, or 60. The default sample period is 1 minute.

Network Packet Output Rate: The total number of packets transmitted per minute
on all interfaces during a specified sampling period. Valid entries are 1, 5, 15, or
60. The default sample period is 1 minute.

Network Packet Output Error Rate: The total number of output packet errors per
minute on all interfaces during a specified sampling period. Valid entries are 1, 5,
15, or 60. The default sample period is 1 minute.

Chapter 5. Attributes reference 29

 Output Errors [FOERRORS]: The number of frame transmission errors by the
network interface during the monitoring interval. Valid entries are integers in the
range 0 to 99999999.

Received Count [FIBYTES]: The number of frames received since the network
interface was configured. Valid entries: numeric values in the range 0 to 99999999,
including use of the *AVG, *MAX, *MIN, or *SUM functions.

System Name [ORIGINNODE]: The host name of a monitored system. Valid

entries are simple alphanumeric text strings with a maximum length 64 characters.

Timestamp [TIMESTAMP]: The date and time the agent collects information as set
on the monitored system.

Transmission Unit Maximum [FMTU]: The maximum packet size (in bytes) for
the specified network interface. This is a fixed value. Valid entries are numeric
values in the range 0 to 99999999, including the use of *AVG, *MAX, *MIN, *SUM,
Count, and Value functions. Use this attribute to determine the minimum,
maximum, or average packet size used by a network interface. This information
can help you determine the size used by a network interface.

Transmitted Count [FOBYTES]: The average number of eight-bit packets

transmitted per second by an interface since boot time. Valid entries are numeric
values in the range 0 to 99999999, including the use of *AVG, *MAX, *MIN, *SUM,
Count, and Value functions. For example, a high value might indicate an
overloaded interface. A low value might indicate a device that is under-utilized
and can carry an additional load, if required.

NFS and RPC Statistics attributes [UNIXNFS]

Use the NFS / RPC Statistics attributes to monitor Network File System and
Remote Procedure Call rates and errors. These attributes fall into four subgroups:
NFS Client
Reports on calls from the managed system to NFS servers.
NFS Server
Reports on NFS calls to the managed system. The agent reports these calls
only when the managed system is an NFS server.
RPC Client
Report on calls from the managed system to RPC servers.
RPC Server
Reports on RPC calls to the managed system. The agent reports these calls
only when the managed system is an RPC server.

NFS / RPC Statistics attribute group is a single-instance attribute group. You can
mix these attributes with those of any other single-instance group.

NFS Client Calls [NCCALLS]: The number of calls made to a server during a
monitoring interval. Valid entries are integers in the range 0 to 99999999. Use this
attribute to show the amount of NFS traffic. If the value is high, it might mean that
a client is flooded with call requests.

NFS Client Calls Rejected [NCBAD]: The number of calls rejected by a server
during a monitoring interval. Valid entries are integers in the range 0 to 99999999.

30 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Use this attribute in conjunction with the NFS Client Calls attribute to determine
the proportion of calls rejected by the NFS server.

NFS Client File Creates [NCCREATE]: The number of File Creates calls made to a
server during the monitoring interval. Valid entries are integers in the range 0 to
99999999. Use this attribute with other Call-type attributes to analyze NFS traffic
and correct problems on your network.

NFS Client File System Statistics Calls [NCFSSTAT]: The number of file statistics
calls made within the monitoring interval. Valid entries are integers in the range 0
to 99999999. Use this attribute with other Call-type attributes to analyze NFS traffic
and correct problems on your network.

NFS Client Get Attribute Calls [NCGETATT]: The number of calls made to
determine what type of file is being called. For example, a text file or an executable
file. Valid entries are integers in the range 0 to 99999999. Use this attribute with
other Call-type attributes to analyze NFS traffic and correct problems on your
network.

NFS Client Link Calls [NCLINK]: The number of hard link reports made by a
server during a predefined time interval. Valid entries are integers in the range 0 to
99999999. Use this attribute with other Call-type attributes to analyze NFS traffic
and correct problems on your network.

NFS Client Lookups [NCLOOKUP]: The number of Lookups requests made by an

NFS server during the monitoring interval. Valid entries are integers in the range 0
to 99999999. Use this attribute to determine the number of Make Directory requests
handled by an NFS server during the monitoring interval.

NFS Client Make Directory Calls [NCMKDIR]: The number of calls made to a
server during a monitoring interval. Valid entries are integers in the range 0 to
99999999. Use this attribute with other Call-type attributes to analyze NFS traffic
and correct problems on your network.

NFS Client Null Calls [NCNULL]: The number of calls generated for checking
connectivity to a server. Valid entries are integers in the range 0 to 99999999. Use
this attribute with other Call-type attributes to analyze NFS traffic and correct
problems on your network.

NFS Client Read Calls [NCREAD]: The number of Read Directory calls read by a
server during a monitored interval. Valid entries are integers in the range 0 to
99999999. Use this attribute to determine how many call requests to read a file
were received by an NFS server over a period of time.

NFS Client Read Directory Calls [NCRDDIR]: The number of Read Directory
calls made to a server during a monitoring interval. Valid entries are integers in
the range 0 to 99999999. Use this attribute with other Call-type attributes to
analyze NFS traffic and correct problems on your network.

NFS Client Read Link Calls [NCRDLINK]: The number of calls received by an
NFS server to read a linked file during the monitoring interval. Valid entries are
integers in the range 0 to 99999999. Use this attribute to determine how many
link-call requests an NFS server received over a period of time.

NFS Client Rejected Call Percentage [NCPERC]: The percentage of NFS calls
rejected by a server during a monitoring interval. Valid entries are integers in the

Chapter 5. Attributes reference 31

 range 0 to 100. Use this attribute to monitor unacceptable rates of NFS call
rejection and to determine whether the server or a particular client is causing
network problems. If the server is experiencing problems, all calls are rejected. If a
client is experiencing problems, only calls from the client are rejected.

The rejection percentage might increase dramatically after reaching a critical

threshold because rejections require retransmission.

NFS Client Remove Directory Calls [NCRMDIR]: The number of Remove

Directory calls made to a server during a monitoring interval. Valid entries are
integers in the range 0 to 99999999. Use this attribute with other Call-type
attributes to analyze NFS traffic and correct problems on your network.

NFS Client Remove File Calls [NCREMOVE]: The number of Remove File calls
made to a server during a monitoring interval. Valid entries are integers in the
range 0 to 99999999. Use this attribute with other Call-type attributes to analyze
NFS traffic and correct problems on your network.

NFS Client Rename File Calls [NCRENAME]: The number of Rename File calls
made to a server during a monitoring interval. Valid entries are integers in the
range 0 to 99999999. Use this attribute with other Call-type attributes to analyze
NFS traffic and correct problems on your network.

NFS Client root Calls [NCROOT]: The number of NFS calls made to the server by
the root during a monitoring interval. Valid entries are integers in the range 0 to
99999999. Use this attribute to determine the number of calls made by the root
(superaccount) account versus calls made by all users.

NFS Client Set Attribute Calls [NCSETATT]: The number of NFS calls made to
set the attributes of a file during a monitoring interval. Valid entries are integers in
the range 0 to 99999999. Use this attribute with other Call-type attributes to
analyze NFS traffic and correct problems on your network.

NFS Client Symbolic Link Calls [NCSYMLINK]: The number of Symbolic Link
calls made to a server during a monitoring interval. Valid entries are integers in
the range 0 to 99999999. Use this attribute with other Call-type attributes to
analyze NFS traffic and correct problems on your network.

NFS Client Write Cache Calls [NCWRCACH]: The number of write cache calls
made to a server during a monitoring interval. Valid entries are integers in the
range 0 to 99999999. Use this attribute with other Call-type attributes to analyze
NFS traffic and correct problems on your network.

NFS Client Writes [NCWRITE]: The number of Writes calls made to a server
during a monitoring interval. Valid entries are integers in the range 0 to 99999999.
Use this attribute to determine how many write requests an NFS server received
over a pre-specified period of time.

NFS Server Calls [NSCALLS]: The number of made from an NFS server during a
monitoring interval. Valid entries are integers in the range 0 to 99999999. Use this
attribute to show the amount of NFS traffic. If the value is high, it might mean a
server is flooded with call requests.

NFS Server Calls_Rejected [NSBAD]: The number of calls rejected by a server

during a monitoring interval. Valid entries are integers in the range 0 to 99999999.

32 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Use this attribute in conjunction with the NFS Server Calls attribute to determine
the proportion of calls rejected by the NFS server.

NFS Server File Creates [NSCREATE]: The number of File Creates calls made to a
server during the monitoring interval. Valid entries are integers in the range 0 to
99999999. Use this attribute with other Call-type attributes to analyze NFS traffic
and correct problems on your network.

NFS Server File System Statistics Calls [NSFSSTAT]: The number of file statistics
calls made within the monitoring interval. Valid entries are integers in the range 0
to 99999999. Use this attribute with other Call-type attributes to analyze NFS traffic
and correct problems on your network.

NFS Server Get Attribute Calls [NSGETATT]: The number of calls made to
determine what type of file is being called, such as a text file or an executable file.
Valid entries are integers in the range 0 to 99999999. Use this attribute with other
Call-type attributes to analyze NFS traffic and correct problems on your network.

NFS Server Link Calls [NSLINK]: The number of hard link reports made by a
server during a predefined time interval. Valid entries are integers in the range 0 to
99999999. Use this attribute with other Call-type attributes to analyze NFS traffic
and correct problems on your network.

NFS Server Lookups [NSLOOKUP]: The number of Lookups requests made by an

NFS server during a monitoring interval. Valid entries are integers in the range 0
to 99999999. Use this attribute to determine the number of Lookups requests
handled by an NFS server during the monitoring interval.

NFS Server Make Directory Calls [NSMKDIR]: The number of Make Directory
calls made to a server during a monitoring interval. Valid entries are integers in
the range 0 to 99999999. Use this attribute with other Call-type attributes to
analyze NFS traffic and correct problems on your network.

NFS Server Null Calls [NSNULL]: The number of calls generated for checking
connectivity to a server. Valid entries are integers in the range 0 to 99999999. Use
this attribute with other Call-type attributes to analyze NFS traffic and correct
problems on your network.

NFS Server Read Calls [NSREAD]: The number of Read Directory calls read by a
server during a monitored interval. Valid entries are integers in the range 0 to
99999999. Use this attribute to determine how many call requests to read a file
were received by an NFS server over a period of time.

NFS Server Read Directory Calls [NSRDDIR]: The number of Read Directory
calls made to a server during a monitoring interval. Valid entries are integers in
the range 0 to 99999999. Use this attribute with other Call-type attributes to
analyze NFS traffic and correct problems on your network.

NFS Server Read Link Calls [NSRDLINK]: The number of calls received by an
NFS server to read a linked file during the monitoring interval. Valid entries are
integers in the range 0 to 99999999. Use this attribute to determine how many
link-call requests an NFS server received over a period of time.

NFS Server Rejected Call Percentage [NSPERC]: The percentage of NFS calls
rejected by a server during a monitoring interval. Valid entries are integers in the
range 0 to 100. Use this attribute to monitor unacceptable rates of NFS call

Chapter 5. Attributes reference 33

 rejection and to determine whether the server or a particular client is causing
network problems. If the server is experiencing problems, all calls are rejected. If a
client is experiencing problems, its calls are also rejected. The rejection percentage
might increase dramatically after reaching a critical threshold because rejections
require retransmission.

NFS Server Remove Directory Calls [NSRMDIR]: The number of Remove

Directory calls made to a server during a monitoring interval. Valid entries are
integers in the range 0 to 99999999. Use this attribute with other Call-type
attributes to analyze NFS traffic and correct problems on your network.

NFS Server Remove File Calls [NSREMOVE]: The number of Remove File calls
made to a server during a monitoring interval. Valid entries are integers in the
range 0 to 99999999. Use this attribute with other Call-type attributes to analyze
NFS traffic and correct problems on your network.

NFS Server Rename File Calls [NSRENAME]: The number of Rename File calls
made to a server during a monitoring interval. Valid entries are integers in the
range 0 to 99999999. Use this attribute with other Call-type attributes to analyze
NFS traffic and correct problems on your network.

NFS Server root Calls [NSROOT]: The number of NFS calls made to server root
during a monitoring interval. Valid entries are integers in the range 0 to 99999999.
Use this attribute to determine the number of calls made by the root (superuser)
account versus calls made by all users.

NFS Server Set Attribute Calls [NSSETATT]: The number of NFS calls made to
set the attributes of a file during a monitoring interval. Valid entries are integers in
the range 0 to 9999. Use this attribute with other Call-type attributes to analyze
NFS traffic and correct problems on your network.

NFS Server Symbolic Link Calls [NSSYMLNK]: The number of Symbolic Link
calls made to a server during a monitoring interval. Valid entries are integers in
the range 0 to 99999999. Use this attribute with other Call-type attributes to
analyze NFS traffic and correct problems on your network.

NFS Server Write Cache Calls [NSWRCACH]: The number of Write Cache calls
made to a server during a monitoring interval. Valid entries are integers in the
range 0 to 99999999. Use this attribute with other Call-type attributes to analyze
NFS traffic and correct problems on your network.

NFS Server Writes [NSWRITE]: The number of Writes calls made to a server
during a monitoring interval. Valid entries are integes in the range 0 to 99999999.
Use this attribute to determine how many write requests an NFS server received
over a specified period of time.

RPC Client Calls Rejected by Server [RCBAD]: The number of calls made by a
client to a server that the server rejected during a monitoring interval. Valid entries
are integers in the range 0 to 99999999. Use this attribute in conjunction with the
Calls attribute to determine the proportion of calls rejected by the RPC server. If
the value is high, it might mean that there is excessive noise on the network,
which causes bad datagrams to occur, or a server might be flooded with call
requests.

RPC Client Calls Retransmitted [RCRETRAN]: The number of RPC packets

retransmitted to an RPC server during a monitoring interval. Valid entries are

34 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

integers in the range 0 to 99999999. Use this attribute to determine if a large
number of calls are being retransmitted. If this is the case, your server might be
overworked, or there might be a network problem.

RPC Client Calls Timed Out [RCTIMOUT]: The number of times an RPC call
from the managed system timed out before the RPC server replied. Valid entries
are integers in the range 0 to 99999999. Use this attribute to determine if the server
is failing to acknowledge calls that are received. If the server is overworked, you
might need to reroute network traffic.

RPC Client Replies Not Matching Calls [RCBADXID]: The number of times the
managed system received replies from an RPC server that did not match calls.
Valid entries are integers in the range 0 to 99999999. Use this attribute to determine
if a reply or acknowledgment from the server matches a request made by a client.
A failure to match the request might mean that there is noise on the network.

RPC Client Times Authentication Refreshed [RCAREF]: The number of times the
managed system had to resend the authentication information for an RPC call
during the monitoring interval. Valid entries are integers in the range 0 to
99999999. Use this attribute to count the number of times an authorization is
refreshed. This attribute helps you verify client authorization for making a request
by periodically requesting an electronic handshake from the client.

RPC Client Times Call Wait On Busy [RCWAIT]: The number of times the initial
bind for an RPC call from the managed system had to wait because of a busy
server. Valid entries are integers in the range 0 to 99999999. Use this attribute to
show the amount of NFS traffic. When a client sends a call request to a server, it
gives the server a certain amount of time to respond before resending the call. The
amount of time varies from system to system. If the Times Call Wait On Busy
value is high, it might indicate that the server is overworked. You might want to
reroute call requests to another server.

RPC Server Calls Rejected [RSBAD]: The number of RPC calls from the managed
system that were rejected by a server during a monitoring interval. Valid entries
are integers in the range 0 to 99999999. Use this attribute to determine if the server
is rejecting a large number of calls. If only a few calls are being rejected, it might
be a client-specific problem. If many calls are being rejected, it might be a problem
with your server.

RPC Server Packets Too Short [RSBADLEN]: The number of incomplete RPC
packets that were too short in length that were received by a server during a
monitoring interval. Valid entries are integers in the range 0 to 99999999. Use this
attribute to determine if the server is having problems processing packet data. If
the packet size does not match the size stated in the packet header, there might be
noise on the system.

RPC Server Packets with Malformed Header [RSBADHDR]: The number of RPC
packets that had malformed headers and were received by the server during a
monitoring interval. Valid entries are integers in the range 0 to 99999999. Use this
attribute to determine if there is noise on the system. The server cannot validate a
packet or where it came from if, because of a malformed header, it cannot
acknowledge the sender. This decreases the efficiency of the network. Try checking
server connections. Another cause might include extraneous network noise.

Chapter 5. Attributes reference 35

 RPC Server Times RPC Packet Unavailable [RSNULL]: The number of time a
server attempted to receive a packet when none was available during a monitoring
interval. Valid entries are integers in the range 0 to 99999999.

System Name [ORIGINNODE]: The name of the RPC system you are monitoring.
Valid entries are simple alphanumeric text strings with a maximum length 64
characters.

Timestamp [TIMESTAMP]: The date and time the agent collects information as set
on the monitored system.

Process attributes [UNIXPS]

Use the Process attributes to monitor process operations, such as command issued,
CPU utilization, real memory usage, and execution state. The Process group is a
multiple-instance attribute group.

Child User CPU Time [CHILDUTIME]: The time spent in user mode by the child
of this process. Valid entries are numeric time strings with a format of
DDDdHH:MM:SS, where:
DDD Days to a maximum of 999
HH Hours
MM Minute
SS Second

For example, to express 45 days, 1 hour, 5 minutes, and 30 seconds, enter

045d01:05:30

Child System CPU Time [CHILDSTIME]: The time spent in system and user
mode by the child of this process. Valid entries are numeric time strings with a
format of DDDdHH:MM:SS, where:
DDD Days to a maximum of 999
HH Hours
MM Minute
SS Second

For example, to express 45 days, 1 hour, 5 minutes, and 30 seconds, enter

045d01:05:30

Command [CMD]: The command that initiated a process. Valid entries are simple
alphanumeric text strings with a maximum length of 32 characters. Use this
attribute to determine which command initiated a process.

Command (Unicode) [UCMD]: The command that initiated a process. Valid entries
are simple alphanumeric text strings with a maximum length of 96 bytes. Use this
attribute to determine which command initiated a process. This attribute is
globalized.

For AIX and Solaris: Context Switch [CONTSWITCH]: The number of CPU
context switches for this process. A context switch occurs when a process
voluntarily gives up the processor before its time slice was completed. This usually
occurs while the process waits for a resource. Valid entries are numeric values in

36 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

the range 0 to 99999999, including the use of *AVG, *MAX, *MIN, *SUM, Count,
and Value functions. Use this attribute to monitor for context switches. Excessive
context switches might indicate too many waits for resources.

For AIX and HP-UX: CPU ID [CPUID]: The ID of the processor on which the
process is running. Valid entries are integers in the range 0 to 999. Use this
attribute to determine the processor on which a process is running.

CPU Pct [CPUPERCENT]: The percentage of CPU used by this process. Valid
entries are numeric values in the range 0 to 10000 to two decimal places, including
the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions. Use this
attribute to determine which processes are using the most CPU time. High CPU
percent might indicate a runaway or long running process.

CPU Time [CPUTIME]: The time the CPU has been utilized. Valid entries are
integers in the range 0 to 999999.

CPU Utilization [CPU]: The numerical value indicating the relative CPU intensity
of a process. The CPU Utilization attribute represents the number of times a
process uses the CPU over a period of 20 system clock ticks. The system decays
this value after each 20 clock-tick period by dividing the number by 2. The system
uses the CPU Utilization attribute to determine process priority. Large values
indicate a CPU intensive process and result in lower process priority. Small values
indicate an I/O intensive process and result in a more favorable priority. Valid
entries are numeric values in the range 0 to 9999, including the use of *AVG,
*MAX, *MIN, *SUM, Count, and Value functions. Use this attribute to check a
process if you suspect it is using the CPU so much that the CPU is not available to
anything else. This can cause network response time to be sluggish.

Effective Group ID [EGID]: The effective group ID. Valid entries are integers in
the range 0 to 999999. Use this attribute to determine the effective group ID for this
process.

Effective User ID [EUID]: The effective user ID. Valid entries are integers in the
range 0 to 999999. Use this attribute to determine the effective user ID for this
process. Available on all platforms

Elapsed Time [ELAPTIME]: The elapsed time for the process. Valid entries are
numeric time strings with a format of DDDdHH:MM:SS, where:
DDD Days to a maximum of 999
HH Hours
MM Minute
SS Second

For example, to express 45 days, 1 hour, 5 minutes, and 30 seconds, enter

045d01:05:30

Entry Address [ADDR]: The virtual memory address of a process. This address
corresponds to the segment number of the process stack. Valid entries are
hexadecimal strings with a maximum string length of 8. Check with you local
System Administrator for information on how to use this attribute.

Note: On 64-bit systems, only the low-order part of the address is used.

Chapter 5. Attributes reference 37

 Event Waited On [EVENT]: The memory address of an event, if any, on which a
process is waiting. A process must have this information before it can run. Valid
entries are simple text strings or hexadecimal values, depending on the operating
system with a maximum string length of 8. This information is specific to your
particular network.

Execution State [EXECSTATE]: The execution state of a process. Valid entries

include the following codes to indicate the execution state:
0 Non-existent
A Active
I Intermediate
O Running
R Runnable
S Sleeping
T Stopped
W Waiting
X Growing
Z Zombie

Flag [FLAG]: The hexadecimal value associated with a process. Valid entries are
hexadecimal values with a maximum string length of 8. The meaning of a flag
depends upon the type of UNIX system you are monitoring.

Note: The Flag field of the UNIX Process report contains hexadecimal and additive
flags. These flags are available for historical purposes only and contain no
information regarding the current status of your monitored process. These
fields are not relevant on Solaris systems. For additional information about
the Flag field, refer to the man pages for your operating system.

For Solaris: Heap Size [HEAP]: The size of the heap for this process expressed in
KB. Valid entries are numeric values in the range 0 to 99999999, including the use
of *AVG, *MAX, *MIN, *SUM, Count, and Value functions. Use this attribute to
determine the heap size for a process. Excessive heap size might indicate a
memory leak.

For AIX and Solaris: Involuntary Context Switch [INVCONTSWT]: The number
of involuntary context switches for the process. An involuntary context switch
occurs when a higher priority process ran or because the current process exceeded
its time slice. Valid entries are numeric values in the range 0 to 9999, including the
use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions. Use this attribute to
monitor for involuntary context switches. Excessive involuntary context switches
might indicate function problems in a process.

Major Fault [MAJORFAULT]: The number of major faults requested by this

process. A major fault requires disk access. Valid entries are numeric values in the
range 0 to 99999999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and
Value functions. Use this attribute to monitor for major faults. An excessive
number of major faults might indicate memory shortage.

Mem Pct [MEMPERCENT]: The percentage of system memory used by this

process. Valid entries are numeric values in the range 0 to 10000 to two decimal

38 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

places, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions. Use this attribute to monitor memory usage by a process. Processes with
high memory usage lead to memory shortage and cause system performance
problems.

Minor Fault [MINORFAULT]: The number of minor faults per second for this
process. A minor fault is caused when pages that are faulted are located in
memory, usually on the inactive list for the entire system. Valid entries are numeric
values in the range 0 to 99999999, including the use of *AVG, *MAX, *MIN, *SUM,
Count, and Value functions.

Nice Value [NICE]: The requested execution priority of a process in relation to

other processes. The higher the nice value, the lower the priority of the command.
The nice value added to the minimum user process priority level equals the
priority of the process. Valid entries are integers in the range 0 to 99. The range of
nice values varies among UNIX systems. Check with your local system
administrator for information about the range of nice values for your operating
system.

Parent Process ID [PPID]: The unique numerical identifier of a process. The

process that invoked the forked system call is the parent process, and the newly
created process is the child process. Every process has one parent process, but a
process can have several children. Valid entries are integers in the range 0 to
999999. Use this attribute to determine the PPID for this process.

Priority [PRIORITY]: The current execution priority value. Valid entries are
integers in the range 0 to 999. The priority equals the nice value of the process plus
the minimum priority value assigned to all user processes. The higher the priority
value, the lower the priority of the command.

Process Command [COMMAND]: A command string including the arguments up

to 100 characters in length. Valid entries are simple text stings with a maximum
100 characters. Use this attribute to determine the command that started this
process.

Process Command (Unicode) [UCOMMAND]: A command string including the

arguments up to 768 bytes. Valid entries are simple text stings with a maximum
100 bytes. Use this attribute to determine the command that started this process.
This attribute is globalized.

Process Group Leader ID [PGID]: The process group leader PID. Valid entries are
integers in the range 0 to 999999. Use this attribute to determine the process group
leader ID for this process.

Process ID [PID]: The numerical process ID assigned to a process. Valid entries are
integers in the range 0 to 999999. Use this attribute to determine the process ID for
this process. Process ID values vary from system to system.

Read/Write [READWRITE]: The number of read and write characters by this

process. Valid entries are numeric values in the range 0 to 99999999, including the
use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions. Use this attribute to
determine the number of read and write characters completed by this process.

For AIX and Solaris: Real Group ID [GID]: The real group ID for this process.
Valid entries are integers in the range 0 to 999999. Use this attribute to determine
the real group ID for this process.

Chapter 5. Attributes reference 39

 For Solaris: Scheduling Class [SCHEDCLASS]: The scheduling class for this
process. Valid entries are simple text stings with a maximum 8 characters. Use this
attribute to determine the scheduling class of this process.

Session ID [SESSIONID]: The real session ID for this process. Valid entries are
integers in the range 0 to 999999.

Size [SIZE]: The resident set size of the process in KB. Valid entries are numeric
values in the range 0 to 99999, including the use of *AVG, *MAX, *MIN, *SUM,
Count, and Value functions. Use this attribute to determine which processes are
using too much memory. Excessive resident set size might lead to memory
shortage and cause system performance problems.

Stack Size [STACK]: The size of the stack for this process. Valid entries are
integers in the range 0 to 99999999. Use this attribute to determine which processes
are using too much stack size.

StartTime [STARTTIME] The time when the process was started.

System CPU Time: The system time spent executing this process. Valid entries are
numeric time strings with a format of DDDdHH:MM:SS, where:
DDD Days to a maximum of 999
HH Hours
MM Minute
SS Second

For example, to express 45 days, 1 hour, 5 minutes, and 30 seconds, enter

045d01:05:30

System Name [ORIGINNODE]: The host name of a monitored system. Valid

entries are simple alphanumeric text strings with a maximum length 64 characters.

Terminal Device [TTY]: The name of the terminal device that started a process.
Valid entries are simple text strings with a maximum 8 characters. Terminal names
vary from system to system. Check with your local system administrator for a
complete list of all terminals in your system.

For AIX and Solaris: Thread Count [THREADCNT]: The total number of threads
for the process. Valid entries are numeric values in the range 0 to 99999999,
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Time [TIME]: The total amount of CPU time that a process has consumed. A large
value might indicate a runaway or long-running process. Valid entries are numeric
time strings with a format of MMMMM:SS, where:
MMMMM
Minute
SS Second

Timestamp [TIMESTAMP]: The date and time the agent collects information as set
on the monitored system.

40 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Total Child CPU Time [CHILDTIME]: The sum of the CPU time of child
processes (user plus system) spent running the process. Valid entries are numeric
time strings with a format of DDDdHH:MM:SS, where:
DDD Days to a maximum of 999
HH Hours
MM Minute
SS Second

For example, to express 45 days, 1 hour, 5 minutes, and 30 seconds, enter

045d01:05:30

Total CPU Percent [TOTCPUPERC]: The percentage of CPU used since the process
was started. Valid entries are numeric values in the range 0 to 10000 to two
decimal places, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions. Use this attribute to identify which processes are using the most CPU
time. Excessive total CPU percent might indicate a runaway or long running
process.

Total CPU Time [TOTALTIME]: The total CPU time (user plus system) spent on
the process. Valid entries are numeric time strings with a format of
DDDdHH:MM:SS, where:
DDD Days to a maximum of 999
HH Hours
MM Minute
SS Second

For example, to express 45 days, 1 hour, 5 minutes, and 30 seconds, enter

045d01:05:30

User CPU Time [USERTIME]: The user CPU time spent running the process. Valid
entries are numeric time strings with a format of DDDdHH:MM:SS, where:
DDD Days to a maximum of 999
HH Hours
MM Minute
SS Second

User ID [UID]: The numerical user ID of the owner of a process. Valid entries are
integers in the range 0-999999. Use this attribute to identify the owner of a process.

User Name [USERNAME]: The login name of the user based on the UID. Valid
entries are simple text stings with a maximum of 32 characters. Use this attribute
to identify the owner of a process.

User Name (Unicode) [UUSERNAME]: The login name of the user based on the
UID. Valid entries are simple text stings with a maximum of 96 bytes. Use this
attribute to identify the owner of a process. This attribute is globalized.

Virtual Size [VSIZE]: The size of the virtual memory used by this process, in KB.
Valid entries are numeric values in the range 0 to 9999999, including the use of
*AVG, *MAX, *MIN, *SUM, Count, and Value functions. Use this attribute to

Chapter 5. Attributes reference 41

 determine the size of the virtual memory used by a process. Excessive virtual
memory size might indicate a memory leak.

Wait CPU Time [WAITCPUTIM]: The time spent waiting for the CPU. Valid
entries are numeric time strings with a format of DDDdHH:MM:SS, where:
DDD Days to a maximum of 999
HH Hours
MM Minute
SS Second

For example, to express 45 days, 1 hour, 5 minutes, and 30 seconds, enter

045d01:05:30

Wait Lock Time [WAITLTIME]: The time spent waiting for locks to release. Valid
entries are numeric time strings with a format of DDDdHH:MM:SS, where:
DDD Days to a maximum of 999
HH Hours
MM Minute
SS Second

For example, to express 45 days, 1 hour, 5 minutes, and 30 seconds, enter

045d01:05:30

SMP CPU attributes [UNIXCPU]

Use the SMP CPU attributes to monitor multiprocessor characteristics such as
cross-calls, thread migrations, and system calls. The SMP CPU attribute is a
multiple-instance group.

Avg CPU Busy 1 [AVCPUBIZ1]: The average CPU busy time during the last
minute. Valid entries are integers in the range 0 to 99999999.

Avg CPU Busy 5 [AVCPUBIZ5]: The average CPU busy time during the last five
minutes. Valid entries are integers in the range 0 to 99999999.

Avg CPU Busy 15 [AVCPUBIZ15]: The average CPU busy time during the last 15
minutes. Valid entries are integers in the range 0 to 99999999.

Avg CPU Busy 60 [AVCPUBIZ60]: The average CPU busy time during the last 60
minutes. Valid entries are integers in the range 0 to 99999999.

Avg CPU Sys 1 [AVCPUSYS1]: The average CPU system time during the last
minute. Valid entries are integers in the range 0 to 99999999.

Avg CPU Sys 5 [AVCPUSYS5]: The average CPU system time during the last five
minutes. Valid entries are integers in the range 0 to 99999999.

Avg CPU Sys 15 [AVCPUSYS15]: The average CPU system time during the last 15
minutes. Valid entries are integers in the range 0 to 99999999.

Avg CPU Sys 60 [AVCPUSYS60]: The average CPU system time during the last 60
minutes. Valid entries are integers in the range 0 to 99999999.

42 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Avg CPU Usr 1 [AVCPUUSR1]: The average user CPU time during the last
minute. Valid entries are integers in the range 0 to 99999999.

Avg CPU Usr 5 [AVCPUUSR5]: The average user CPU time during the last five
minutes. Valid entries are integers in the range 0 to 99999999.

Avg CPU Usr 15 [AVCPUUSR15]: The average user CPU time during the last 15
minutes. Valid entries are integers in the range 0 to 99999999.

Avg CPU Usr 60 [AVCPUUSR60]: The average user CPU time during the last 60
minutes. Valid entries are integers in the range 0 to 99999999.

For Solaris: Context Switches [CSW]: CPU context switches rate per second
during the sampling interval. Valid entries are integers in the range 0 to 999999,
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions. Use
this attribute to determine system workload or per processor workload of the SMP
system.

CPU Busy [CPUBUSY]: The sum of the System CPU and User CPU attributes in
percent. Valid entries are numeric values in the range 0 to 100, including the use of
*AVG, *MAX, *MIN, *SUM, Count, and Value situation editor functions. Use this
attribute to determine system workload or per processor workload of the SMP
system.

CPU ID [CPUID]: The processor ID. Valid entries are integers in the range 0 to
999. Use this attribute to determine the processor ID. In an SMP computer with
more than one processor, the CPU report shows CPU ID as aggregate on the first
row. This means the data row return aggregated CPU statistics.

CPU Status [CPUSTAT]: The current status of the processor. Valid entries are as
follows:
0 offline
1 online

CPU Time [CPUUVS]: The time that the CPU has been utilized. Valid entries are
integers.

For Solaris: Cross Calls [XCALLS]: Interprocessor cross-calls rate per second
during the sampling period. Valid entries are in the range 0 to 999999, including
the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions. Use this
attribute to determine the interprocessor cross reference call rate of the system or
per processor of the SMP system.

Idle CPU [IDLECPU]: Percentage of idle CPU time during the sampling period.
Valid entries are numeric values in the range 0 to 100, including the use of *AVG,
*MAX, *MIN, *SUM, Count, and Value functions. Use this attribute to determine
how efficiently the entire system or each processor of the SMP system is operating.
The Idle CPU value should be low if the system load is heavy and high if the
system load is light. If the system load is heavy and the Idle CPU value is high, an
I/O problem might exist. If the Idle CPU value is small or zero and the User
percentage is larger (greater than 30 percent), the system might be compute-bound
or in a loop.

For Solaris: Interrupts [INTRRUPT]: Interrupts rate per second over the sampling
interval. Valid entries are numeric values in the range 0 to 999999, including the

Chapter 5. Attributes reference 43

 use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions. Use this attribute to
determine the devices interrupts rate of the system or of each processor of the SMP
system.

For Solaris: Interrupts As Threads [INTRTHRD]: Interrupts as thread (not

counting interrupts) rate per second during the sampling period. Valid entries are
numeric values in the range 0 to 999999, including the use of *AVG, *MAX, *MIN,
*SUM, Count, and Value functions. Use this attribute to determine the rate of
interrupts as threads (below block) of the system or of each processor of the SMP
system.

For Solaris: Involuntary Context Switches [ICSW]: Involuntary context switches

rate per second during the sampling period. Valid entries are numeric values in the
range 0 to 999999. Use this attribute to determine the Involuntary context switches
rate of the system or of each processor of the SMP system.

For Solaris: Major Faults [MAJF]: Major faults rate per second during the
sampling period. Valid entries are numeric values in the range 0 to 999999,
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions. Use
this attribute to determine the rate of page faults that need disk access of the
system or of each processor of the SMP system.

For Solaris: Minor Faults [MINF]: Minor faults rate per second during the
sampling period. Valid entries are numeric values in the range 0 to 999999,
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions. Use
this attribute to determine the rate of page faults where the pages faulted is
located in memory, usually on the inactive list for the entire system or for each
processor of the SMP system.

For Solaris: Spins On Mutexes [SMTX]: Spins on mutexes (locks not acquired on
try) rate per second during the sampling period. Valid entries are numeric values
in the range 0 to 999999, including the use of *AVG, *MAX, *MIN, *SUM, Count,
and Value functions. Use this attribute to determine the spins on mutexes rate of
the system or of each processor of the SMP system.

For Solaris: Spins On RW Locks [SRWLOCKS]: Spins on read/write locks (locks

not acquired on first try) rate per second during the sampling period. Valid entries
are numeric values in the range 0 to 999999, including the use of *AVG, *MAX,
*MIN, *SUM, Count, and Value functions. Use this attribute to determine the spins
on read write locks rate of the system or of each processor of the SMP system.

For Solaris: System Calls [SYSCALL]: System calls rate per second during the
sampling period. Valid entries are numeric values in the range 0 to 999999,
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions. Use
this attribute to determine the system calls rate of the system or of each processor
of the SMP system.

System CPU [SYSCPU]: Percent of system CPU time during the sampling period.
Valid entries are numeric values in the range 0 to 100, including the use of *AVG,
*MAX, *MIN, *SUM, Count, and Value functions. Use this attribute to determine
the percentage of system or per processor CPU time devoted to running UNIX
system kernel code. System CPU time includes time spent running system calls
and performing administrative functions.

System Name [ORIGINNODE]: Name of the host system. Valid entries are simple
alphanumeric text strings with a maximum length 64 characters.

44 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 For Solaris: Thread Migrations [THRDMIGR]: Thread migrations to another
processor rate per second during the sampling period. Valid entries are numeric
values in the range 0 to 999999, including the use of *AVG, *MAX, *MIN, *SUM,
Count, and Value functions. Use this attribute to determine the rate of thread
migrations to another processor of the system or of each processor of the SMP
system.

Timestamp [TIMESTAMP]: The date and time the agent collects information as set
on the monitored system.

User CPU [USRCPU]: Percent of user CPU time during the sampling period. Valid
entries are numeric values in the range 0 to 100, including the use of *AVG, *MAX,
*MIN, *SUM, Count, and Value functions. Use this attribute to determine the
percentage of system or per processor CPU time devoted to user processes. User
CPU time includes time spent executing both user program and library functions.
It does not include CPU time spent executing system calls. The ratio between user
and system CPU time varies, depending on the kinds of programs that are
running. If user CPU is extremely high and adversely affecting system
performance, you might want to determine which user programs are preventing
the CPU from functioning at its normal speed.

Wait I/O [WAITIO]: Percent of wait I/O CPU time during the sampling period.
Valid entries are numeric values in the range 0 to 100, including the use of *AVG,
*MAX, *MIN, *SUM, Count, and Value functions. Use the Wait I/O attribute to
indicate how effectively the system or a processor is using disks.

System attributes [UNIXOS]

Use the System attributes to monitor system characteristics, such as the amount of
available virtual memory, idle CPU percentage, the number of non-block device
reads, and load averages. The System group is a multiple-instance attribute group.

Active Virtual Memory [VMFREESWAP]: The amount of virtual memory, in KB,

that is currently in use by the system. Valid entries are numeric values in the range
0 to 99999999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions.

Available Swap Space: The amount of swap space, in megabytes, that each
subscriber is using. Swap space is usually a disk partition on which page-outs are
written. Valid entries are integers in the range ???

Avg PageIns 1 [AVPGINS1]: The average rate of pages that were paged in from
disk to system memory during the last minute. Valid entries are integers in the
range 0 to 99999999.

Avg PageIns 5 [AVPGINS5]: The average rate of pages that were paged in from
disk to system memory during the last five minutes. Valid entries are integers in
the range 0 to 99999999.

Avg PageIns 15 [AVPGINS15]: The average rate of pages that were paged in from
disk to system memory during the last 15 minutes. Valid entries are integers in the
range 0 to 99999999.

Avg PageIns 60 [AVPGINS60]: The average rate of pages that were paged in from
disk to system memory during the last 60 minutes. Valid entries are integers in the
range 0 to 99999999.

Chapter 5. Attributes reference 45

 Avg PageOut 1 [AVPGOUT1]: The average rate of page-out requests during the
last minute. Valid entries are integers in the range 0 to 99999999.

Avg PageOut 5 [AVPGOUT5]: The average rate of page-out requests during the
five minutes. Valid entries are integers in the range 0 to 99999999.

Avg PageOut 15 [AVPGOUT15]: The average rate of page-out requests during the
last 15 minutes. Valid entries are integers in the range 0 to 99999999.

Avg PageOut 60 Min [AVPGOUT60]: The average rate of page-out requests

during the last 60 minutes. Valid entries are integers in the range 0 to 99999999.

Avg PageScan 1 [AVPGSCAN1]: The average rate of pages examined during the
last minute. Valid entries are integers in the range 0 to 99999999.

Avg PageScan 5 [AVPGSCAN5]: The average rate of pages examined during the
last five minutes. Valid entries are integers in the range 0 to 99999999.

Avg PageScan 15 [AVPGSCAN15]: The average rate of pages examined during the
last 15 minutes. Valid entries are integers in the range 0 to 99999999.

Avg PageScan 60 [AVPGSCAN60]: The average rate of pages examined during the
last 60 minutes. Valid entries are integers in the range 0 to 99999999.

Avg Processes RunQueue 60 [AVPRRUNQ60]: The average number of processes

waiting to be run by the CPU during the last 60 minutes. Valid entries are integers
in the range 0 to 99999999.

Block Reads [BREAD]: The number of physical block reads over a specified
sampling period. Valid entries are integers in the range 0 to 999999.

Block Writes [BWRITE]: The number of physical block writes (sync plus async)
over a specified sampling period. Valid entries are integers in the range 0 to
999999.

Boot Time [BOOTTIME]: The system boot time on the monitored system.

CPU Busy [CPUBUSY]: The sum of the System and User CPU attributes in
percent. Valid entries are numeric values in the range 0 to 100, including the use of
*AVG, *MAX, *MIN, *SUM, Count, and Value functions.

CPU Context Switches [PSWITCH]: The number of CPU context switches over the
sampling interval. Valid entries are numeric values in the range 0 to 999999.

CPU Usage [CPUUSAGE]: The sum of the percent user and percent sys time of
the CPU averaged over the specified sampling period. Valid entries are 1, 5, 15, or
60. The default sample period is 1 minute.

Device Interrupts [DEVINT]: The number of non-clock device interrupts over the
sampling interval. Valid entries are numeric values in the range 0 to 999999.

Execs Executed [SYSEXEC]: The number of execs that were run over a specified
sampling period. Valid entries are integers in the range 0 to 999999.

46 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Forks Executed [SYSFORK]: The number of forks that were run over the sampling
interval. Valid entries are numeric values in the range 0 to 999999, including the
use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Free Memory [VMFREEMEM]: The amount of memory, in KB, that is currently

available on the system. Valid entries are numeric values in the range 0 to
99999999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions.

Idle CPU [UNIXIDLCPU]: The percentage of time that the CPU is not processing
instructions. Valid entries are numeric values in the range 0 to 100.

Load Average 1 Min [NETLOAD1]: The average number of processes in the UNIX
kernel run queue during the last minute. Valid entries are numeric values in the
range 0 to 999999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and
Value functions.

Load Average 15 Min [NETLOAD3]: The average number of processes in the

UNIX kernel run queue during the last fifteen minutes. Valid entries are numeric
values in the range 0 to 999999, including the use of *AVG, *MAX, *MIN, *SUM,
Count, and Value functions.

Load Average 5 Min [NETLOAD2]: The average number of processes in the UNIX
kernel run queue during the last five minutes. Valid entries are numeric values in
the range 0 to 999999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and
Value functions.

Logical Block Reads [LREAD]: The number of logical block reads of system
buffers during the sampling interval. Valid entries are numeric values in the range
0 to 999999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions.

Logical Block Writes [LWRITE]: The number of logical block writes of system
buffers during the sampling interval. Valid entries are numeric values in the range
0 to 999999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions.

Net Address [NETADDR]: The Internet Protocol (IP) address of a monitored

system, expressed in dotted decimal format. Valid entries are simple alphanumeric
text strings with a maximum of 16 characters.

NonBlock Reads [PHREAD]: The number of physical block writes (synchronous

plus asynchronous) during the sampling interval. Valid entries are integers in the
range 0 to 999999.

NonBlock Writes [PHWRITE]: The number of raw I/O writes over a specified
sampling period. Valid entries are integers in the range 0 to 999999.

Page Faults [VMPGFAULTS]: The average rate of page faults per second. Valid
entries are numeric values in the range 0 to 999999, including the use of *AVG,
*MAX, *MIN, *SUM, Count, and Value functions.

Page Ins [VMPGSIN]: The average rate per second of page-in requests over a
specified sampling period. A page-in request can include multiple pages and gives
an indication of the I/O rate on the paging file. Valid entries are integers in the
range 0 to 999999.

Chapter 5. Attributes reference 47

 Page Outs [VMPGSOUT]: The average rate per second of page-out requests over a
specified sampling period. Valid entries are integers in the range 0 to 999999.

Page Reclaims [VMPGRCLM]: The number of times during the monitoring

interval that the system removed a page from the queue and used that page for
another process. This is the average rate per second. Valid entries are numeric
values in the range 0 to 999999, including the use of *AVG, *MAX, *MIN, *SUM,
Count, and Value functions.

Page Scan Rate [VMSCAN]: The average rate per second of pages examined over
the sampling interval. Valid entries are numeric values in the range 0 to 999999,
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Page Scanning [PGSCANRATE]: The number pages that the virtual memory
manager pages scans per second in KB. Valid entries are integers.

Pages Paged In [VMPGIN]: The average rate per second of pages that were
paged-in from disk to system memory during the monitoring interval. Valid entries
are numeric values in the range 0 to 999999, including the use of *AVG, *MAX,
*MIN, *SUM, Count, and Value functions.

Pages Paged Out [VMPGOUT]: The average rate per second of pages paged-out
from system memory to disk during the monitoring interval. Valid entries are
numeric values in the range 0 to 999999, including the use of *AVG, *MAX, *MIN,
*SUM, Count, and Value functions.

Peak Disk IO Rate KB/sec: The highest number of the total KB per second written
to and read from all local disks during a specified sampling period. Valid entries
are 1, 5, 15, or 60. The default sampling period is 1 minute.

Peak Disk Transfers/sec: The highest number of transfers per second on all local
disks. Valid entries are 1, 5, 15, or 60. The default sampling period is 1 minute.

Processes Idle [PIDLE]: The number of processes that are currently in idle state.
Valid entries are numeric values in the range 0 to 9999, including the use of *AVG,
*MAX, *MIN, *SUM, Count, and Value functions.

Processes in Run Queue [VMINRUNQ]: The total number of processes (or

threads in AIX 4.1 and above) waiting to be run by the CPU. This number does not
include processes waiting for I/O or some external event, or processes in a
sleeping state. Valid entries are numeric values in the range 0 to 9999, including
the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Processes Runnable [PRUNABLE]: The number of processes that are waiting to be

run. For AIX and HP-UX, the Processes_Runnable attribute is the number of
processes waiting to be run or are currently running. Valid entries are numeric
values in the range 0 to 9999, including the use of *AVG, *MAX, *MIN, *SUM,
Count, and Value functions.

Processes Running [PRUNNING]: The number of processes that are currently

running on a processor. Valid entries are numeric values in the range 0 to 9999,
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Processes Sleeping [PSLEEPING]: The number of processes that are currently in

sleep state. Valid entries are numeric values in the range 0 to 9999, including the
use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

48 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Processes Stopped [PSTOPPED]: The number of processes that are currently in the
stopped state. Valid entries are numeric values in the range 0 to 9999, including the
use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Processes Zombie [PZOMBIE]: The number of zombie processes. Valid entries are
numeric values in the range 0 to 9999, including the use of *AVG, *MAX, *MIN,
*SUM, Count, and Value functions.

Processes Waiting [VMINPGWAIT]: The number of processes (or threads in AIX

4.1 and above) waiting for page operations. Valid entries are numeric values in the
range 0 to 9999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions.

System Calls [SYSCALL]: The number of system calls made during the sampling
interval. Valid entries are numeric values in the range 0 to 999999, including the
use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

System CPU [UNIXSYSCPU]: The percentage of CPU time devoted to executing

UNIX system kernel code. Valid entries are numeric values expressEd as a
percentage in the range 1 to 100, including the use of *AVG, *MAX, *MIN, *SUM,
Count, and Value functions.

System Name [ORIGINNODE]: The host name of a monitored system. Valid

entries are simple text strings, alphanumeric with a maximum length 64 characters.

System Procs Number [NOSYSPROCS]: The number of processes running on the

system, including both system and user processes. Valid entries are numeric values
in the range 0 to 9999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and
Value functions.

System Read [SYSREAD]: The number of read() and readv() system calls during
the sampling interval. Valid entries are numeric values in the range 0 to 9999,
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

System Write [SYSWRITE]: The number of write() and writev() system calls over
the sampling interval. Valid entries are numeric values in the range 0 to 9999,
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Timestamp [TIMESTAMP]: The date and time the agent collects information as set
on the monitored system.

Total Real Memory [TOTREALMEM]: The total number of KB of physical

memory on a monitored system. Valid entries are numeric values in the range 0 to
99999999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions.

Total Virtual Memory [TOTVIRTMEM]: The total amount of disk space in KB

that is available for paging operations on a monitored system. In Solaris systems,
the Total_Virtual_Memory attribute might be varying among different collections.
This is because of the swap space in the Solaris system, which consists of swap
space from the swap area (disk) and swap space in the form of physical memory.
The swap space from the physical memory varies depending on the system load.
Valid entries are numeric values in the range 0 to 99999999, including the use of
*AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Chapter 5. Attributes reference 49

 Type [SYSTEMTYPE]: The type of UNIX operating system residing on a
monitored host, such as AIX, HPUX, SunOS or OSF1. The maximum length is 8
characters and the possible values are:
AIX IBM AIX operating system
HPUX Hewlett Packard HP-UX operating system
SunOS
Sun Solaris I or II operating system

Up Time [SYSUPTIME]: The number of seconds that a monitored system has been
running continuously. Valid entries are numeric values in the range 0 to
2147483647, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions.

UpTime [UPTIME]: The system up time of the monitored system. Valid entries are
in the format DDDdHH:MM:SS, where:
DDD Days to a maximum of 999
HH Hours
MM Minute
SS Second

User CPU [UNIXUSRCPU]: The percentage of processor time devoted to user

processes. Valid entries are numeric values expressed as a percentage in the range
0 to 100, including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value
functions.

Users Session Number [NOUSRSESS]: The number of interactive user sessions

that are running. Valid entries are numeric values in the range 0 to 9999, including
the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Version [SYSTEMVERS]: The version number of a UNIX operating system on the

network. Valid entries are simple text strings, alphanumeric with a maximum
length of 16 characters.

Virtual Memory Percent Available [VMFREEPRC]: The percentage of virtual

memory that is available, which is calculated by this monitoring agent using the
following formula:
100.0 - Percent_Virtual_Memory_Used

Valid entries are numeric values in the range 0 to 100.0 to one decimal place.
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Virtual Memory Percent Used [VMUSEDPRC]: The percentage of virtual memory

that is used, which is calculated by this monitoring agent using the following
formula:
Active_Virtual_Memory / Total_Virtual_Memory * 100

Valid entries are numeric values in the range 0 to 1000 to one decimal place,
including the use of *AVG, *MAX, *MIN, *SUM, Count, and Value functions.

Wait I/O [UNIXWAITIO]: The percentage of time that the CPU spends waiting for
I/O operations. Valid entries are numeric values in the range 0 to 100, including
the use of *AVG, *MAX, *MIN, or *SUM functions.

50 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 User attributes [UNIXUSER]
Use the User attributes to monitor user characteristics, such as idle time, user
name, location, and login time. The User group is a multiple-instance group.

Idle Time [USERIDLE]: The number of minutes that have passed since a user last
entered a command. Valid entries are numeric values expressed as minutes in the
range 0 to 99999999, including the use of *AVG, *MAX, *MIN, *SUM, Count, and
Value functions. Use this attribute to check idle time.

Location [USERSITE]: Information provided by the user about their location. Valid
entry is a simple alphanumeric text string with a maximum length 16 characters.
This information varies from location to location and might not be available for all
users or for all UNIX operating systems. Check with your local System
Administrator for additional information about this attribute.

Login Name [USERLOGIN]: The login name of a user. Valid entry is a simple
alphanumeric text string, with a maximum length of 16 characters. Use this
attribute to include or exclude specific user login names in the situation.

Login Name (Unicode) [UUSERLOGIN]: The login name of a user. Valid entry is
a simple alphanumeric text string, with a maximum length of 48 bytes. Use this
attribute to include or exclude specific user login names in the situation. This
attribute is globalized.

Login Time [USERWHEN]: The date and time a user logged in.

Name [USERNAME]: The full name of a user. Valid entry is a simple

alphanumeric text string with a maximum length 32 characters.

Name U [UUSERNAME]: The full name of a user. Valid entry is a simple

alphanumeric text string with a maximum length 48 characters.

System Name [ORIGINNODE]: The host name of the monitored system. Valid
entry is a simple alphanumeric text string with a maximum length 64 characters.

Terminal [USERTTY]: The identity of a logged-in device. Valid entry is a simple

text string, alphanumeric with a maximum length 8 characters.

Timestamp [TIMESTAMP]: The date and time the agent collects information as set
on the monitored system.

User ID [UID]: The numeric ID that the system assigned to a user. Valid entries
are numeric values in the range 0 to 999999, including the use of *AVG, *MAX,
*MIN, *SUM, Count, and Value functions. Use to include or exclude a particular
user in the situation. On AIX, you need a patch from IBM to get the user ID. The
numeric identification number varies from system to system and user to user. An
example of a user ID is 48765.

Disk capacity planning for historical data

Disk capacity planning for a monitoring agent is a prediction of the amount of disk
space to be consumed for each attribute group whose historical data is being
collected. Required disk storage is an important factor to consider when you are
defining data collection rules and your strategy for historical data collection.

Chapter 5. Attributes reference 51

 Calculate expected disk space consumption by multiplying the number of bytes
per instance by the expected number of instances, and then multiplying that
product by the number of samples.Table 8 provides the following information
required to calculate disk space for the Monitoring Agent for UNIX OS:
v DB table name is the table name as it would appear in the warehouse database, if
the attribute group is configured to be written to the warehouse.
v Bytes per instance (agent) is an estimate of the record length for each row or
instance written to the agent disk for historical data collection. This estimate can
be used for agent disk space planning purposes.
v Bytes per instance (warehouse) is an estimate of the record length for detailed
records written to the warehouse database, if the attribute group is configured to
be written to the warehouse. Detailed records are those that have been uploaded
from the agent for long-term historical data collection. This estimate can be used
for warehouse disk space planning purposes.
v Bytes per summarized instance (warehouse) is an estimate of the record length for
aggregate records written to the warehouse database, if the attribute group is
configured to be written to the warehouse. Aggregate records are created by the
Summarization agent for attribute groups that have been configured for
summarization. This estimate can be used for warehouse disk space planning
purposes.
v Expected number of instances is a guideline that can be different for each attribute
group, because it is the number of instances of data that the agent will return for
a given attribute group, and depends upon the application environment that is
being monitored. For example, if your attribute group is monitoring each
processor on your machine and you have a dual processor machine, the number
of instances is 2.
The IBM Tivoli Monitoring Installation and Setup Guide contains formulas that can
be used to estimate the amount of disk space used at the agent and in the
warehouse database for historical data collection of an attribute group.
Table 8. Capacity planning for historical data
Bytes per
Bytes per summarized
Attribute Bytes per instance instance Expected number of
Group DB table name instance (agent) (warehouse) (warehouse) instances
Disk UNIXDISK 1060 1090 1400 Multiple, typically two
[UNIXDISK]
Disk_ UNIXDPERF 272 297 544 Multiple, typically two
Performance
[UNIXDPERF]
File_ FILEINFO 4068 4101 4216 Multiple, typically 100
Information
[FILEINFO]
Network UNIXNET 292 341 783 Multiple, typically three
[UNIXNET]
NFS and RPC UNIXNFS 424 364 1229 Single
Statistics
[UNIXNFS]
Process UNIXPS 1676 1615 2141 Multiple, typically 100 -
[UNIXPS] 1000
SMP_CPU UNIXCPU 336 264 1183 Multiple, typically 1 - 32
[UNIXCPU]

52 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Table 8. Capacity planning for historical data (continued)
Bytes per
Bytes per summarized
Attribute Bytes per instance instance Expected number of
Group DB table name instance (agent) (warehouse) (warehouse) instances
System UNIXOS SP2OS 640 607 2729 Single
[UNIXOS] B
User UNIXUSER 284 310 362 Multiple, typically less than
[UNIXUSER] 10

For more information about historical data collection, see the IBM Tivoli Monitoring
Administrator’s Guide.

Chapter 5. Attributes reference 53

54 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
Chapter 6. Situations reference
This chapter contains an overview of situations, references for detailed information
about situations, and descriptions of the predefined situations included in this
monitoring agent.

About situations
A situation is a logical expression involving one or more system conditions.
Situations are used to monitor the condition of systems in your network. You can
manage situations from the Tivoli Enterprise Portal by using the Situation editor.

The IBM Tivoli Monitoring agents that you use to monitor your system
environment are shipped with a set of predefined situations that you can use as-is
or you can create new situations to meet your requirements. Predefined situations
contain attributes that check for system conditions common to many enterprises.

Using predefined situations can improve the speed with which you can begin
using the Monitoring Agent for UNIX OS. You can examine and, if necessary,
change the conditions or values being monitored by a predefined situation to those
best suited to your enterprise.

Note: The predefined situations provided with this monitoring agent are not
read-only. Do not edit these situations and save over them. Software updates
will write over any of the changes that you make to these situations.
Instead, clone the situations that you want to change to suit your enterprise.

You can display predefined situations and create your own situations using the
Situation editor. The left frame of the Situation editor initially lists the situations
associated with the Navigator item that you selected. When you click a situation
name or create a new situation, the right frame opens with the following tabs:
Formula
Condition being tested
Distribution
List of managed systems (operating systems, subsystems, or applications)
to which the situation can be distributed.
Expert Advice
Comments and instructions to be read in the event workspace
Action
Command to be sent to the system
Until Duration of the situation

The Monitoring Agent for UNIX OS predefined situations describe system

conditions on your UNIX networked systems that you want to monitor at your
site. Use these situations to being monitoring any UNIX managed object quickly, or
as models for customizing your own situations. In some cases, the values that are
assigned to the predefined situations are examples only and should be modified to
reflect the conditions of your distributed system. Each predefined situation is
assigned to a predefined template, and an alert status for the situation is defined.

© Copyright IBM Corp. 2005 55

More information about situations
The IBM Tivoli Monitoring User’s Guide contains more information about predefined
and custom situations and how to use them to respond to alerts.

For a list of the predefined situations for this monitoring agent and a description
of each situation, refer to the Predefined situations section below and the
information in that section for each individual situation.

For additional information about the situations for this monitoring agent, see
Appendix B, “Situations,” on page 69.

Predefined situations
This monitoring agent contains the following predefined situations, which are
organized by the workspace that the situations are associated with.
v Disk Usage workspace situations
– UNIX_Disk_Availability
– UNIX_CMD_Disk_Inodes_Critical
– UNIX_CMD_Disk_Space_Warning
– UNIX_Filemount_Critical
– UNIX_HD_Config_Critical
– UNIX_scratch_tmp_Disk_Full
v File Information workspace situation
– UNIX_User_File_Exists
v Network workspace situation
– UNIX_Network_Collsns_Critical
– UNIX_Network_Collsns_Warning
– UNIX_Network_Errors
– UNIX_Network_Interface_Busy
– UNIX_Network_Interface_Idle
v NFS Activity workspace situation
– UNIX_NFS_RPC_Rejects
v Process workspace situations
– UNIX_CMD_Process_Critical
– UNIX_CMD_Runaway_Process
– UNIX_CPU_Critical
– UNIX_CPU_Warning
– UNIX_Process_Memory_Critical
– UNIX_Process_Memory_Leak
– UNIX_Process_Memory_Warning
– UNIX_Process_MISSING_inetd
v System Information workspace situations
– UNIX_Active_Virtual_Memory
– UNIX_CPU_Busy_Critical
– UNIX_CPU_Busy_Warning
– UNIX_HD_Excessive_IO_Wait
– UNIX_System_Busy_Critical

56 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 – UNIX_System_Busy_Warning
– UNIX_System_Capacity_Critical
– UNIX_System_Paging_Critical
– UNIX_System_Virtual_Memory_Warning
– UNIX_User_CPU_Critical

The remaining sections of this chapter contain descriptions of each of these

predefined situations. The situations are organized by the workspace that the
situations are associated with.

Disk Usage workspace situations

UNIX_Disk_Availability situation
Determines under-utilized hard disk space.

The formula for this situation is as follows:

IF Disk.Mount_Point EQ /user AND Disk.Space_Used_Percent LT 25

UNIX_CMD_Disk_Inodes_Critical situation
Monitors the /tmp and /var free inodes for critical space.

The formula for this situation is as follows:

IF Disk.Mount_Point EQ /tmp OR Disk.Mount_Point EQ /var) AND Disk.Inodes_Free
LT 20000 ACTION echo UNIX_CMD_Disk_Inodes_Critical &Disk.System_Name Low free
inodes on /tmp and /var

UNIX_CMD_Disk_Space_Warning situation
Monitors any mounted file system with space usage greater than 90 percent.

The formula for this situation is as follows:

IF Disk.Space_Used_Percent GE 90 ACTION echo UNIX_CMD_Disk_Space_Warning
&Disk.System_Name Filemount: &Disk.Mount_Point Space_Used: &Disk.Space_Used_Percent

UNIX_Filemount_Critical situation
Checks for the existence of a specific mount point on a specific system.

The formula for this situation is as follows:

IF Disk.System_Name EQ Redwood AND Disk.Mount_Point EQ /usr

UNIX_HD_Config_Critical situation
Monitors hard disk space or free inodes that are going critical.

The formula for this situation is as follows:

IF Disk.Inodes_Free LT 100 OR Disk.Space_Used_Percent GT 90

UNIX_scratch_tmp_Disk_Full situation
Monitors file mount /scratch or /tmp with space usage greater than 90 percent.

The formula for this situation is as follows:

IF Disk.Space_Used_Percent GT 90 AND (SCAN Disk.Mount_Point EQ /scratch OR
Disk.Mount_Point *EQ /tmp)

Chapter 6. Situations reference 57

 File Information workspace situation
UNIX_User_File_Exists situation
Monitors for the existence of a specific user file.

The formula for this situation is as follows:

IF File_Information.Path EQ /a/path2/search AND File_Information.File EQ
the File_2find

Network workspace situations

UNIX_Network_Collsns_Critical situation
Indicates a large number of network collisions.

The formula for this situation is as follows:

IF Network.Collisions GT 15

UNIX_Network_Collsns_Warning situation
Indicates a small number of network collisions.

The formula for this situation is as follows:

IF Network.Collisions GT 2

UNIX_Network_Errors situation
Monitors whether the received or transmitted error limit has been exceeded.

The formula for this situation is as follows:

IF Network.Interface_Status EQ UP AND (Network.Output_Errors GT 10
OR Network.Input_Errors *GT 10)

UNIX_Network_Interface_Busy situation
Monitors whether the frames transmitted or received has exceeded the limit.

The formula for this situation is as follows:

IF Network.Network_Interface_Name NE Lo0 AND Network.Interface_Status EQ
UP AND (Network.Frames_Received GT 1000 OR Network.Frames_Transmitted GT
1000)

UNIX_Network_Interface_Idle situation
Monitors whether the frames transmitted or received is less than the limit.

The formula for this situation is as follows:

IF Network.Network_Interface_Name *NE Lo0 AND Network.Interface_Status EQ
UP AND (Network.Frames_Received LT 100 OR Network.Frames_Transmitted LT 100)

NFS Activity workspace situation

UNIX_NFS_RPC_Rejects situation
Monitors for rejected NFS RPC calls.

The formula for this situation is as follows:

IF N_F_S_and_R_P_C_Statistics.NFS_Server_Calls_Rejected GT 2
OR N_F_S_and_R_P_C_Statistics.NFS_Client_Calls_Rejected GT 2

58 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Process workspace situation
UNIX_CMD_Process_Critical situation
Monitors for the existence of a process.

The formula for this situation is as follows:

IF Process.Command EQ FOO

UNIX_CMD_Runaway_Process situation
Reports processes with high CPU utilization.

The formula for this situation is as follows:

IF Process.CPU_Utilization GT 95 AND Process.User_ID NE 0 AND
(Process.Execution_State EQ R OR Process.Execution_State EQ A)
ACTION echo UNIX_CMD_Runaway_Process &Process.System_Name
Processid: &Process.Process_ID Command: &Process.Command

UNIX_CPU_Critical situation
Monitors for processes with CPU utilization that is greater than or equal to 85
percent.

The formula for this situation is as follows:

IF Process.CPU_Utilization GE 85 AND Process.Command NE kproc AND Process.Command
NE swapper

UNIX_CPU_Warning situation
Monitors processes with CPU utilization that is greater than or equal to 70 percent
and less than 85 percent.

The formula for this situation is as follows:

IF Process.CPU_Utilization *GE 70 AND Process.CPU_Utilization LT 85

UNIX_Process_Memory_Critical situation
Reports process with high memory usage that have reached a critical state.

The formula for this situation is as follows:

IF Process.Mem_Pct GT 8000

UNIX_Process_Memory_Leak situation
Reports process with high virtual memory usage.

The formula for this situation is as follows:

IF Process.Virtual_Size GT 9999999

UNIX_Process_Memory_Warning situation
Reports processes with high memory usage before they become critical.

The formula for this situation is as follows:

IF Process.Mem_Pct GT 5000 AND Process.Mem_Pct LT 8000

UNIX_Process_MISSING_inetd situation
Monitors whether the inetd Internet services daemon is up and running.

The formula for this situation is as follows:

IF MISSING Process.Command EQ (’inetd’)

Chapter 6. Situations reference 59

 System Information workspace situations
UNIX_Active_Virtual_Memory situation
Monitors whether active virtual memory is approaching total virtual memory.

The formula for this situation is as follows:

IF System.Active_Virtual_Memory GE nnnn

UNIX_CPU_Busy_Critical situation
Monitors whether the CPU workload is high (greater than 90 percent).

The formula for this situation is as follows:

IF SMP_CPU.CPU_Busy GT 90

UNIX_CPU_Busy_Warning situation
Monitors whether the CPU workload is greater than 70 percent and less than or
equal to 90 percent.

The formula for this situation is as follows:

IF SMP_CPU.CPU_Busy GT 70 AND SMP_CPU.CPU_Busy LE 90

UNIX_HD_Excessive_IO_Wait situation
Monitors a typical I/O bound processor (NSF).

The formula for this situation is as follows:

IF System.Wait_I/O GT 20

UNIX_System_Busy_Critical situation
Monitors for a critical state of I/O wait, low free memory, and CPU idle.

The formula for this situation is as follows:

IF System.Wait_I/O GT 25 AND System.Free_Memory LT 1 AND System.Idle_CPU
GT 10 AND System.Load_Average_1_Min GT 2

UNIX_System_Busy_Warning situation
Monitors for system CPU, idle, I/O wait, and load average for busy state.

The formula for this situation is as follows:

IF System.System_CPU GT 50 AND System.Idle_CPU GT 0 AND System.Wait_I/O GT
0 AND System.Load_Average_5_Min GT 1

UNIX_System_Capacity_Critical situation
Monitors system capacity using a process number and CPU usage.

The formula for this situation is as follows:

IF System_Proc_Number GE 250 AND System.System_CPU GT 80

UNIX_System_Paging_Critical situation
Monitors if the virtual memory manager is working too hard to find free pages.

The formula for this situation is as follows:

IF System.Page_Scan_Rate GT 500

60 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

UNIX_User_CPU_Critical situation
Monitors if user CPU usage is system dominant and impacts users.

The formula for this situation is as follows:

IF System.User_CPU GE 0 AND System.User_CPU LT 70 AND System.System_CPU GT
40

UNIX_System_Virtual_Memory_Warning situation
Monitors if the available virtual memory is running low.

The formula for this situation is as follows:

IF System.Virtual_Memory_Percent_Used GT 90

Chapter 6. Situations reference 61

62 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
Chapter 7. Take Action commands reference
This chapter contains an overview of Take Action commands, references for
detailed information about Take Action commands, and a description of the Take
Actions command included in this monitoring agent.

About Take Action commands

Take Action commands can be run from the desktop or included in a situation or a
policy.

When included in a situation, the command executes when the situation becomes
true. A Take Action command in a situation is also referred to as reflex automation.
When you enable a Take Action command in a situation, you automate a response
to system conditions. For example, you can use a Take Action command to send a
command to restart a process on the managed system or to send a text message to
a cell phone.

Advanced automation uses policies to perform actions, schedule work, and

automate manual tasks. A policy comprises a series of automated steps called
activities that are connected to create a workflow. After an activity is completed,
Tivoli Enterprise Portal receives return code feedback, and advanced automation
logic responds with subsequent activities prescribed by the feedback.

More information about Take Action commands

For more information about working with Take Action commands, see the IBM
Tivoli Monitoring User’s Guide.

Predefined Take Action commands

This monitoring agent contains the following Take Action command:

Sample_kill_Process

The remaining section of this chapter contains a description of this Take Action
command. The following information is provided about the Take Action command:
Description
Which actions the command performs on the system to which it is sent
Arguments
List of arguments, if any, for the Take Action with a short description and
default value for each one
Destination systems
Where the command is to be executed: on the Managed System
(monitoring agent) where the agent resides or on the Managing System
(Tivoli Enterprise Monitoring Server) to which it is connected
Usage notes
Additional relevant notes for using the Take Actions

© Copyright IBM Corp. 2005 63

 Sample_kill_Process action
Description
Kills the process named in the parameter supplied and enables you to issue ad-hoc
commands from the Tivoli Enterprise Portal that the Monitoring Agent for UNIX
OS will execute on your behalf.

Arguments
Process ID
The Process ID (PID) of the process you would like to kill.

Destination systems
Managed system

Usage notes
The kill command is executed directly by the remote Monitoring Agent for UNIX
OS. Because it is easy to kill processes unintentionally, you need to exercise caution
if the monitoring agent is run as superuser (root).

64 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Chapter 8. Policies reference
This chapter contains an overview of policies, references for detailed information
about policies, and descriptions of the predefined policies included in this
monitoring agent.

About policies
Policies are an advanced automation technique for implementing more complex
workflow strategies than you can create through simple automation.

A policy is a set of automated system processes that can perform actions, schedule
work for users, or automate manual tasks. You use the Workflow Editor to design
policies. You control the order in which the policy executes a series of automated
steps, which are also called activities. Policies are connected to create a workflow.
After an activity is completed, Tivoli Enterprise Portal receives return code
feedback and advanced automation logic responds with subsequent activities
prescribed by the feedback.

Note: The predefined policies provided with this monitoring agent are not
read-only. Do not edit these policies and save over them. Software updates
will write over any of the changes that you make to these policies. Instead,
clone the policies that you want to change to suit your enterprise.

More information about policies

For more information about working with policies, see the IBM Tivoli Monitoring
User’s Guide.

For information about using the Workflow Editor, see the IBM Tivoli Monitoring
Administrator’s Guide or the Tivoli Enterprise Portal online help.

For a list of the policies for this monitoring agent and a description of each policy,
refer to the Predefined policies section below and the information in that section
for each individual policy.

Predefined policies
This monitoring agent contains the following predefined policies:
v UNIX_CPU_Busy
v UNIX_Disk_Space_Full
v UNIX_Virtual_Memory_High

The remaining sections of this chapter contain descriptions of these policies, which
are listed alphabetically.

UNIX_CPU_Busy policy
When the Runaway_Process and CPU_Critical situations are both true, you can
choose to send a message or to terminate the runaway process (after confirmation
from an administrator, if possible).
v If the termination fails, the administrator is informed, and the policy completes.

© Copyright IBM Corp. 2005 65

 v If the termination succeeds, the policy waits and re-evaluates the CPU_Critical
situation.
v If the CPU_Critical situation is still true, the administrator is informed.

UNIX_Disk_Space_Full policy
When the Disk_Space_Warning and the scratch-tmp Disk Full situations are both
true, you can choose to perform the following actions:
v Compress all files that reside at mount point /scratch or /tmp.
v Remove all files which reside at mount point /scratch or /tmp.
v After a timeout with no user choice, echo a message.

UNIX_Virtual_Memory_High policy
When the Virtual_Memory_Warning and the Process Memory Leak situations are
both true, the process identified in the Process Memory Leak event is terminated.
v If the termination fails, the administrator is informed, and the policy completes.
v If the termination succeeds, the policy waits and reevaluates the
Virtual_Memory_Warning situation.
v If the Virtual_Memory_Warning situation is still true, the administrator is
informed.

66 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Appendix A. Attributes
This appendix contains additional information about the Monitoring Agent for
UNIX OS attributes. An attribute is a characteristic of a managed object (node). For
example, Disk Name is an attribute for a disk, which is a managed object.

You can use the Monitoring Agent for UNIX OS attributes to build situations that
monitor the performance of your UNIX network managed resources. When the
values of the selected attributes in a situation exceed their threshold settings, the
Monitoring Agent for UNIX OS systems post an alert, notifying you of a problem.

Overview
An attribute is a characteristic of a managed object (node). For example, Disk
Name is an attribute for a disk, which is a managed object.

You can use the Monitoring Agent for UNIX OS attributes to build situations that
monitor the performance of your UNIX network managed resources. When the
values of the selected attributes in a situation exceed their threshold settings, the
Monitoring Agent for UNIX OS systems post an alert, notifying you of a problem.

The Monitoring Agent for UNIX OS provides the following types of attributes:
single-instance
Single-instance attributes are attributes that gather only one set of data. For
example, the local time attributes are single-instance attributes because
there is only one set of values for local time at any one time.
multiple-instance
multiple-instance attributes are attributes that can gather multiple sets of
data. For example, the Avg_Queue attribute is a multiple-instance attribute
because it can return one set of data for each queue that exists on the
system.
You cannot use attributes from more than one multiple-instance group in
the same situation. Examples of multiple-instance groups are
Disk_Performance, System, and User.

Tivoli Enterprise Portal reports and attributes

The Monitoring Agent for UNIX OS reports provide real time information on many
of the attributes by using the reports. Each column in a report corresponds to an
attribute. These reports are available to you at any time, independent of whether
you are using the Monitoring Agent for UNIX OS to monitor situations.

Assignment of the N/A Value

Not all UNIX systems display all UNIX attributes. For example, AIX systems do
not display the CPU ID on which the process is running. If your system does not
display a value for a certain attribute, N/A is displayed in fields relating to that
attribute. N/A stands for not available and means that this information is not
currently being collected for the UNIX platform on which your system is running.

© Copyright IBM Corp. 2005 67

Cross referencing historical reports and attributes
Historical reports use a column header that identifies the attributes using an
shorter character name. The historical column header is identified in capital letters
surrounded by brackets [ ] under the attribute name. The historical data tables are
identified in the same manner after the attribute group name.

Here is an example of an attribute:

Space_Used_Percent
Is the attribute name
[PCTSPCUSED]
Is the historical column header.

Here is an example of an attribute group:

File_Information Group [UNIXFILE]
Is the name of the attribute group and the name of the historical table.

68 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Appendix B. Situations
Table 9 provides the name, activated-at-startup setting, description, situation logic,
and comparison value for each situation.
Table 9. UNIX situations
Name
UNIX_Active_Virtual_Memory
UNIX_CMD_Disk_Inodes_Critical
UNIX_CMD_Disk_Space_Warning
UNIX_CMD_Process_Critical
UNIX_CMD_Runaway_Process
© Copyright IBM Corp. 2005
Activate at
startup Description, logic, and values
No Checks if Active Virtual Memory approaches Total
Virtual Memory
*IF *VALUE System.Active_Virtual_Memory *GE nnnn
No /tmp and /var free inodes critical *EQ /tmp
*IF (*VALUE Disk.Mount_Point *EQ /tmp *OR
*VALUE Disk.Mount_Point *EQ /var) *AND *SUM
Diks.Inodes_Free *LT 20000
*ACTION echo UNIX_CMD_Disk_Inodes_Critical
&Disk.System_Name Low free inodes on /tmp and
/var
No Any Filemount with space usage GT 90%
*IF *VALUE Disk.Space_Used_Percent *GE 90
*ACTION
echo UNIX_CMD_Disk_Space_Warning
&Disk.System_Name Filemount:
&Disk.Mount_Point
Space_Used: &Disk.Space_Used_Percent
No Checks for existence of process
*IF *VALUE Process.Command *EQ FOO
Yes Report High CPU processes
*IF *VALUE Process.CPU_Utilization *GT 95
*AND *VALUE Process.User_ID *NE 0
*AND (*VALUE Process.Execution_State *EQ R
*OR *VALUE Process.Execution_State *EQ A)
*ACTION echo UNIX_CMD_Runaway_Process
&Process.System_Name
Processid: &Process.Process_ID
Command: &Process.Command
69
Table 9. UNIX situations (continued)
Activate at
Name startup Description, logic, and values
UNIX_CPU_Critical No Process CPU utilization greater than or equal to 85%
*IF *VALUE Process.CPU_Utilization *GE 85

*AND *VALUE Process.Command *NE kproc

*AND *Process.Command *NE swapper

UNIX_CPU_Warning Yes Process CPU greater than or equal to 70% and less
than 85%
*IF *VALUE Process.CPU_Utilization *GE 70

*AND *VALUE Process.CPU_Utilization *LT 85

UNIX_CPU-Busy_Critical No Monitors if the CPU workload is high (> 90%).
*IF *VALUE SMP_CPU.CPU_Busy *GT 90
UNIX_CPU_Busy_Warning No Monitors if the CPU workload is greater than 70% and
less than or equal to 90%
*IF *VALUE SMP_CPU.CPU_Busy

*GT 70 *AND *VALUE SMP_CPU.CPU_Busy *LE 90

UNIX_Disk_Availability No Determines under utilized HD space
*IF *SCAN Disk.Mount_Point *EQ /user

*AND *VALUE Disk.Space_Used_Percent *LT 25

UNIX_Filemount_Critical No Checks for existence of specific mount point on a
specific system
*IF *SCAN Disk.System_Name *EQ Redwood

*AND

*SCAN Disk.Mount_Point *EQ /usr

UNIX_HD_Config_Critical No Hard disk space OR Inodes free going critical
*IF *VALUE Disk.Inodes_Free *LT 100

*OR *VALUE Disk.Space_Used_Percent *GT 90

UNIX_HD_Excessive_IO_Wait
UNIX_Network_Collsns_Critical
UNIX_Network_Collsns_Warning
UNIX_Network_Errors
Yes Note typical I/O bound processor (NSF)
*IF *VALUE System.Wait_I/O *GT 20
No Large number of network interface collisions
*IF *VALUE Network.Collisions *GT 15
No Small number of network interface collisions
*IF *VALUE Network.Collisions *GT 2
No Received or transmitted error limit exceeded
*IF *VALUE Network.Interface_Status *EQ UP

*AND (*VALUE Network.Output_Errors *GT 10

*OR *VALUE Network.Input_Errors *GT 10)

70 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Table 9. UNIX situations (continued)
Name
UNIX_Network_Interface_Busy
UNIX_Network_Interface_Idle
UNIX_NFS_RPC_Rejects
UNIX_Process_Memory_Critical
UNIX_Process Memory_Warning
UNIX_Process_Memory_Leak
UNIX_Process_MISSING_inetd
UNIX_scratch_tmp_Disk_Full
UNIX_System_Busy_Critical
Activate at
startup Description, logic, and values
No Frames transmitted or received has exceeded the limit
*IF *VALUE Network.Network_Interface_Name *NE
Lo0
*AND *VALUE Network.Interface_Status *EQ UP
*AND (*VALUE Network.Frames_Received *GT 1000
*OR *VALUE Network.Frames_Transmitted *GT 1000)
No Frames transmitted or received less than limit
*IF *VALUE Network.Network_Interface_Name *NE
Lo0
*AND *VALUE Network.Interface_Status *EQ UP
*AND (*VALUE Network.Frames_Received *LT 100
*OR *VALUE Network.Frames_Transmitted *LT 100)
No Checks for rejected NFS/RPC calls.
*IF *VALUE
N_F_S_and_R_P_C_Statistics.NFS_Server_Calls_
Rejected *GT 2 *OR *VALUE
N_F_S_and_R_P_C_Statistics.NFS_Client_Calls_
Rejected *GT 2
No Reports high memory usage processes.
*IF *VALUE Process.Mem_Pct *GT 8000
No Reports high memory usage processes.
*IF *VALUE Process.Mem_Pct *GT 5000 *AND *VALUE
Process.Mem_Pct *LT 8000
No Report high virtual memory usage processes
*IF *VALUE Process.Virtual_Size *GT 9999999
No Test if the Internet Services Daemon, inetd, is up
running
*IF *MISSING Process.Command *EQ (’*inetd*’)
No Report filemount scratch or tmp with space usage GT
90%
*IF *VALUE Disk.Space_Used_Percent *GT 90 *AND
(*SCAN Disk.Mount_Point *EQ /scratch *OR *SCAN
Disk.Mount_Point *EQ /tmp)
No Check for critical state of I/O Wait, Low Free Mem,
CPU Idle
*IF *VALUE System.Wait_I/O *GT 25
*AND *VALUE System.Free_Memory *LT 1
*AND *VALUE System.Idle_CPU *GT 10
*AND *VALUE System.Load_Average_1_Min *GT 2
Appendix B. Situations 71
Table 9. UNIX situations (continued)
Activate at
Name startup Description, logic, and values
UNIX_System_Busy_Warning Yes Checks for System CPU, Idle, I/O Wait, and Load Avg.
for Busy State.
*IF *VALUE System.System_CPU *GT 50

*AND *VALUE System.Idle_CPU *GT 0

*AND *VALUE System.Wait_I/O *GT 0

*AND *VALUE System.Load_Average_5_Min *GT 1

UNIX_System_Capacity_Critical No Monitors system capacity w/process number and CPU
Util
*IF *VALUE System_Proc_Number *GE 250 *AND
*VALUE System.System_CPU *GT 80
UNIX_System_Paging_Critical No Monitors if the VMM is working too hard to find free
pages.
*IF *VALUE System.Page_Scan_Rate *GT 500
UNIX_System_Virtual_Memory_Warning No Monitors if the available virtual memory is running
low.
*IF *VALUE System.Virtual_Memory_Percent_Used
*GT 90
UNIX_User_CPU_Critical No Monitors if user CPU usage is system dominant and
impacts users
*IF *VALUE System.User_CPU *GE 0

*AND *VALUE System.User_CPU *LT 70

*AND *VALUE System.System_CPU *GT 40

UNIX_User_File_Exists No Notes that a specific user file was found
*IF *VALUE File_Information.Path *EQ
/a/path2/search

*AND

*VALUE File_Information.File *EQ the File_2find

72 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Appendix C. Templates
This appendix provides detailed information about the predefined templates that
are provided with this monitoring agent. The Monitoring Agent for UNIX OS
provides the following predefined templates:
v UNIX Disk
v UNIX Net
v UNIX System (default)
v UNIX User

The provided situations are assigned to states in the templates. The assigned state
is associated with an alert icon that displays when monitoring situations.

Default template
The UNIX System template is the default template. It is assigned to the
*ALL_UNIX managed resource list managed object when starting the Tivoli
Enterprise Portal.

Four of the situations that are assigned to the UNIX System template are set to
activate at startup so that you can begin monitoring your UNIX systems
immediately.

Template state assignments for the provided situations

Table 10 shows the template for each provided situation. It also shows the state
and the activate at startup option for each.
Table 10. UNIX template state assignments
Activate at
Template State Situation name startup
UNIX Disk Critical UNIX_CMD_Disk_Inodes_Critical No
UNIX Disk Warning UNIX_CMD_Disk_Space_Warning No
UNIX Disk Critical UNIX_Disk_Availability No
UNIX Disk Critical UNIX_Filemount_Critical No
UNIX Disk Critical UNIX_HD_Config_Critical No
UNIX Net Critical UNIX_Network_Collsns_Critical No
UNIX Net Warning UNIX_Network_Collsns_Warning No
UNIX Net Warning UNIX_Network_Errors No
UNIX Net Warning UNIX_Network_Interface_Busy No
UNIX Net Warning UNIX_Network_Interface_Idle No
UNIX Net Critical UNIX_NFS_RPC_Rejects No
UNIX System Critical UNIX_Active_Virtual_Memory No
UNIX System Warning UNIX_CMD_Runaway_Process Yes
UNIX System Critical UNIX_CPU_Critical No
UNIX System Warning UNIX_CPU_Warning Yes

© Copyright IBM Corp. 2005 73

Table 10. UNIX template state assignments (continued)
Activate at
Template State Situation name startup
UNIX System Critical UNIX_CPU_Busy_Critial No
UNIX System Warning UNIX_CPU_Busy_Warning No
UNIX System Warning UNIX_HD_Excessive_IO_Wait Yes
UNIX System Critical UNIX_Process_Memory_Critial No
UNIX System Warning UNIX_Process_Memory_Warning No
UNIX System Critical UNIX_System_Busy_Critical No
UNIX System Warning UNIX_System_Busy_Warning Yes
UNIX System Critical UNIX_System_Capacity_Critical No
UNIX System Critical UNIX_System_Paging_Critial No
UNIX System Warning UNIX_System_Virtual_Memory_Warning No
UNIX User Critical UNIX_CMD_Process_Critical No
UNIX User Critical UNIX_User_CPU_Critical No
UNIX User Warning UNIX_User_File_Exists No

Assigning situations and templates

Both situations and managed objects must be assigned to managed resources
before situations that fire on a managed resource cause a managed object to change
state on your Tivoli Enterprise Portal.

Situations are assigned to managed resources through the Distribution page of the
Settings notebook of the situation. The assignment list of a situation indicates all of
the managed resources on which the situation runs when it is started.

Assignment of managed objects

Managed objects are assigned to managed resources through the Managed
Resources page of the Settings notebook of the managed object. The assignment list
of a managed object indicates which managed resources the managed object is
“listening to”. For example, a managed object changes state in response to a
situation firing on a managed resource only if that managed resource is included in
the assignment list of the managed object.

74 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Appendix D. IBM Tivoli Enterprise Console event mapping
Specific event mapping is provided for those monitoring agents that support
Distributed Monitoring migration. The specific event mapping creates Distributed
Monitoring events for Distributed Monitoring migrated situations. For a list of
these situations and their related event classes, see Table 11.

Generic event mapping provides useful event class and attribute information for
situations that do not have specific event mapping defined. Each event class
corresponds to an attribute group in the monitoring agent. For a description of the
event slots for each event class, see Table 12 on page 78. For more information
about mapping attribute groups to event classes, see the IBM Tivoli Monitoring
Administrator’s Guide.

BAROC files are found on the Tivoli Enterprise Monitoring Server in the
installation directory in TECLIB (that is, install_dir/cms/TECLIB for Windows
systems and install_dir/tables/TEMS_hostname/TECLIB for UNIX systems). IBM
Tivoli Enterprise Console event synchronization provides a collection of
ready-to-use rule sets that you can deploy with minimal configuration. Be sure to
install IBM Tivoli Enterprise Console event synchronization to access the correct
Sentry.baroc, which is automatically included during base configuration of IBM
Tivoli Enterprise Console rules if you indicate that you want to use an existing
rulebase. See the IBM Tivoli Monitoring Installation and Setup Guide for details.
Table 11. Overview of Distributed Monitoring migrated situations
Situation IBM Tivoli Enterprise Console event class
UX_USInodes* Sentry2_0_inodes
Sentry2_0_inodesused
UX_USIUsPct* Sentry2_0_inodesusedpct
UX_USDkUPct* Sentry2_0_diskusedpct
UX_USDskAva* Sentry2_0_diskavail
UX_USDskUsd* Sentry2_0_diskused
UX_USDIORtK* Sentry2_0_diskioratek
UX_USPDskRt* Sentry2_0_peakdiskrate
UX_USPkDkXf* Sentry2_0_peakdiskxfer
UX_USSpcUtl* Sentry2_0_spaceutil
UX_USSpcUtK* Sentry2_0_spaceutilkb
UX_USReqWt* Sentry2_0_reqwait
UX_USReqTm* Sentry2_0_reqtime
UX_USRPCTmO* Sentry2_0_rpctmout
UX_USBadNFS* Sentry2_0_badnfs
UX_USBadRPC* Sentry2_0_badrpc
UX_USNtInEr* Sentry2_0_netinerr
UX_USNtInEX* Sentry2_0_netinerrx
UX_USNetIn* Sentry2_0_netinerr
UX_USNetInX* Sentry2_0_netinx

© Copyright IBM Corp. 2005 75

 Table 11. Overview of Distributed Monitoring migrated situations (continued)
Situation IBM Tivoli Enterprise Console event class
UX_USNetCol* Sentry2_0_netcoll
UX_USNetCoX* Sentry2_0_netcollx
UX_USNtCPct* Sentry2_0_netcollpct
UX_USNCPctX* Sentry2_0_netcollpctx
UX_USNetOEr* Sentry2_0_netouterr
UX_USNetOEX* Sentry2_0_netouterrx
UX_USNetOut* Sentry2_0_netouterr
UX_USNetOX* Sentry2_0_netoutx
UX_USNtCIRt* Sentry2_0_netcollirate
UX_USNtIERt* Sentry2_0_netinerrate
UX_USNtOERt* Sentry2_0_netouterrate
UX_USNetIRt* Sentry2_0_netinrate
UX_USNetORt* Sentry2_0_netoutrate
UX_USSwpAva* Sentry2_0_swapavail
UX_USTProcs* Sentry2_0_totalprocs
UX_USCPUIdl* Sentry2_0_cpuidle
UX_USCPUSys* Sentry2_0_cpusys
UX_USCPUUsr* Sentry2_0_cpuusr
UX_USCPUSpu* Sentry2_0_cpuspu
UX_USZombie* Sentry2_0_zombies
UX_USLdAv15* Sentry2_0_loadavgfifteenm
UX_USLdAv5* Sentry2_0_loadavgonem
UX_USLdAv1* Sentry2_0_loadavgonem
UX_USPgScnR* Sentry2_0_pagescanrate
UX_USPgIns* Sentry2_0_pageins
UX_USPgOuts* Sentry2_0_pageouts
UX_USPgScan* Sentry2_0_pagescans
UX_USPgInRt* Sentry2_0_pageinrate
UX_USPgORt* Sentry2_0_pageoutrate
UX_USPgScRt* Sentry2_0_pagescanrate
UX_USRnQJbs* Sentry2_0_runqjobs
UX_USACPUBu* Sentry2_0_avgcpubusy
UX_USACPUSy* Sentry2_0_avgcpusys
UX_USACPUUs* Sentry2_0_avgcpuusr
UX_USFilPrm* Sentry2_0_fileperm
UX_USULginT* Sentry2_0_ulogintot
UX_UDskAva* universal_diskavail
UX_UDskUsd* universal_diskused
UX_UDskUPct* universal_diskusedpct
UX_UIndsFre* universal_diskusedpct

76 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Table 11. Overview of Distributed Monitoring migrated situations (continued)
Situation IBM Tivoli Enterprise Console event class
UX_UINdsUsd* universal_diskusedpct
UX_ULoadAvg* universal_loadavg
UX_UPageOut* universal_pageouts
UX_USwapAva* universal_swapavail

Each of the event classes is a child of KUX_Base. The KUX_Base event class can be
used for generic rules processing for any event from the Monitoring Agent for
UNIX OS.

Appendix D. IBM Tivoli Enterprise Console event mapping 77

 Table 12. Overview of event slots to event classes
IBM Tivoli Enterprise Console event class event slots
ITM_System System attribute group
v system_name: STRING
v timestamp: STRING
v type: STRING
v version: STRING
v total_real_memory: INTEGER
v total_virtual_memory: INTEGER
v up_time: INTEGER
v users_session_number: INTEGER
v system_procs_number: INTEGER
v net_address: STRING
v user_cpu: INTEGER
v system_cpu: INTEGER
v idle_cpu: INTEGER
v wait_io: INTEGER
v processes_in_run_queue: INTEGER
v processes_waiting: INTEGER
v page_faults: INTEGER
v page_reclaims: INTEGER
v pages_paged_in: INTEGER
v pages_paged_out: INTEGER
v page_ins: INTEGER
v page_outs: INTEGER
v free_memory: INTEGER
v active_virtual_memory: INTEGER
v cpu_context_switches: INTEGER
v system_calls: INTEGER
v forks_executed: INTEGER
v execs_executed: INTEGER
v block_reads: INTEGER
v block_writes: INTEGER
v logical_block_reads: INTEGER
v logical_block_writes: INTEGER
v nonblock_reads: INTEGER
v nonblock_writes: INTEGER
v receive_interrupts: INTEGER
v transmit_interrupts: INTEGER
v modem_interrupts: INTEGER
v active_internet_connections: INTEGER
v active_sockets: INTEGER
v load_average_1_min: REAL
v load_average_5_min: REAL
v load_average_15_min: REAL
v dummy-memory_free: INTEGER
v memory_used: INTEGER
v page_scan_rate: INTEGER
v virtual_memory_percent_used: REAL
78 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
v virtual_memory_percent_available: REAL
v cpu_busy: INTEGER
v system_read: INTEGER
Table 12. Overview of event slots to event classes (continued)
IBM Tivoli Enterprise Console event class event slots
ITM_Disk Disk attribute group
v system_name: STRING
v timestamp: STRING
v name: STRING
v mount_point: STRING
v size: INTEGER
v space_used: INTEGER
v space_available: INTEGER
v inode_size: INTEGER
v inodes_used: INTEGER
v inodes_free: INTEGER
v space_used_percent: INTEGER
v inodes_used_percent: INTEGER
v fs_type: STRING
v space_available_percent: INTEGER
v name_u: STRING
v mount_point_u: STRING
ITM_Disk_Performance Disk_Performance attribute group
v system_name: STRING
v timestamp: STRING
v disk_name: STRING
v transfer_rate: INTEGER
v transferred_bytes: INTEGER
v busy_percent: INTEGER
v avg_queue: INTEGER
v avg_wait: INTEGER
v avg_serv: INTEGER
v disk_name_u: STRING

Appendix D. IBM Tivoli Enterprise Console event mapping 79

 Table 12. Overview of event slots to event classes (continued)
IBM Tivoli Enterprise Console event class
ITM_Network
event slots
Network attribute group
v system_name: STRING
v timestamp: STRING
v network_interface_name: STRING
v interface_ip_address: STRING
v interface_dns_name: STRING
v interface_status: STRING
v transmission_unit_maximum: INTEGER
v received_count: INTEGER
v transmitted_count: INTEGER
v frames_received: INTEGER
v frames_transmitted: INTEGER
v input_errors: INTEGER
v output_errors: INTEGER
v collisions: INTEGER
v subunit_driver: INTEGER
v avg_coll_rate_1: INTEGER
v avg_coll_rate_5: INTEGER
v avg_coll_rate_15: INTEGER
v avg_coll_rate_60: INTEGER
v avg_in_rate_1: INTEGER
v avg_in_rate_5: INTEGER
v avg_in_rate_15: INTEGER
v avg_in_rate_60: INTEGER
v avg_inerr_rate_1: INTEGER
v avg_inerr_rate_5: INTEGER
v avg_inerr_rate_15: INTEGER
v avg_inerr_rate_60: INTEGER
v avg_out_rate_1: INTEGER
v avg_out_rate_5: INTEGER
v avg_out_rate_15: INTEGER
v avg_out_rate_60: INTEGER
v avg_outerr_rate_1: INTEGER
v avg_outerr_rate_5: INTEGER
v avg_outerr_rate_15: INTEGER
v avg_outerr_rate_60: INTEGER

80 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Table 12. Overview of event slots to event classes (continued)
IBM Tivoli Enterprise Console event class event slots
ITM_User User attribute group
v system_name: STRING
v timestamp: STRING
v login_name: STRING
v name: STRING
v terminal: STRING
v idle_time: INTEGER
v login_time: STRING
v location: STRING
v user_id: INTEGER
v process_id: INTEGER
v login_name_u: STRING
v name_u: STRING

Appendix D. IBM Tivoli Enterprise Console event mapping 81

 Table 12. Overview of event slots to event classes (continued)
IBM Tivoli Enterprise Console event class event slots
ITM_Process Process attribute group
v system_name: STRING
v timestamp: STRING
v process_id: INTEGER
v flag: STRING
v execution_state: STRING
v user_id: INTEGER
v parent_process_id: INTEGER
v cpu_utilization: INTEGER
v priority: INTEGER
v nice_value: INTEGER
v entry_address: STRING
v size: INTEGER
v event_waited_on: STRING
v terminal_device: STRING
v time: STRING
v command: STRING
v process_command: STRING
v reptype: STRING
v real_group_id: INTEGER
v effective_user_id: INTEGER
v effective_group_id: INTEGER
v process_group_leader_id: INTEGER
v session_id: INTEGER
v scheduling_class: STRING
v cpu_id: INTEGER
v user_name: STRING
v starttime: STRING
v elapsed_time: STRING
v virtual_size: INTEGER
v mem_pct: REAL
v cpu_pct: REAL
v total_cpu_percent: REAL
v sample_cpu_pct: REAL
v heap_size: INTEGER
v stack_size: INTEGER
v major_fault: INTEGER
v minor_fault: INTEGER
v context_switch: INTEGER
v involuntary_context_switch: INTEGER
v user_cpu_time: STRING
v system_cpu_time: STRING
v total_cpu_time: STRING
v thread_count: INTEGER
v child_user_cpu_time: STRING
v child_system_cpu_time: STRING
v total_child_cpu_time: STRING
82 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
v wait_cpu_time: STRING
v wait_lock_time: STRING
v read_per_write: INTEGER
Table 12. Overview of event slots to event classes (continued)
IBM Tivoli Enterprise Console event class event slots
ITM_File_Information File_Information attribute group
v system_name: STRING
v timestamp: STRING
v path: STRING
v file: STRING
v size: INTEGER
v owner: STRING
v group: STRING
v last_changed_time: STRING
v last_accessed_time: STRING
v links: INTEGER
v access: INTEGER
v type: STRING
v link_name: STRING
v path_u: STRING
v file_u: STRING
v owner_u: STRING
v group_u: STRING
v link_name_u: STRING
v size_mb: INTEGER

Appendix D. IBM Tivoli Enterprise Console event mapping 83

 Table 12. Overview of event slots to event classes (continued)
IBM Tivoli Enterprise Console event class
ITM_N_F_S_and_R_P_C_Statistics
84 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
event slots
N_F_S_and_R_P_C_Statistics attribute group
v system_name: STRING
v timestamp: STRING
v rpc_server_calls_rejected: INTEGER
v rpc_server_times_rpc_packet_unavailable:
INTEGER
v rpc_server_packets_too_short: INTEGER
v rpc_server_packets_with_malformed_
header: INTEGER
v rpc_client_calls_rejected_by_server:
INTEGER
v rpc_client_calls_retransmitted: INTEGER
v rpc_client_replies_not_matching_calls:
INTEGER
v rpc_client_calls_timed_out: INTEGER
v rpc_client_times_call_wait_on_busy:
INTEGER
v rpc_client_times_authentication_refreshed:
INTEGER
v nfs_server_calls: INTEGER
v nfs_server_calls_rejected: INTEGER
v nfs_server_rejected_call_percentage:
INTEGER
v nfs_server_null_calls: INTEGER
v nfs_server_get_attribute_calls: INTEGER
v nfs_server_set_attribute_calls: INTEGER
v nfs_server_root_calls: INTEGER
v nfs_server_lookups: INTEGER
v nfs_server_read_link_calls: INTEGER
v nfs_server_read_calls: INTEGER
v nfs_server_write_cache_calls: INTEGER
v nfs_server_writes: INTEGER
v nfs_server_file_creates: INTEGER
v nfs_server_remove_file_calls: INTEGER
v nfs_server_rename_file_calls: INTEGER
v nfs_server_link_calls: INTEGER
v nfs_server_symbolic_link_calls: INTEGER
v nfs_server_make_directory_calls:
INTEGER
v nfs_server_remove_directory_calls:
INTEGER
v nfs_server_read_directory_calls: INTEGER
v nfs_server_file_system_statistics_calls:
INTEGER
Continued on the next page.
Table 12. Overview of event slots to event classes (continued)
IBM Tivoli Enterprise Console event class
ITM_N_F_S_and_R_P_C_Statistics
(Continued)
Appendix D. IBM Tivoli Enterprise Console event mapping
event slots
v nfs_client_calls: INTEGER
v nfs_client_calls_rejected: INTEGER
v nfs_client_rejected_call_percentage:
INTEGER
v nfs_client_null_calls: INTEGER
v nfs_client_get_attribute_calls: INTEGER
v nfs_client_set_attribute_calls: INTEGER
v nfs_client_root_calls: INTEGER
v nfs_client_lookups: INTEGER
v nfs_client_read_link_calls: INTEGER
v nfs_client_read_calls: INTEGER
v nfs_client_write_cache_calls: INTEGER
v nfs_client_writes: INTEGER
v nfs_client_file_creates: INTEGER
v nfs_client_remove_file_calls: INTEGER
v nfs_client_rename_file_calls: INTEGER
v nfs_client_link_calls: INTEGER
v nfs_client_symbolic_link_calls: INTEGER
v nfs_client_make_directory_calls: INTEGER
v nfs_client_remove_directory_calls:
INTEGER
v nfs_client_read_directory_calls: INTEGER
v nfs_client_file_system_statistics_calls:
INTEGER
85
 Table 12. Overview of event slots to event classes (continued)
IBM Tivoli Enterprise Console event class
ITM_SMP_CPU
event slots
SMP_CPU attribute group
v system_name: STRING
v timestamp: STRING
v cpu_id: INTEGER
v user_cpu: INTEGER
v system_cpu: INTEGER
v idle_cpu: INTEGER
v wait_io: INTEGER
v cpu_busy: INTEGER
v minor_faults: INTEGER
v major_faults: INTEGER
v cross_calls: INTEGER
v interrupts: INTEGER
v interrupts_as_threads: INTEGER
v context_switches: INTEGER
v involuntary_context_switches: INTEGER
v thread_migrations: INTEGER
v spins_on_mutexes: INTEGER
v spins_on_rw_locks: INTEGER
v system_calls: INTEGER
v cpu_status: INTEGER
v cpu_usage: INTEGER
v cpu_time: INTEGER
v avg_cpu_busy_1: INTEGER
v avg_cpu_busy_5: INTEGER
v avg_cpu_busy_15: INTEGER
v avg_cpu_busy_60: INTEGER
v avg_cpu_sys_1: INTEGER
v avg_cpu_sys_5: INTEGER
v avg_cpu_sys_15: INTEGER
v avg_cpu_sys_60: INTEGER
v avg_cpu_usr_1: INTEGER
v avg_cpu_usr_5: INTEGER
v avg_cpu_usr_15: INTEGER
v avg_cpu_usr_60: INTEGER

86 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Appendix E. Historical data
Historical reports use a column header that uses a shorter character name that
identifies the attributes. The tables in this appendix identify the historical table, the
Monitoring Agent for UNIX OS attribute group associated with the table, the
historical table column head (in capital letters), and the associated attribute name.
Use the information in this appendix in conjunction with the information in
Appendix A, “Attributes,” on page 67 to identify attribute definitions for the
historical data tables.

UNIXCPU historical table

The UNIXCPU historical table corresponds to the SMP CPU attributes.

Table 13 lists the historical table column heads alphabetically and the
corresponding SMP CPU attributes.
Table 13. UNIXCPU table column heads and the corresponding SMP CPU attributes
Historical table column head Attribute name
CPUBUSY CPU_Busy
CPUID CPU_ID
CPUSTAT CPU_Status
CSW Context_Switches
ICSW Involuntary_Context_Switches
IDLECPU Idle_CPU
INTRRUPT Interrupts
INTRTHRD Interrups_As_Threads
MAJF Major_Faults
MINF Minor_Faults
ORIGINNODE System_Name
SMTX Spins_On_Mutexes
SRWLOCKS Spins_On_RW_Locks
SYSCALL System_Calls
SYSCPU System_CPU
THRDMIGR Thread_Migrations
TIMESTAMP Timestamp
USRCPU User_CPU
WAITIO Wait_I/O
XCALLS Cross_Calls
ZATTRIB Parameter

Column seen in historical data collection tables but

currently not collecting validated data.

© Copyright IBM Corp. 2005 87

 Table 13. UNIXCPU table column heads and the corresponding SMP CPU
attributes (continued)
Historical table column head Attribute name
ZVALUE Value

Column seen in historical data collection tables but

currently not collecting validated data.

UNIXDISK historical table

The UNIXDISK historical table corresponds to the Disk Information attributes.

Table 14 lists the historical table column heads alphabetically and the
corresponding Disk group attributes.
Table 14. UNIXDISK table column heads and the corresponding Disk Information attributes
Historical table column head Attribute name
DSKNAME Name
DSKSIZE Size
FSTYPE FS_Type

Column seen in historical data collection tables but

currently not collecting validated data.
INODEFREE Inodes_Free
INODESIZE Inode_Size
INODEUSED Inodes_Used
MOUNTPT Mount_Point
ORIGINNODE System_Name
PCTINDUSED Inodes_Used_Percent
PCTSPCAV Space_Available_Percent

Column seen in historical data collection tables but

currently not collecting validated data.
PCTSPCUSED Space_Used_Percent
SPCAVAIL Space_Available
SPCUSED Space_Used
TIMESTAMP Timestamp

UNIXDPERF historical table

The UNIXDPERF historical table corresponds to the Disk Performance attributes.

Table 15 lists the historical table column heads alphabetically and the
corresponding Disk Performance attributes.
Table 15. UNIXDPERF table column heads and the corresponding Disk Performance
attributes
Historical table column head Attribute name
AVGSERV Avg_Serv

88 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 Table 15. UNIXDPERF table column heads and the corresponding Disk Performance
attributes (continued)
Historical table column head Attribute name
DSKAVQUE Avg_Queue
DSKAVWAIT Avg_Wait
DSKBUSY Busy_Percent
DSKBYTESIZ Transferred_Bytes
DSKNAME Disk_Name
DSKXFERRAT Transfer_Rate
ORIGINNODE System_Name
TIMESTAMP Timestamp

UNIXFILE historical table

The UNIXFILE historical table corresponds to the File Information attributes.

Table 16 lists the historical table column heads alphabetically and the
corresponding File Information attributes.
Table 16. UNIXFILE table column heads and the corresponding File Information attributes
Historical table column head Attribute name
ACCESS Access
ACCESSEDTM Last_Accessed_Time
CHANGEDTM Last_Changed_Time
FILE File
GROUP Group
LINKNAME Link_Name
LINKS Links
ORIGINNODE System_Name
OWNER Owner
PATH Path
SIZE Size
TIMESTAMP Timestamp
TYPE Type

UNIXNET historical table

The UNIXNET historical table corresponds to the Network attributes.

Table 17 lists the historical table column heads alphabetically and the
corresponding Network attributes.
Table 17. UNIXNET table column heads and the corresponding Network attributes
Historical table column head Attribute name
FCOLLSNS Collisions
FDNSNAME Interface_DNS_Name

Appendix E. Historical data 89

 Table 17. UNIXNET table column heads and the corresponding Network
attributes (continued)
Historical table column head Attribute name
FIBYTES Received_Count
FIERRORS Input_Errors
FIFRAMES Frames_Received
FIPADDR Interface_IP_Address
FMTU Transmission_Unit_Maximum
FNAME Network_Interface_Name
FOBYTES Transmitted_Count
FOERRORS Output_Errors
FOFRAMES Frames_Transmitted
FSTATUS Interface_Status
FUNIT Subunit_Driver
ORIGINNODE System_Name
TIMESTAMP Timestamp

UNIXNFS historical table

The UNIXNFS historical table corresponds to the NFS and RPC Statistics attributes.

Table 18 lists the historical table column heads alphabetically and the
corresponding NFS and RPC Statistics attributes.
Table 18. UNIXNSF table column heads and the corresponding NFS and RPC Statistics
attributes
Historical table column head Attribute name
ZTITLE Attribute_Title

Column seen in historical data collection tables but currently

not collecting validated data.
ZVALUE Attribute_Value

Column seen in historical data collection tables but currently

not collecting validated data.
NCCALLS NFS_Client_Calls
NCBAD NFS_Client_Calls_Rejected
NCCREATE NFS_Client_File_Creates
NCFSSTAT NFS_Client_File_System_Statistics_Calls
NCGETATT NFS_Client_Get_Attribute_Calls
NCLINK NFS_Client_Link_Calls
NCLOOKUP NFS_Client_Lookups
NCMKDIR NFS_Client_Make_Directory_Calls
NCNULL NFS_Client_Null_Calls
NCREAD NFS_Client_Read_Calls
NCRDDIR NFS_Client_Read_Directory_Calls

90 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Table 18. UNIXNSF table column heads and the corresponding NFS and RPC Statistics
attributes (continued)
Historical table column head Attribute name
NCRDLINK NFS_Client_Read_Link_Calls
NCPERC NFS_Client_Rejected_Calls_Percentage
NCRMDIR NFS_Client_Remove_Directory_Calls
NCREMOVE NFS_Client_Remove_File_Calls
NCRENAME NFS_Client_Rename_File_Calls
NCROOT NFS_Client_root_Calls
NCSETATT NFS_Client_Set_Attribute_Calls
NCSYMLNK NFS_Client_Symbolic_Link_Calls
NCWRCACH NFS_Client_Write_Cache_Calls
NCWRITE NFS_Client_Writes
NSCALLS NFS_Server_Calls
NSBAD NFS_Server_Calls_Rejected
NSCREATE NFS_Server_File_Creates
NSFSSTAT NFS_Server_File_System_Statistics_Calls
NSGETATT NFS_Server_Get_Attribute_Calls
NSLINK NFS_Server_Link_Calls
NSLOOKUP NFS_Server_Lookups
NSMKDIR NFS_Server_Make_Directory_Calls
NSNULL NFS_Server_Null_Calls
NSREAD NFS_Server_Read_Calls
NSRDDIR NFS_Server_Read_Directory_Calls
NSRDLINK NFS_Server_Read_Link_Calls
NSPERC NFS_Server_Rejected_Calls_Percentage
NSRMDIR NFS_Server_Remove_Directory_Calls
NSREMOVE NFS_Server_Remove_File_Calls
NSRENAME NFS_Server_Rename_File_Calls
NSROOT NFS_Server_root_Calls
NSSETATT NFS_Server_Set_Attribute_Calls
NSSYMLNK NFS_Server_Symbolic_Link_Calls
NSWRCACH NFS_Server_Write_Cache_Calls
NSWRITE NFS_Server_Writes
RCBAD RPC_Client_Calls_Rejected_by_Server
RCRETRAN RPC_Client_Calls_Retransmitted
RCTIMOUT RPC_Client_Calls_Timed_Out
RCBADXID RPC_Client_Replies_Not_Matching_Calls
RCAREF RPC_Client_Times_Authentication_Refreshed
RCWAIT RPC_Client_Times_Call_Wait_On_Busy
RSBAD RPC_Server_Calls_Rejected
RSBADLEN RPC_Server_Packets_Too_Short

Appendix E. Historical data 91

 Table 18. UNIXNSF table column heads and the corresponding NFS and RPC Statistics
attributes (continued)
Historical table column head Attribute name
RSBADHDR RPC_Server_Packets_with_Malformed_Header
RSNULL RPC_Server_Times_RPC_Packet_Unavailable
ORIGINNODE System_Name
TIMESTAMP Timestamp

UNIXPS historical table

The UNIXPS historical table corresponds with the Process attributes.

Table 19 lists the historical table column heads alphabetically and the
corresponding Process attributes.
Table 19. UNIXPS table column heads and the corresponding Process attributes
Historical table column head Attribute name
ADDR Entry_Address
CHILDTIME Total_Child_CPU_Time
CHILDSTIME Child_System_CPU_Time
CHILDUTIME Child_User_CPU_Time
CMD Command
COMMAND Process_Command
CONTSWITCH Context_Switch
CPU CPU_Utilization
CPUID CPU_ID
CPUPERCENT CPU_Pct
CPUTIME CPU_Time

Column seen in historical data collection tables but

currently not collecting validated data.
EGID Effective_Group_ID
ELAPTIME Elapsed_Time
EUID Effective_User_ID
EVENT Event_Waited_On
EXECSTATE Execution_State
FLAG Flag
GID Real_Group_ID
HEAP Heap_Size
INVCONTSWT Involuntary_Context_Switches
MAJORFAULT Major_Fault
MEMPERCENT Mem_Pct
MINORFAULT Minor_Fault
NICE Nice_Value
ORIGINNODE System_Name

92 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 Table 19. UNIXPS table column heads and the corresponding Process
attributes (continued)
Historical table column head Attribute name
PID Process_ID
PGID Process_Group_Leader_ID
PPID Parent_Process_ID
PRIORITY Priority
READWRITE Read/Write
REPTYPE Reptype

Column seen in historical data collection tables. IBM

internal use only.
SAMPCPUTCT Sample_CPU_Pct

Column seen in historical data collection tables but

currently not collecting validated data.
SCHEDCLASS Scheduling_Class
SESSIONID Session_ID
SIZE Size
STACK Stack_Size
STARTTIME StartTime
SYSTEMTIM System_CPU_Time
THREADCNT Thread_Count
TIME Time
TIMESTAMP Timestamp
TOTCPUPERC Total_CPU_Percent
TOTALTIME Total_CPU_Time
TTY Terminal_Device
UID User_ID
USERNAME User_Name
USERTIME User_CPU_Time
VSIZE Virtual_Size
WAITCPUTIM Wait_CPU_Time
WAITLTIME Wait_Lock_Time
ZATTRIB Parameter

Column seen in historical data collection tables but

currently not collecting validated data.
ZVALUE Value

Column seen in historical data collection tables but

currently not collecting validated data.

UNIXOS historical table

The UNIXOS historical table corresponds to the System attributes.

Appendix E. Historical data 93

 Table 20 lists the historical table column heads alphabetically and the
corresponding System attributes.
Table 20. UNIXOS table column heads and the corresponding System attributes
Historical table column head Attribute name
BOOTTIME Boot_Time
BREAD Block_Reads
BWRITE Block_Writes
CPUBUSY CPU_Busy
DEVINT Device_Interrupts
LREAD Logical_Block_Reads
LWRITE Logical_Block_Writes
MEMFREE DUMMY-Memory_Free

Column seen in historical data collection tables but

currently not collecting validated data.
MEMUSED Memory_Used

Column seen in historical data collection tables but

currently not collecting validated data.
MDMINT Modem_Interrupts

Column seen in historical data collection tables but

currently not collecting validated data.
NETADDR Net_Address
NETCONNECT Active_Internet_Connections

Column seen in historical data collection tables but

currently not collecting validated data.
NETLOAD1 Load_Average_1_Min
NETLOAD2 Load_Average_5_Min
NETLOAD3 Load_Average_15_Min
NETSOCKET Active_Sockets

Column seen in historical data collection tables but

currently not collecting validated data.
NOSYSPROCS System_Procs_Number
NOUSRSESS Users_Session_Number
NSYSTHRD System_Threads

Column seen in historical data collection tables but

currently not collecting validated data.
ORIGINNODE System_Name
PENDIOWT Pending_IO_Waits

Column seen in historical data collection tables but

currently not collecting validated data.
PHREAD NonBlock_Reads
PHWRITE NonBlock_Writes
PIDLE Processes_Idle

94 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Table 20. UNIXOS table column heads and the corresponding System attributes (continued)
Historical table column head Attribute name
PRUNABLE Processes_Runnable
PRUNNING Processes_Running
PSLEEPING Processes_Sleeping
PSTOPPED Processes_Stopped
PSWITCH CPU_Context_Switches
PZOMBIE Processes_Zombie
RCVINT Receive_Interrupts

Column seen in historical data collection tables but

currently not collecting validated data.
STARTIO Start_IO

Column seen in historical data collection tables but

currently not collecting validated data.
SYSCALL System_Calls
SYSEXEC Execs_Executed
SYSFORK Forks_Executed
SYSREAD System_Read
SYSWRITE System_Write
SYSTEMTYPE Type
SYSUPTIME Up_Time
SYSTEMVERS Version
TIMESTAMP Timestamp
THRDRUNQ Threads_in_Run_Queue

Column seen in historical data collection tables but

currently not collecting validated data.
THRDWAIT Threads_Waiting

Column seen in historical data collection tables but

currently not collecting validated data.
TOTREALMEM Total_Real_Memory
TOTVIRTMEM Total_Virtual_Memory
UNIXIDLCPU Idle_CPU
UNIXSYSCPU System_CPU
UNIXUSRCPU User_CPU
UNIXWAITIO Wait_I/O
UPTIME UpTime
VMFREEMEM Free_Memory
VMFREEPRC Virtual_Memory_Percent_Available
VMFREESWAP Active_Virtual_Memory
VMINPGWAIT Processes_Waiting
VMINRUNQ Processes_in_Run_Queue
VMPGFAULTS Page_Faults

Appendix E. Historical data 95

 Table 20. UNIXOS table column heads and the corresponding System attributes (continued)
Historical table column head Attribute name
VMPGIN Pages_Paged_In
VMPGOUT Pages_Paged_Out
VMPGRCLM Page_Reclaims
VMPGSIN Page_Ins
VMPGSOUT Page_Outs
VMSCAN Page_Scan_Rate
VMUSEDPRC Virtual_Memory_Percent_Used
XMTINT Transmit_Interrupts

Column seen in historical data collection tables but

currently not collecting validated data.
ZATTRIB Parameter

Column seen in historical data collection tables but

currently not collecting validated data.
ZVALUE Value

Column seen in historical data collection tables but

currently not collecting validated data.

UNIXUSER historical table

The UNIXUSER historical table corresponds to the User group attributes.

Table 21 lists the historical table column heads alphabetically and the
corresponding User attributes.
Table 21. UNIXUSER table column heads and the corresponding User attributes
Historical table column head Attribute name
ORIGINNODE System_Name
PID Process_ID

Column seen in historical data collection tables but

currently not collecting validated data.
TIMESTAMP Timestamp
UID User_ID
USERIDLE Idle_Time
USERLOGIN Login_Name
USERNAME Name
USERSITE Location
USERTTY Terminal
USERWHEN Login_Time

96 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Appendix F. Problem determination
This appendix explains how to troubleshoot the IBM Tivoli Monitoring: UNIX OS
Agent. Troubleshooting, or problem determination, is the process of determining
why a certain product is malfunctioning.

Note: You can resolve some problems by ensuring that your system matches the
system requirements listed in Chapter 2, “Requirements for the monitoring
agent,” on page 5.

This appendix provides agent-specific problem determination information. See the

IBM Tivoli Monitoring Problem Determination Guide for general problem
determination information. Also see “Support information” on page 117 for other
problem-solving options.

Gathering product information for IBM Software Support

Before contacting IBM Software Support about a problem you are experiencing
with this product, gather the following information that relates to the problem:
Table 22. Information to gather before contacting IBM Software Support
Information type Description
Log files Collect trace log files from failing systems. Most logs are located in a logs subdirectory
on the host computer. See “Trace logging” on page 98 for lists of all trace log files and
their locations. See the IBM Tivoli Monitoring User’s Guide for general information about
the IBM Tivoli Monitoring environment.
UNIX information v Version number and patch level
v Sample application data file (if monitoring a file)
Operating system Operating system version number and patch level
Messages Messages and other information displayed on the screen
Version numbers for Version number of the following members of the monitoring environment:
IBM Tivoli Monitoring v IBM Tivoli Monitoring. Also provide the patch level, if available.
v IBM Tivoli Monitoring: UNIX OS Agent
Screen captures Screen captures of incorrect output, if any.
(UNIX only) Core dump If the system stops on UNIX systems, collect core dump file from install_dir/bin directory,
files where install_dir is the directory path where you installed the monitoring agent.

Upload files for review to the following FTP site: ftp.emea.ibm.com. Log in as
anonymous and place your files in the directory that corresponds to the IBM Tivoli
Monitoring component that you use. See “Contacting IBM Software Support” on
page 119 for more information about working with IBM Software Support.

Built-in problem determination features

The primary troubleshooting feature in the IBM Tivoli Monitoring: UNIX OS Agent
is logging. Logging refers to the text messages and trace data generated by the IBM
Tivoli Monitoring: UNIX OS Agent. Messages and trace data are sent to a file.

Trace data captures transient information about the current operating environment
when a component or application fails to operate as designed. IBM Software

© Copyright IBM Corp. 2005 97

 Support personnel use the captured trace information to determine the source of
an error or unexpected condition. See “Trace logging” for more information.

Problem classification
The following types of problems might occur with the IBM Tivoli Monitoring:
UNIX OS Agent:
v Installation and configuration
v General usage and operation
v Display of monitoring data
v Take Action commands

This appendix provides symptom descriptions and detailed workarounds for these
problems, as well as describing the logging capabilities of the monitoring agent.
See the IBM Tivoli Monitoring Problem Determination Guide for general problem
determination information.

Trace logging
Trace logs capture information about the operating environment when component
software fails to operate as intended. The principal log type is the RAS (Reliability,
Availability, and Serviceability) trace log. These logs are in the English language
only. The RAS trace log mechanism is available for all components of IBM Tivoli
Monitoring. Most logs are located in a logs subdirectory on the host computer. See
the following sections to learn how to configure and use trace logging:
v “Principal trace log files” on page 99
v “Examples: using trace logs” on page 101
v “Setting RAS trace parameters” on page 102

Note: The documentation refers to the RAS facility in IBM Tivoli Monitoring as
″RAS1″.

The default configuration for trace logging, such as whether trace logging is
enabled or disabled and trace level, depends on the source of the trace logging.
Trace logging is always enabled.

Typically, IBM Software Support applies specialized knowledge to analyze trace

logs to determine the source of problems. However, you can open trace logs in a
text editor such as vi to learn some basic facts about your IBM Tivoli Monitoring
environment as described in “Examples: using trace logs” on page 101.

Overview of log file management

Table 23 on page 100 provides the names, locations, and descriptions of RAS1 log
files. The log file names adhere to the following naming convention:
hostname_product_program_timestamp-nn.log

where:
v hostname is the host name of the machine on which the monitoring component is
running.
v product is the two-character product code. For Monitoring Agent for UNIX OS,
the product code is ux.
v program is the name of the program being run.

98 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 v timestamp is an 8-character hexadecimal timestamp representing the time at
which the program started.
v nn is a rolling log suffix. See “Examples of trace logging” for details of log
rolling.

Examples of trace logging

For example, if a UNIX monitoring agent is running on computer ″server01″, the
RAS log file for the Monitoring Agent for UNIX OS might be named as follows:
server01_ux_kuxagent_437fc59-01.log

For long-running programs, the nn suffix is used to maintain a short history of log
files for that startup of the program. For example, the kuxagent program might
have a series of log files as follows:
server01_ux_kuxagent_437fc59-01.log
server01_ux_kuxagent_437fc59-02.log
server01_ux_kuxagent_437fc59-03.log

As the program runs, the first log (nn=01) is preserved because it contains program
startup information. The remaining logs ″roll." In other words, when the set of
numbered logs reach a maximum size, the remaining logs are overwritten in
sequence.

Each time a program is started, a new timestamp is assigned to maintain a short

program history. For example, if the Monitoring Agent for UNIX OS is started
twice, it might have log files as follows:
server01_ux_kuxagent_437fc59-01.log
server01_ux_kuxagent_437fc59-02.log
server01_ux_kuxagent_437fc59-03.log

server01_ux_kuxagent_537fc59-01.log
server01_ux_kuxagent_537fc59-02.log
server01_ux_kuxagent_537fc59-03.log

Each program that is started has its own log file. For example, the Monitoring
Agent for UNIX OS would have agent logs in this format:
server01_ux_kuxagent_437fc59-01.log

Other logs, such as logs for UNIX collector processes and Take Action commands,
have a similar syntax as in the following example:
server01_ux_ifstat_447fc59-01.log

where ifstat is the program name.

Note: When you communicate with IBM Software Support, you must capture and
send the RAS1 log that matches any problem occurrence that you report.

Principal trace log files

Table 23 on page 100 contains locations, file names, and descriptions of trace logs
that can help determine the source of problems with agents.

Appendix F. Problem determination 99

Table 23. Trace log files for troubleshooting agents
System where log File name and path Description
is located
On the computer The RAS1 log files are named Traces activity of the monitoring agent.
that hosts the hostname_ux_program_timestamp-nn.log and are Note: Other logs, such as logs for UNIX
monitoring agent located in the install_dir/logs path. collector processes and Take Action
Note: File names for RAS1 logs include a commands (if available), have a similar
See “Definitions of hexadecimal time stamp. syntax and are located in this directory
variables” on page path.
101 for Also on UNIX, a log with a decimal time stamp
descriptions of the is provided: hostname_ux_timestamp.log and
variables in the hostname_ux_timestamp.pidnnnnn in the
file names in install_dir/logs path, where nnnnn is the
column two. process ID number.
The *.LG0 file is located in the install_dir/logs A new version of this file is generated
path. every time the agent is restarted. IBM Tivoli
Monitoring generates one backup copy of
the *.LG0 file with the tag .LG1. View .LG0
to learn the following details regarding the
current monitoring session:
v Status of connectivity with the
monitoring server.
v Situations that were running.
v The success or failure status of Take
Action commands.
On the Tivoli On UNIX: The candle_installation.log file in the Provides details about products that are
Enterprise install_dir/logs path. installed.
Monitoring Server Note: Trace logging is enabled by default.
On Windows: The file in the A configuration step is not required to
See “Definitions of install_dir\InstallITM path. enable this tracing.
variables” on page
101 for The Warehouse_Configuration.log file is located Provides details about the configuration of
descriptions of the in the following path on Windows: data warehousing for historical reporting.
variables in the install_dir\InstallITM.
file names in The RAS1 log file is named Traces activity on the monitoring server.
column two. hostname_ms_timestamp-nn.log and is located in
the following path:
v On Windows: install_dir\logs
v On UNIX: install_dir/logs
Note: File names for RAS1 logs include a
hexadecimal time stamp

Also on UNIX, a log with a decimal time stamp

is provided: hostname_ms_timestamp.log and
hostname_ms_timestamp.pidnnnnn in the
install_dir/logs path, where nnnnn is the
process ID number.

100 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Table 23. Trace log files for troubleshooting agents (continued)
System where log File name and path Description
is located
On the Tivoli The RAS1 log file is named Traces activity on the portal server.
Enterprise Portal hostname_cq_timestamp-nn.log and is located in
Server the following path:
v On Windows: install_dir\logs
See “Definitions of
variables” for v On UNIX: install_dir/logs
descriptions of the Note: File names for RAS1 logs include a
variables in the hexadecimal time stamp
file names in
column two. Also on UNIX, a log with a decimal time stamp
is provided: hostname_cq_timestamp.log and
hostname_cq_timestamp.pidnnnnn in the
install_dir/logs path, where nnnnn is the process ID
number.
The TEPS_ODBC.log file is located in the following When you enable historical reporting, this
path on Windows: install_dir\InstallITM. log file traces the status of the warehouse
proxy agent.
Definitions of variables for RAS1 logs:
v hostname is the host name of the machine on which the agent is running.
v install_dir represents the directory path where you installed the IBM Tivoli Monitoring component. install_dir can
represent a path on the computer that hosts the monitoring server, the monitoring agent, or the portal server.
v product is the two character product code. For Monitoring Agent for UNIX OS, the product code is ux.
v program is the name of the program being run.
v timestamp is an eight-character hexadecimal time stamp representing the time at which the program started.
v nn is a rolling log suffix. See “Examples of trace logging” on page 99 for details of log rolling.

See the IBM Tivoli Monitoring Installation and Setup Guide for more information on
the complete set of trace logs that are maintained on the monitoring server.

Examples: using trace logs

Typically IBM Software Support applies specialized knowledge to analyze trace
logs to determine the source of problems. However, you can open trace logs in a
text editor such as vi to learn some basic facts about your IBM Tivoli Monitoring
environment. You can use the ls -ltr command to list the log files in the
install_dir/logs directories, sorted by time they were last updated.
Example one
This excerpt shows the typical log for a failed connection between a
monitoring agent and a monitoring server with the host name server1a:
(Thursday, August 11, 2005, 08:21:30-{94C}kdcl0cl.c,105,"KDCL0_ClientLookup") status=1c020006,
"location server unavailable", ncs/KDC1_STC_SERVER_UNAVAILABLE
(Thursday, August 11, 2005, 08:21:35-{94C}kraarreg.cpp,1157,"LookupProxy") Unable to connect to
broker at ip.pipe:: status=0, "success", ncs/KDC1_STC_OK
(Thursday, August 11, 2005, 08:21:35-{94C}kraarreg.cpp,1402,"FindProxyUsingLocalLookup") Unable
to find running CMS on CT_CMSLIST <IP.PIPE:#server1a>
Example two
The following excerpts from the trace log for the monitoring server show the
status of an agent, identified here as ″Remote node.″ The name of the
computer where the agent is running is SERVER5B:
(42C039F9.0000-6A4:kpxreqhb.cpp,649,"HeartbeatInserter") Remote node SERVER5B:KUX is ON-LINE.
. . .
(42C3079B.0000-6A4:kpxreqhb.cpp,644,"HeartbeatInserter") Remote node SERVER5B:KUX is OFF-LINE.

Key points regarding the preceding excerpt:

Appendix F. Problem determination 101

 v The monitoring server appends the KUX product code to the server
name to form a unique name (SERVER5B:KUX) for this instance of
Monitoring Agent for UNIX OS. This unique name enables you to
distinguish multiple monitoring products that might be running on
SERVER5B.
v The log shows when the agent started (ON-LINE) and later stopped
(OFF-LINE) in the environment.
v For the sake of brevity an ellipsis (...) represents the series of trace log
entries that were generated while the agent was running.
v Between the ON-LINE and OFF-LINE log entries, the agent was
communicating with the monitoring server.
v The ON-LINE and OFF-LINE log entries are always available in the
trace log. All trace levels that are described in “Setting RAS trace
parameters” provide these entries.

Setting RAS trace parameters

Objective
Pinpoint a problem by setting detailed tracing of individual components of the
monitoring agent and modules.

Background Information
Monitoring Agent for UNIX OS uses RAS1 tracing and generates the logs
described in Table 23 on page 100. The default RAS1 trace level is ERROR.

RAS1 tracing has control parameters to manage to the size and number of RAS1
logs. Use the procedure described in this section to set the parameters.

Note: The KBB_RAS1_LOG parameter also provides for the specification of the
log file directory, log file name, and the inventory control file directory and
name. Do not modify these values or log information can be lost.

Before you begin

See “Overview of log file management” on page 98 to ensure that you understand
log rolling and can reference the correct log files when you managing log file
generation.

After you finish

Monitor the size of the logs directory. Default behavior can generate a total of 45 to
60 MB for each agent that is running on a computer. For example, each database
instance that you monitor could generate 45 to 60 MB of log data. See the
″Procedure″ section to learn how to adjust file size and numbers of log files to
prevent logging activity from occupying too much disk space.

Regularly prune log files other than the RAS1 log files in the logs directory. Unlike
the RAS1 log files which are pruned automatically, other log types can grow
indefinitely, for example, the logs in Table 23 on page 100 that include a process ID
number (PID).

Consider using collector trace logs (described in Table 23 on page 100) as an

additional source of problem determination information.

102 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 Note: The KDC_DEBUG setting and the Maximum error tracing setting can
generate a large amount of trace logging. Use them only temporarily, while
you are troubleshooting problems. Otherwise, the logs can occupy excessive
amounts of hard disk space.

Procedure
Specify RAS1 trace options in the install_dir/config/ux.ini file. You can
manually edit the configuration file to set trace logging:
1. Open the trace options file: /install_dir/config/ux.ini.
2. Edit the line that begins with KBB_RAS1= to set trace logging preferences.
For example, if you want detailed trace logging, set the Maximum Tracing
option:
export KBB_RAS1=’ERROR (UNIT:kux ALL) (UNIT:kra ALL)’
3. Edit the line that begins with KBB_RAS1_LOG= to manage the generation of
log files:
v Edit the following parameters to adjust the number of rolling log files and
their size.
– MAXFILES: the total number of files that are to be kept for all startups of
a given program. Once this value is exceeded, the oldest log files are
discarded. Default value is 9.
– LIMIT: the maximum size, in megabytes (MB) of a RAS1 log file. Default
value is 5.
v IBM Software Support might guide you to modify the following parameters:
– COUNT: the number of log files to keep in the rolling cycle of one
program startup. Default value is 3.
– PRESERVE: the number of files that are not to be reused in the rolling
cycle of one program startup. Default value is 1.

Note: The KBB_RAS1_LOG parameter also provides for the specification of

the log file directory, log file name, and the inventory control file
directory and name. Do not modify these values or log information can
be lost.
4. Restart the monitoring agent so that your changes take effect.

Problems and workarounds

The following sections provide symptoms and workarounds for problems that
might occur with Monitoring Agent for UNIX OS:
v “Installation and configuration problem determination” on page 104
v “Agent problem determination” on page 107
v “Tivoli Enterprise Portal problem determination” on page 112
v “Workspace problem determination” on page 112
v “Problem determination for remote deployment” on page 112
v “Situation problem determination” on page 113
v “Take Action command problem determination” on page 116
v “Problem determination for UNIX” on page 116

Note: You can resolve some problems by ensuring that your system matches the
system requirements listed in Chapter 2, “Requirements for the monitoring
agent,” on page 5.

Appendix F. Problem determination 103

 This appendix provides agent-specific problem determination information. See the
IBM Tivoli Monitoring Problem Determination Guide for general problem
determination information.

Installation and configuration problem determination

This section provides tables that show solutions for installation, configuration, and
uninstallation problems.
Table 24. Problems and solutions for installation and configuration
Problem Solution
Installation fails on HPUX11. The You must install the PHSS_30966 patch on the HPUX system. See the Web site
log for the monitoring agent shows listed in the next row of this table for details.
the message listed in the next row
of this table.
When a patch is missing on HPUX11, the following message is generated:
/usr/lib/pa20_64/dld.sl: Unsatisfied code symbol ’dladdr’ in load module \
’/opt/IBM/ITM/tmaitm6/hp116/lib/libkbb.sl’

The following Web site provides details about the required patch for HPUX11:
http://www2.itrc.hp.com/service/patch/patchDetail.do?patchid=PHSS_30966&admit=-1335382922+112672773755 \
6+28353475
When you upgrade to IBM Tivoli Fixpacks for Candle, Version 350, are delivered as each monitoring agent is
Monitoring, you might need to upgraded to IBM Tivoli Monitoring.
apply fixpacks to Candle, Version Note: The IBM Tivoli Monitoring download image or CD provides application
350, agents. fixpacks for the monitoring agents that are installed from that CD (for
example, the agents for operating systems such as Windows, Linux, UNIX, and
i5/OS). The upgrade software for other agents is located on the download
image or CDs for that specific monitoring agent, such as the agents for
database applications.

Presentation files and customized
Omegamon DE screens for Candle
monitoring agents need to be
upgraded to a new Linux on
z/Series system.
The product fails to do a
monitoring activity that requires
read, write, or execute permissions.
For example, the product might fail
to run a Take Action command or
read a log.
While installing the agent from a
CD, the following message is
displayed and you are not able to
continue the installation:
install.sh warning: unarchive
of "/cdrom/unix/cienv1.tar" may
have failed
If you do not upgrade the monitoring agent to IBM Tivoli Monitoring, the
agent continues to work. However, you must upgrade to have all the
functionality that IBM Tivoli Monitoring offers.
The upgrade from version 350 to IBM Tivoli Monitoring handles export of the
presentation files and the customized Omegamon DE screens.
The monitoring agent must have the permissions necessary to perform
requested actions. For example, if the user ID you used to log onto the system
to install the monitoring agent (locally or remotely) does not have the
permission to perform a monitoring operation (such as running a command),
the monitoring agent is not able perform the operation.
This error is caused by low disk space. Although the install.sh script indicates
that it is ready to install the agent software, the script considers the size of all
tar files, not the size of all the files that are contained within the tar file.Run
the df -k command to check whether the file systems have enough space to
install agents.

104 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Table 24. Problems and solutions for installation and configuration (continued)
Problem Solution
Installing as root: The product has When you install the product as root the files in the install_dir directory are
been installed as root, which is not owned by root. You must change the status of the files as follows:
recommended. Without 1. While logged on as root, run the install_dir/bin/UnSetRoot script, as in
re-installing the product, how can this example:
you change from root to a
UnSetRoot [ -h CANDLEHOME ] userID
different user account?
The script resets all the files under the install_dir directory.
2. Run the install_dir/bin/SetPerm command. SetPerm sets root permission
for specific IBM Tivoli Monitoring agent files.

About installing as root: Normally, do not use the root user account to install
or to start the Monitoring Agents for UNIX, for Linux, and for UNIX Logs. If
you use the root user account to install the product, the files do not receive the
correct permissions, and product behavior is unpredictable.

Cannot locate the
KDCB0_HOSTNAME setting.
The Monitoring Agent for UNIX
OS repeatedly restarts.
Agents in the monitoring
environment use different
communication protocols. For
example, some agents have
security enabled and others do not.
Creating a firewall partition file: How it works: When the agents start, they search KDCPARTITION.TXT for the
The partition file enables an agent following matches:
to connect to the monitoring server v An entry that matches the partition name OUTSIDE.
through a firewall.
The Monitoring Agent for UNIX
OS is started and running but not
displaying data in the Tivoli
Enterprise Portal.
To create a stable installation of the product, use one of the following options:
v Create a user account with all the authority and permissions to install and
run commands. For example, create a tivoli user account.
—OR—
v Use any user account other than root that has the required authority and
permissions.
Go to install_dir/config and edit the ux.ini file. Set the
KDCB0_HOSTNAME parameter followed by the IP address. If you use
multiple network interface cards (NICs), give the Primary IP address of the
network interface.
You can collect data to analyze this problem as follows:
1. Access the install_dir/config/ux.ini file, which is described in “Setting
RAS trace parameters” on page 102.
2. Add the following line: KBB_SIG1=trace –dumpoff
Configure both the monitoring server and the Warehouse proxy server to
accept multiple protocols, as described in the IBM Tivoli Monitoring Installation
and Setup Guide.
v An entry that also includes a valid external address.
For more information, see the IBM Tivoli Monitoring Installation and Setup Guide.
Check the following issues:
1. Check the Monitoring Agent for UNIX OS log files to see whether there are
connection problems like those mentioned in “Agent unable to connect” on
page 109.
2. If there are no connection problems, check whether the agent has
terminated. (Search for the word ″terminated″ in the log.)
3. If the agent is not terminated, confirm that you have added application
support for the Monitoring Agent for UNIX in the Tivoli Enterprise
Monitoring Server, as described in IBM Tivoli Monitoring Installation and
Setup Guide.

Appendix F. Problem determination 105

Table 24. Problems and solutions for installation and configuration (continued)
Problem
You successfully migrate a Candle
monitoring agent to IBM Tivoli
Monitoring, Version 6.1.0.
However, when you configure
historical data collection, you see
an error message that includes,
Attribute name may be invalid,
or attribute file not installed
for warehouse agent.
Solution
Copy the attribute files for the upgraded Candle monitoring agent to
install_dir\tmaitm6\attrlib on the computer where you have installed the
Warehouse Proxy. The Warehouse Proxy must be able to access the short
attribute names for tables and columns. That way, if the longer versions of
these names exceed the limits of the Warehouse database, the shorter names
can be substituted.

Table 25. General problems and solutions for uninstallation

Problem
On Windows, uninstallation of
IBM Tivoli Monitoring fails to
uninstall the entire environment.
The way to remove inactive
managed systems (systems whose right-click the item that you want to remove, and select Remove managed
status is OFFLINE) from the
Enterprise navigation tree in the
portal is not obvious.
Solution
Be sure that you follow the general uninstallation process described in the IBM
Tivoli Monitoring Installation and Setup Guide:
1. Uninstall monitoring agents first, as in the following examples:
v Uninstall a single monitoring agent for a specific database.
—OR—
v Uninstall all instances of a monitoring product, such as IBM Tivoli
Monitoring for Databases.
2. Uninstall IBM Tivoli Monitoring.
When you want to remove a managed system from the navigation tree,
system.

Unique names for monitoring components

IBM Tivoli Monitoring might not be able to generate a unique name for monitoring
components due to the truncation of names that the product automatically
generates.

IBM Tivoli Monitoring automatically creates a name for each monitoring

component by concatenating the host name and product code separated by colons
(hostname:KUX).

Note: When you monitor a multinode system, such as a database, IBM Tivoli
Monitoring adds a subsystem name to the concatenated name, typically a
database instance name.
The length of the name that IBM Tivoli Monitoring generates is limited to 32
characters. Truncation can result in multiple components having the same
32-character name. If this problem happens, shorten the hostname portion of the
name as follows:
1. Open the configuration file for the monitoring agent, which is located in the
following path: install_dir/config/ux.ini.

Note: When you modify the ux.ini file, your configuration changes affect only
the instance Monitoring Agent for UNIX OS that is running on the
computer. If you want your configuration changes to affect all agents
that run on the computer, modify the install_dir/config/env.config
file.
2. Find the line the begins with CTIRA_HOSTNAME=.

106 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 3. Type a new name for host name that is a unique, shorter name for the host
computer. The final concatenated name including the subsystem name, new
host name, and KUX, cannot be longer than 32 characters.

Note: You must ensure that the resulting name is unique with respect to any
existing monitoring component that was previously registered with the
Tivoli Enterprise Monitoring Server.
4. Save the file.
5. Restart the agent.
6. If you do not find the files mentioned in Step 1, perform the workarounds
listed in the next paragraph.

If you cannot find the CTIRA_HOSTNAME environment variable, you must add
it to the configuration file of the monitoring agent:
v On Windows: Use the Advanced > Edit Variables option.
v On UNIX and Linux: Add the variable to the config/product_code.ini file. For
Monitoring Agent for UNIX OS, add the variable to the ux.ini file.

Agent problem determination

This section lists problems that might occur with agents.

This appendix provides agent-specific problem determination information. See the

IBM Tivoli Monitoring Problem Determination Guide for general problem
determination information.
Table 26. Agent problems and solutions on the UNIX operating system
Problem Solution
When you edit the configuration The original configuration settings might include non-ASCII characters. These
for an existing monitoring agent, values were stored incorrectly and result in the incorrect display. Enter new
the values displayed are not values using only ASCII characters.
correct.
You are unable to install the Update the version of the perfstat library to level 5.1.0.25 or higher.
Monitoring Agent for UNIX OS
on an AIX 5.1 system, and the
installer generates an error
saying that the perfstat library
must be upgraded.
Changes made to the Restart the monitoring agent so that your changes take effect.
configuration of monitoring do
not take effect.
(For Monitoring Agent for UNIX Restart the Monitoring Agent for UNIX OS so that it can detect the changes. For
OS agents running on AIX only) example, if the allocated memory for an LPAR changed, restart the agent.
When you use Logical Partitions
(LPARs) on AIX 5.3 LPARs, the
Monitoring Agent for UNIX OS
fails to automatically detect some
dynamic changes.

Appendix F. Problem determination 107

Table 26. Agent problems and solutions on the UNIX operating system (continued)
Problem Solution
You have installed the product When you use the installation approach that is documented in IBM Tivoli
manually, using an approach Monitoring Installation and Setup Guide, the SetPerm command is run
other than the one documented automatically to set required permissions for the processes that IBM Tivoli
in IBM Tivoli Monitoring Monitoring runs. When you do not use this approach the executables for the
Installation and Setup Guide. You monitoring agent do not have the required privileges.
need to confirm whether you
have executed the SetPerm Run the SetPerm command (which is located under install_dir/bin/ directory).
command. The following example shows lists of agent binaries before and after they have
the required privileges.
The monitoring agent support has the existing permissions:
-rwxrwx--- 1 itmuser itmusers 32243 Sep 09 13:30 ifstat
-rwxrwx--- 1 itmuser itmusers 41045 Sep 09 13:30 kux_vmstat
-rwxrwx--- 1 itmuser itmusers 507562 Sep 09 13:30 kuxagent
-rwxrwx--- 1 itmuser itmusers 5772 Sep 09 13:30 kuxdstat
-rwxrwx--- 1 itmuser itmusers 42514 Sep 09 13:30 nfs_stat
-rwxr-sr-x 1 itmuser system 128211 Sep 09 13:30 stat_daemon

The kernel has the existing permissions:

rw- r-- --- uid(0) gid(3) /dev/kmem

The permissions for the Solaris2 monitoring agent are as follows:

UID r-s r-x r-x kuxagent uid(0) gid(3)

The user has the following permissions:

real user id(0) effective user id(0)
real group id(1) effective group id(1)

If you have not executed the SetPerm command, the following permissions are set:
rwx rwx r-x uid(35008) gid(1111) kuxagent
rwx rwx r-x uid(35008) gid(1111) stat_daemon
rwx rwx r-x uid(35008) gid(1111) ifstat
rwx rwx r-x uid(35008) gid(1111) nfs_stat
rwx rwx r-x uid(35008) gid(1111) kuxagent
rw- r-- --- uid(0) gid(3) /dev/kmem

Note: If the log file has SUID, that means that you have executed the SetPerm command.

108 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Table 26. Agent problems and solutions on the UNIX operating system (continued)
Problem
Agent unable to connect: The
agent is started, but no reports
are displayed on Tivoli
Enterprise Monitoring Server.
The log file includes the
following error:
Unable to find running CMS on
CMSLIST or Endpoint
unavailable
Solution
This error message means that the agent is not able to connect to the computer
where the Tivoli Enterprise Monitoring Server is running. The reason might be
any one of the following:
Computer where the Tivoli Enterprise Monitoring Server is running is down
Ping the computer where the Tivoli Enterprise Monitoring Server is running
and make sure that it is up and running.
Tivoli Enterprise Monitoring Server is not running
If the Tivoli Enterprise Monitoring Server is not running, recycle the Tivoli
Enterprise Monitoring Server and verify whether the agent is connecting.
Multiple NIC Cards on the computer where the Tivoli Enterprise Monitoring
Server is running.
If multiple NICs are installed on the computer where the Tivoli Enterprise
Monitoring Server is running, identify the Primary NIC and use the hostname
or IP address.
Verify that the Tivoli Enterprise Monitoring Server has been configured with
the Primary NIC’s IP address or hostname.
If you are using hostname, make sure that /etc/hosts has a valid entry for the
Primary NICs host name and its IP address.
On the Tivoli Enterprise Monitoring Server set the KDCB0_HOSTNAME
variable to the primary IP address of the computer. Use the same address to
configure the agent.
To connect to the Tivoli Enterprise Monitoring Server, configure the agent
with Primary NIC’s IP address or host name of the computer where the
Tivoli Enterprise Monitoring Server is running.
While configuring the agent, make sure that the port number that you are
connecting to is correct. If you are not using the default port number, make
sure that you are using the same port number used in Tivoli Enterprise
Monitoring Server. For more information, see the IBM Tivoli Monitoring
Installation and Setup Guide.
Agent is behind the Firewall
If you use a Firewall, identify whether you have any one of the following
scenarios:
v Hub monitoring server INSIDE, and agents OUTSIDE
v Hub and remote monitoring servers INSIDE, agents OUTSIDE
v Hub monitoring server INSIDE, remote monitoring server and agents
OUTSIDE
See Creating a firewall partition file for information about the
KDC_PARTITION file that enables communication across a firewall. For
additional information, see the IBM Tivoli Monitoring Installation and Setup
Guide.
Connecting to the monitoring server through a Virtual Private Network (VPN)
In some cases, the agent or a remote monitoring server needs to connect to
the hub monitoring server through a VPN. You must configure the
communication channel (pipe) to be ephemeral, as in the following example:
KDC_FAMILIES=ip.pipe port:port_number
ephemeral:y ip use:n sna use:n
Appendix F. Problem determination 109
Table 26. Agent problems and solutions on the UNIX operating system (continued)
Problem
UX300 Solaris agent is
terminating unexpectedly.
You are not able to start the
agent. You want to have multiple
instances of the same Monitoring
Agent for UNIX OS running on
the same system, and the agents
must communicate with different
Tivoli Enterprise Monitoring
Servers.
The agent is installed and
running normally. After
rebooting the computer, where
Tivoli Enterprise Monitoring
Server was running, the agent is
not online.
110 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
Solution
Obtain the agent log file and verify whether it contains any of the following
information in the log file:
bad_scan in server rpc
bad_scan could be caused by nfsstate command output mismatch or NFS not
active on this system***** nfs_stat terminating ****
read 0 expected 248
nsf-sd *** data collection terminated ***
If the log file has this type of information, see “Support information” on page
117.
You might see the following information in the log file:
/usr/candle/sol273/ux/bin/kuxagent: fatal: libkra.so: open failed: No \
such file or directory.
For the agent to pick up this library it must be available in /opt/candle/lib
directory.
The SetPerm script creates a soft link to the SupportInfo directory. After installing
and configuring the agent, execute the SupportInfo script as a root. This script is
available under SupportInfo. In some older releases the SupportInfo is not
creating the links. In these cases, create the following link:
mkdir -p /opt/candle/lib Create /opt/candle/lib directory \
cd /opt/candle/lib
Solaris 8 (32-bit):
ln -s install_dir/sol283/lib/ /opt/candle/lib/sol283
Solaris 8 (64-bit):
ln -s install_dir/sol286/lib/ /opt/candle/lib/sol286
Solaris 9 (32-bit):
ln -s install_dir/sol293/lib/ /opt/candle/lib/sol293
Solaris 9 (64-bit):
ln -s install_dir/sol296/lib/ /opt/candle/lib/sol296
Solaris 10 (32-bit):
ln -s install_dir/sol2103/lib/ /opt/candle/lib/sol2103
Solaris 10 (64-bit):
ln -s install_dir/sol2106/lib/ /opt/candle/lib/sol2106
Since the module kdsvlunx is running with the root user account, the system
does search the current LIBPATH to locate any needed shared libraries. It only
searches the list of libraries compiled in the executable for security reasons.
This problem can occur when the root user account is used to install and start
the agent. Verify whether you have used the root user account to install the
agent.To change the user account from root to some other user account, see
Installing as root.
Table 26. Agent problems and solutions on the UNIX operating system (continued)
Problem
You want to have multiple
instances of the same Monitoring
Agent for UNIX OS running on
the same system but talking to
different Tivoli Enterprise
Monitoring Server.
The Monitoring Agent for UNIX
OS fails and the log file has the
following message:
KUXDSTAT: Contact Customer
Support disk performance
table exceeded.
When you restart the system that
hosts the Tivoli Enterprise
Monitoring Server, the
Monitoring Agent for UNIX OS
does not start automatically.
However, when you use
CandleAgent start, the agent is
starts and continues running.
The Monitoring Agent for UNIX
OS (specifically the kuxagent
process) uses a large amount of
system resources.
Solution
If you plan to install and run the Monitoring Agent for UNIX OS and Monitoring
Agent for Linux OS agent on one computer, they can use the same network
interface because they run as different processes.However, if you want to have
two UNIX or two Linux agents on the same computer or want to run two
instances of each agent, install two-network adapters. Each instance is configured
for the host specific address so they can be recognized in the configuration
settings.
This message is not related to the failure, so you can ignore it. If the agent is
failing, search for a different cause. Further analyze the log to know whether the
agent has terminated.
If the agent does not connect to the Tivoli Enterprise Monitoring Server
automatically, it means that you used the root user account to install and start
the Monitoring Agent for UNIX OS. Most of the time, using the root account
does not cause a problem, but the result is unpredictable.
Check the IBM Tivoli Monitoring root account to install and start the agent. To
change the user account from root to another user account, see Installing as
root.
In most cases, the problem occurs during the backup. Any one of the following
scenarios can cause this problem.
The agent is running during the backup
After backing up, the agent is started during system startup.
Multiple agents are running at the same time.
The computer that hosts the Tivoli Enterprise Monitoring Server was
rebooted and the agent has been installed by the root user account.
The agent is running during the backup
During the backup, some of the service might be interrupted or not be
available or locked for some amount of time. While the backup process
is going on, the Monitoring Agent for UNIX OS, which is running
parallel, might wait for resources to be freed by the backup process.
When the backup is completed and you are viewing the agent, high
CPU at this point is expected, because the agent is in an uncertain state
(backup usually stops several kernel services that could cause this state).
For this reason, it is advisable to stop all agents before the backup run,
because there might be lost information, file, or API connections. Stop
the agent before the backup process starts.
The agent is started during system boot up:
If you use scripts to stop and start the agent, do not start the agent from
an init process script when you restart the system.
The computer that hosts the Tivoli Enterprise Monitoring Server was
rebooted and the agent has been installed by the root user account.
Verify whether the Monitoring Agent for UNIX OS log file has the
following information:
Unable to find running Tivoli Enterprise Monitoring Server on CMSLIST
If the Monitoring Agent for UNIX OS log file has this information, see Agent
unable to connect.
Appendix F. Problem determination 111
 Tivoli Enterprise Portal problem determination
Table 27 lists problems that might occur with the Tivoli Enterprise Portal. This
appendix provides agent-specific problem determination information. See the IBM
Tivoli Monitoring Problem Determination Guide for general problem determination
information.
Table 27. Tivoli Enterprise Portal problems and solutions
Problem Solution
Historical data collection is The column, Sort By, Group By, and First/Last functions are not compatible with
unavailable because of the historical data collection feature. Use of these advanced functions will make a
incorrect queries in the Tivoli query ineligible for historical data collection.
Enterprise Portal.
Even if data collection has been started, you cannot use the time span feature if the
query for the chart or table includes any column functions or advanced query
options (Sort By, Group By, First / Last).

To ensure support of historical data collection, do not use the Sort By, Group By, or
First/Last functions in your queries.

When you use a long process
name in the situation, the
process name is truncated.
See the IBM Tivoli Monitoring Administrator’s Guide the Tivoli Enterprise Portal
online Help for information on the Historical Data Collection function.
Truncation of process names in the portal display is the expected behavior. 64 bytes
is the maximum name length.

Problem determination for remote deployment

Table 28 lists problems that might occur with remote deployment. This appendix
provides agent-specific problem determination information. See the IBM Tivoli
Monitoring Problem Determination Guide for general problem determination
information.

This section describes problems and solutions for remote deployment and removal
of agent software Agent Remote Deploy:
Table 28. Remote deployment problems and solutions
Problem Solution
The removal of a monitoring agent fails when you This problem might happen when you attempt the remote
use the remote removal process in the Tivoli removal process immediately after you have restarted the
Enterprise Portal desktop or browser. Tivoli Enterprise Monitoring Server. You must allow time for
the monitoring agent to refresh its connection with the Tivoli
Enterprise Monitoring Server before you begin the remote
removal process.

Workspace problem determination

Table 29 on page 113 shows problems that might occur with workspaces. This
appendix provides agent-specific problem determination information. See the IBM
Tivoli Monitoring Problem Determination Guide for general problem determination
information.

112 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Table 29. Workspace problems and solutions
Problem
You see the following message: KFWITM083W
Default link is disabled for the selected
object; please verify link and link anchor
definitions.
The name of the attribute does not display in a
bar chart or graph view.
At the bottom of each view, you see the
following Historical workspace KFWITM220E
error: Request failed during execution.
You start collection of historical data but the data Managing options for historical data collection:
cannot be seen.
Solution
You see this message because some links do not have default
workspaces. Right-click the link to access a list of workspaces to
select.
When a chart or graph view that includes the attribute is scaled
to a small size, a blank space is displayed instead of a truncated
name. To see the name of the attribute, expand the view of the
chart until there is sufficient space to display all characters of the
attribute’s name.
Ensure that you configure all groups that supply data to the
view. In the Historical Configuration view, ensure that data
collection is started for all groups that supply data to the view.
v Basic historical data collection populates the Warehouse with
raw data. This type of data collection is turned off by default.
See Chapter 2, “Requirements for the monitoring agent,” on
page 5 for information on managing this feature including
how to set the interval at which data is collected. By setting a
more frequent interval for data collection you reduce the load
on the system incurred every time data is uploaded.
v You use the Summarization and Pruning monitoring agent to
collect specific amounts and types of historical data. Be aware
that historical data is not displayed until the Summarization
and Pruning monitoring agent begins collecting the data. By
default, this agent begins collection at 2 AM daily. At that
point, data is visible in the workspace view. See the IBM Tivoli
Monitoring Administrator’s Guide to learn how to modify the
default collection settings.

Situation problem determination

This section provides information about both general situation problems and
problems with the configuration of situations. See the IBM Tivoli Monitoring
Problem Determination Guide for more information about problem determination for
situations.

Specific situation problems

Table 30 lists problems that might occur with specific situations.
Table 30. Specific situation problems and solutions
Problem Solution
You want to change the appearance of 1. Right-click an item in the Navigation tree.
situations when they are displayed in a
2. Select Situations in the pop-up menu. The Situation Editor window is
Workspace view.
displayed.
3. Select the situation that you want to modify.
4. Use the Status pull-down menu in the lower right of the window to
set the status and appearance of the Situation when it triggers.
Note: This status setting is not related to severity settings in IBM
Tivoli Enterprise Console.
Monitoring activity requires too much Check the RAS trace logging settings that are described in “Setting RAS
disk space. trace parameters” on page 102. For example, trace logs grow rapidly
when you apply the ALL logging option.

Appendix F. Problem determination 113

Table 30. Specific situation problems and solutions (continued)
Problem
A formula that uses mathematical
operators appears to be incorrect. For
example, if you were monitoring Linux,
a formula that calculates when Free
Memory falls under 10 percent of Total
Memory does not work: LT
#’Linux_VM_Stats.Total_Memory’ / 10
If you are running a Version 350
Monitoring Agent for UNIX OS and you
choose to alter the views to include a
Version 610 UNICODE attribute, be
aware that data for this attribute is not
displayed and you see a blank column
in this view.
Situations that you create display the
severity UNKNOWN in IBM Tivoli
Enterprise Console.
Solution
This formula is incorrect because situation predicates support only logical
operators. Your formulas cannot have mathematical operators.
Note: The Situation Editor provides alternatives to math operators.
Regarding the example, you can select % Memory Free attribute and
avoid the need for math operators.
Access the database detail. In the ″release″ section change the version
setting for the agent from 610 to 350. To enable Unicode and other
features, upgrade the monitoring agent to IBM Tivoli Monitoring, Version
6.1.0.
For a situation to have the correct severity in TEC for those situations
which are not mapped, you need to ensure that an entry exists in the
tecserver.txt file for the situation and that SEVERITY is specified.

See the “Configuring Tivoli Enterprise Console integration” chapter in the

The Size attribute in the File
Information group of Monitoring Agent this monitoring agent can provide the option to capture this metric in
for UNIX OS provides file size metrics
in bytes, and the resulting integers are
so long that they are difficult to read.
You see the 'Unable to get attribute
name' error in the Tivoli Enterprise
Monitoring Server log after creating a
situation.
IBM Tivoli Monitoring Administrator’s Guide for more information.
Use the option to log size metrics in megabytes (MB). Future releases of
other units, such as KB.
Ensure that the agent attribute files are installed on the Tivoli Enterprise
Monitoring Server.
The following example shows a typical log entry when you have this
problem:
(4320916A.0049-F60:kfaottev.c,1572,"Translate_ResultBuffer") \
Unable to get attribute name for tablename/column \
<UAG524400.UA4>. Ignored.

Problems with configuration of situations

Table 31 lists problems that might occur with situations.

This section provides information for problem determination for agents. Be sure to
consult the IBM Tivoli Monitoring Problem Determination Guide for more general
problem determination information.
Table 31. Problems with configuring situations that you solve in the Situation Editor
Problem Solution
Note: To get started with the solutions in this section, perform these steps:
1. Launch the Tivoli Enterprise Portal.
2. Click Edit > Situation Editor.
3. In the tree view, choose the agent whose situation you want to modify.
4. Choose the situation in the list. The Situation Editor view is displayed.
The situation for a specific agent is Open the Situation Editor. Access the All managed servers view. If the situation
not visible in the Tivoli Enterprise is absent, confirm that application support for Monitoring Agent for UNIX OS
Portal. has been added to the monitoring server. If not, add application support to the
server, as described in the IBM Tivoli Monitoring Installation and Setup Guide.

114 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Table 31. Problems with configuring situations that you solve in the Situation Editor (continued)
Problem
The monitoring interval is too
long.
The situation did not activate at
startup.
The situation is not displayed.
An Alert event has not occurred
even though the predicate has been
properly specified.
A situation fires on an unexpected
managed object.
The product did not distribute the
situation to a managed system.
The situation does not fire.
Incorrect predicates are present in
the formula that defines the
situation. For example, the
managed object shows a state that
normally triggers a monitoring
event, but the situation is not true
because the wrong attribute is
specified in the formula.
Table 32. Problems with configuration of situations that you solve in the Workspace area
Problem
Situation events are not displayed
in the Events Console view of the
workspace.
Solution
Access the Situation Editor view for the situation that you want to modify.
Check the Sampling interval area in the Formula tab. Adjust the time interval
as needed.
Manually recycle the situation as follows:
1. Right-click the situation and choose Stop Situation.
2. Right-click the situation and choose Start Situation.
Note: You can permanently avoid this problem by placing a check mark in the
Run at Startup option of the Situation Editor view for a specific situation.
Click the Action tab and check whether the situation has an automated
corrective action. This action can occur directly or through a policy. The
situation might be resolving so quickly that you do not see the event or the
update in the graphical user interface.
Check the logs, reports, and workspaces.
Confirm that you have distributed and started the situation on the correct
managed system.
Click the Distribution tab and check the distribution settings for the situation.
In the Formula tab, analyze predicates as follows:
1. Click the fx icon in the upper-right corner of the Formula area. The Show
formula window is displayed.
a. Confirm the following details in the Formula area at the top of the
window:
v The attributes that you intend to monitor are specified in the formula.
v The situations that you intend to monitor are specified in the formula.
v The logical operators in the formula match your monitoring goal.
v The numerical values in the formula match your monitoring goal.
b. (Optional) Click the Show detailed formula check box in the lower left
of the window to see the original names of attributes in the application
or operating system that you are monitoring.
c. Click OK to dismiss the Show formula window.
2. (Optional) In the Formula area of the Formula tab, temporarily assign
numerical values that will immediately trigger a monitoring event. The
triggering of the event confirms that other predicates in the formula are
valid.
Note: After you complete this test, you must restore the numerical values
to valid levels so that you do not generate excessive monitoring data based
on your temporary settings.
Solution
Associate the situation with a workspace.
Note: The situation does not need to be displayed in the workspace. It is
sufficient that the situation be associated with any workspace.
Appendix F. Problem determination 115
Table 32. Problems with configuration of situations that you solve in the Workspace area (continued)
Problem Solution
You do not have access to a Note: You must have administrator privileges to perform these steps.
situation. 1. Select Edit > Administer Users to access the Administer Users window.
2. In the Users area, select the user whose privileges you want to modify.
3. In the Permissions tab, Applications tab, and Navigator Views tab, select
the permissions or privileges that correspond to the user’s role.
4. Click OK.
A managed system seems to be 1. Select Physical View and highlight the Enterprise Level of the navigator
offline. tree.
2. Select View > Workspace > Managed System Status to see a list of
managed systems and their status.
3. If a system is offline, check network connectivity and status of the specific
system or application.

Table 33. Problems with configuration of situations that you solve in the Manage Tivoli Enterprise Monitoring Services
window
Problem Solution
After an attempt to restart the For UNIX, NetWare, or Windows, log on to the applicable system and perform
agents in the Tivoli Enterprise the appropriate queries.
Portal, the agents are still not
running.
The Tivoli Enterprise Monitoring Check the system status and check the appropriate IBM Tivoli Monitoring logs.
Server is not running.
The managed objects you created Check the managed system distribution on both the situation and the managed
are firing on incorrect managed object settings sheets.
systems.

Take Action command problem determination

Table 34 lists general problems that might occur with Take Action commands.
When each Take Action command runs it generates the log file listed in Table 23 on
page 100. This appendix provides agent-specific problem determination
information. See the IBM Tivoli Monitoring Problem Determination Guide for general
problem determination information.
Table 34. Take Action commands problems and solutions
Problem Solution
Take Action commands might require several Allow several minutes. If you do not see a pop-up message
minutes to complete. advising you of completion, try to run the command manually.
If you are unable to perform the Take Action command
manually, see IBM Tivoli Monitoring Problem Determination Guide
for general information on troubleshooting the Take Action
command.

Problem determination for UNIX

Table 35 on page 117 lists problems that might occur on the system or application
that you are monitoring. See the IBM Tivoli Monitoring Problem Determination Guide
for general problem determination information.

116 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

Table 35. Paging and memory issues for a system administrator to consider
Problem
Paging space allotted needs to be
increased.
Paging space allocation needs to be
more accurate on a UNIX system.
Solution
A system needs to have about two times its total memory size. However,
paging space depends on the programs being executed. If the site has
many small programs that run to completion quickly, then only one times
the total memory size might be required. If the site executes large
programs that run for hours or days at a time, then more paging space is
required.
You can test the allocation of paging space by creating a situation that
monitors Active Virtual Memory. Active Virtual Memory closely matches
how much paging space is being used. When the system use all the
paging space, the operating system terminates processes that ask for
more.

To create a situation that monitors active virtual memory:

1. Use the UNIX detail view to obtain the Total Virtual Memory, and to
compute 90% and 95% of the Total Virtual Memory.
2. When the Active Virtual Memory is equal to 90%, of the Total Virtual
Memory this is a Yellow light condition. When the Active Virtual
Memory is equal to 95% of the Total Virtual Memory this is a Red
light condition.
In response to this test, the local system administrator can increase the
percentages or lower them, as appropriate.
The Free Memory value seems too The System Report, Free Memory column displays how much free
small. memory is available at the current time. This number is normally small.
However, you must take action if this number is zero and remains zero
for a long period of time. On AIX systems a small number means that the
operating system is doing an efficient job at managing the memory of the
system. If this number is very large, the system is not busy and has more
RAM than required.

Support information
If you have a problem with your IBM software, you have the following options for
obtaining support for software products:
v “Searching knowledge bases”
v “Obtaining fixes” on page 118
v “Receiving weekly support updates” on page 118
v “Contacting IBM Software Support” on page 119

Searching knowledge bases

You can search the available knowledge bases to determine whether your problem
was already encountered and is already documented.

Searching the information center

Note: If you print PDF documents on other than letter-sized paper, set the option
in the File > Print window that allows Adobe Reader to print letter-sized
pages on your local paper.

The documentation CD contains the publications that are in the product library.
The format of the publications is PDF, HTML, or both.

Appendix F. Problem determination 117

 IBM posts publications for this and all other Tivoli products, as they become
available and whenever they are updated, to the Tivoli software information center
Web site. Access the Tivoli software information center by first going to the Tivoli
software library at the following Web address:

http://www.ibm.com/software/tivoli/library

Scroll down and click the Product manuals link. In the Tivoli Technical Product
Documents Alphabetical Listing window, click M to access all of the IBM Tivoli
Monitoring product manuals.

Searching the Internet

If you cannot find an answer to your question in the information center, search the
Internet for the latest, most complete information that might help you resolve your
problem.

The IBM Software Support Web site provides the latest information about known
product limitations and workarounds in the form of technotes for your product.
You can view this information at the following Web site:

http://www.ibm.com/software/support

To search for information on IBM products through the Internet (for example, on
Google), be sure to consider the following types of documentation:
v IBM technotes
v IBM downloads
v IBM Redbooks
v IBM developerWorks
v Forums and newsgroups

Obtaining fixes
A product fix might be available to resolve your problem. To determine what fixes
are available for your IBM software product, follow these steps:
1. Go to the Software support Web site at
http://www.ibm.com/software/support.
2. Click the Download tab.
3. Select the operating system in the Operating system menu.
4. Type search terms in the Enter search terms field.
5. As appropriate, use other search options to further define your search.
6. Click Search.
7. From the list of downloads returned by your search, click the name of a fix to
read the description of the fix and to optionally download the fix.

For more information about the types of fixes that are available, see the IBM
Software Support Handbook at
http://techsupport.services.ibm.com/guides/handbook.html.

Receiving weekly support updates

To receive weekly e-mail notifications about fixes and other software support news,
follow these steps:
1. Go to the IBM Software Support Web site at
http://www.ibm.com/software/support.

118 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 2. Click My account in the upper right corner of the page.
3. Click Subscribe to IBM e-news. (If you have already subscribed and want to
modify your subscription preferences, click Modify subscriptions and follow
the instructions on screen.)
4. Follow the instructions on screen to provide the following data:
v Your personal contact information.
v Your areas of interest.
v The types of subscriptions and regional versions that you want to receive.
5. Review the subscription confirmation to confirm your settings.

Contacting IBM Software Support

IBM Software Support provides assistance with product defects.

Before contacting IBM Software Support, your company must have an active IBM
software maintenance contract, and you must be authorized to submit problems to
IBM. The type of software maintenance contract that you need depends on the
type of product you have:
v For IBM distributed software products (including, but not limited to, Tivoli,
Lotus, and Rational products, as well as DB2 and WebSphere products that run
on Windows, or UNIX operating systems), enroll in Passport Advantage in one
of the following ways:
Online
Go to the Passport Advantage Web site at
http://www.lotus.com/services/passport.nsf/
WebDocs/Passport_Advantage_Home and click How to Enroll.
By phone
For the phone number to call in your country, go to the IBM Software
Support Web site at
http://techsupport.services.ibm.com/guides/contacts.html and click the
name of your geographic region.
v For customers with Subscription and Support (S & S) contracts, go to the
Software Service Request Web site at
https://techsupport.services.ibm.com/ssr/login.
v For customers with IBMLink, CATIA, Linux, OS/390, iSeries, pSeries, z/Series,
and other support agreements, go to the IBM Support Line Web site at
http://www.ibm.com/services/us/index.wss/so/its/a1000030/dt006.
v For IBM eServer software products (including, but not limited to, DB2 and
WebSphere products that run in z/Series, pSeries, and iSeries environments),
you can purchase a software maintenance agreement by working directly with
an IBM sales representative or an IBM Business Partner. For more information
about support for eServer software products, go to the IBM Technical Support
Advantage Web site http://www.ibm.com/servers/eserver/techsupport.html.

If you are not sure what type of software maintenance contract you need, call
1-800-IBMSERV (1-800-426-7378) in the United States. From other countries, go to
the contacts page of the IBM Software Support Handbook on the Web at
http://techsupport.services.ibm.com/guides/contacts.html and click the name of
your geographic region for phone numbers of people who provide support for
your location.

To contact IBM Software support, follow these steps:

1. “Determining the business impact” on page 120

Appendix F. Problem determination 119

 2. “Describing problems and gathering information”
3. “Submitting problems”

Determining the business impact

When you report a problem to IBM, you are asked to supply a severity level.
Therefore, you need to understand and assess the business impact of the problem
that you are reporting. Use the following criteria:
Severity 1
The problem has a critical business impact. You are unable to use the
program, resulting in a critical impact on operations. This condition
requires an immediate solution.
Severity 2
The problem has a significant business impact. The program is usable, but
it is severely limited.
Severity 3
The problem has some business impact. The program is usable, but less
significant features (not critical to operations) are unavailable.
Severity 4
The problem has minimal business impact. The problem causes little impact
on operations, or a reasonable circumvention to the problem was
implemented.

Describing problems and gathering information

When describing a problem to IBM, be as specific as possible. Include all relevant
background information so that IBM Software Support specialists can help you
solve the problem efficiently. To save time, know the answers to these questions:
v What software versions were you running when the problem occurred?
v Do you have logs, traces, and messages that are related to the problem
symptoms? IBM Software Support is likely to ask for this information.
v Can you re-create the problem? If so, what steps were performed to re-create the
problem?
v Did you make any changes to the system? For example, did you make changes
to the hardware, operating system, networking software, and so on.
v Are you currently using a workaround for the problem? If so, be prepared to
explain the workaround when you report the problem.
See “Gathering product information for IBM Software Support” on page 97 for
further tips for gathering information for IBM Software Support.

Submitting problems
You can submit your problem to IBM Software Support in one of two ways:
Online
Click Submit and track problems on the IBM Software Support site at
http://www.ibm.com/software/support/probsub.html. Type your
information into the appropriate problem submission form.
By phone
For the phone number to call in your country, go to the contacts page of
the IBM Software Support Handbook at
http://techsupport.services.ibm.com/guides/contacts.html and click the
name of your geographic region.

120 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

If the problem you submit is for a software defect or for missing or inaccurate
documentation, IBM Software Support creates an Authorized Program Analysis
Report (APAR). The APAR describes the problem in detail. Whenever possible,
IBM Software Support provides a workaround that you can implement until the
APAR is resolved and a fix is delivered. IBM publishes resolved APARs on the
Software Support Web site daily, so that other users who experience the same
problem can benefit from the same resolution.

Appendix F. Problem determination 121

122 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
Appendix G. Accessibility
Accessibility features help users with physical disabilities, such as restricted
mobility or limited vision, to use software products successfully. The major
accessibility features in this product enable users to do the following:
v Use assistive technologies, such as screen-reader software and digital speech
synthesizer, to hear what is displayed on the screen. Consult the product
documentation of the assistive technology for details on using those technologies
with this product.
v Operate specific or equivalent features using only the keyboard.
v Magnify what is displayed on the screen.

In addition, the product documentation was modified to include the following

features to aid accessibility:
v All documentation is available in both HTML and convertible PDF formats to
give the maximum opportunity for users to apply screen-reader software.
v All images in the documentation are provided with alternative text so that users
with vision impairments can understand the contents of the images.

Navigating the interface using the keyboard

Standard shortcut and accelerator keys are used by the product and are
documented by the operating system. Refer to the documentation provided by
your operating system for more information.

Magnifying what is displayed on the screen

You can enlarge information on the product windows using facilities provided by
the operating systems on which the product is run. For example, in a Microsoft®
Windows environment, you can lower the resolution of the screen to enlarge the
font sizes of the text on the screen. Refer to the documentation provided by your
operating system for more information.

© Copyright IBM Corp. 2005 123

124 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
Appendix H. Notices
This information was developed for products and services offered in the U.S.A.
IBM may not offer the products, services, or features discussed in this document in
other countries. Consult your local IBM representative for information on the
products and services currently available in your area. Any reference to an IBM
product, program, or service is not intended to state or imply that only that IBM
product, program, or service may be used. Any functionally equivalent product,
program, or service that does not infringe any IBM intellectual property right may
be used instead. However, it is the user’s responsibility to evaluate and verify the
operation of any non-IBM product, program, or service.

IBM may have patents or pending patent applications covering subject matter
described in this document. The furnishing of this document does not give you
any license to these patents. You can send license inquiries, in writing, to:

IBM Director of Licensing

IBM Corporation
North Castle Drive
Armonk, NY 10504-1785 U.S.A.

For license inquiries regarding double-byte (DBCS) information, contact the IBM
Intellectual Property Department in your country or send inquiries, in writing, to:

IBM World Trade Asia Corporation

Licensing
2-31 Roppongi 3-chome, Minato-ku
Tokyo 106, Japan

The following paragraph does not apply to the United Kingdom or any other
country where such provisions are inconsistent with local law:

INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS

PUBLICATION ″AS IS″ WITHOUT WARRANTY OF ANY KIND, EITHER
EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE.

Some states do not allow disclaimer of express or implied warranties in certain

transactions, therefore, this statement might not apply to you.

This information could include technical inaccuracies or typographical errors.

Changes are periodically made to the information herein; these changes will be
incorporated in new editions of the publication. IBM may make improvements
and/or changes in the product(s) and/or the program(s) described in this
publication at any time without notice.

Any references in this information to non-IBM Web sites are provided for
convenience only and do not in any manner serve as an endorsement of those Web
sites. The materials at those Web sites are not part of the materials for this IBM
product and use of those Web sites is at your own risk.

© Copyright IBM Corp. 2005 125

 IBM may use or distribute any of the information you supply in any way it
believes appropriate without incurring any obligation to you.

Licensees of this program who wish to have information about it for the purpose
of enabling: (i) the exchange of information between independently created
programs and other programs (including this one) and (ii) the mutual use of the
information which has been exchanged, should contact:

IBM Corporation
2Z4A/101
11400 Burnet Road
Austin, TX 78758 U.S.A.

Such information may be available, subject to appropriate terms and conditions,

including in some cases payment of a fee.

The licensed program described in this document and all licensed material
available for it are provided by IBM under terms of the IBM Customer Agreement,
IBM International Program License Agreement or any equivalent agreement
between us.

Any performance data contained herein was determined in a controlled

environment. Therefore, the results obtained in other operating environments may
vary significantly. Some measurements may have been made on development-level
systems and there is no guarantee that these measurements will be the same on
generally available systems. Furthermore, some measurement may have been
estimated through extrapolation. Actual results may vary. Users of this document
should verify the applicable data for their specific environment.

Information concerning non-IBM products was obtained from the suppliers of

those products, their published announcements or other publicly available sources.
IBM has not tested those products and cannot confirm the accuracy of
performance, compatibility or any other claims related to non-IBM products.
Questions on the capabilities of non-IBM products should be addressed to the
suppliers of those products.

All statements regarding IBM’s future direction or intent are subject to change or
withdrawal without notice, and represent goals and objectives only.

This information is for planning purposes only. The information herein is subject to
change before the products described become available.

This information contains examples of data and reports used in daily business
operations. To illustrate them as completely as possible, the examples include the
names of individuals, companies, brands, and products. All of these names are
fictitious and any similarity to the names and addresses used by an actual business
enterprise is entirely coincidental.

COPYRIGHT LICENSE:

This information contains sample application programs in source language, which

illustrate programming techniques on various operating systems. You may copy,
modify, and distribute these sample programs in any form without payment to
IBM, for the purposes of developing, using, marketing or distributing application
programs conforming to the application programming interface for the operating
system for which the sample programs are written. These examples have not been

126 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

 thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply
reliability, serviceability, or function of these programs. You may copy, modify, and
distribute these sample programs in any form without payment to IBM for the
purposes of developing, using, marketing, or distributing application programs
conforming to IBM’s application programming interfaces.

If you are viewing this information in softcopy form, the photographs and color
illustrations might not appear.

Trademarks
IBM, the IBM logo, IBMLink™, AIX, Candle, CandleNet Command Center,
CandleNet Portal, DB2®, developerWorks®, eServer™, Hummingbird™, iSeries,
Lotus®, MVS™, OMEGAMON, OS/390®, Passport Advantage®, pSeries®, Rational®,
Redbooks™, Tivoli, the Tivoli logo, Tivoli Enterprise, Tivoli Enterprise Console,
WebSphere®, and zSeries® are trademarks or registered trademarks of International
Business Machines Corporation in the United States, other countries, or both.

Microsoft, and Windows are registered trademarks of Microsoft Corporation in the

United States, other countries, or both.

Java and all Java-based trademarks and logos are trademarks or registered
trademarks of Sun Microsystems, Inc. in the United States, other countries, or both.

Linux® is a trademark of Linus Torvalds in the United States, other countries, or

both.

UNIX is a registered trademark of The Open Group in the United States and other
countries.

Other company, product, and service names may be trademarks or service marks
of others.

Appendix H. Notices 127

128 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
Index
A C
accessibility x, 123 calculate historical data disk space 51
actions capacity planning for historical data 51
See Take Action commands collecting data 11
agent commands, Take Action 63
problem determination 107 components 2
trace logs 99 contacting support 119
agent installation problems 104 conventions
assigning situations and templates 74 operating system xi
assignment of managed objects 74 typeface x
attribute customer support
cross-reference 68 See support
multiple-instance definition 67 customizing
single-instance definition 67 monitoring environment 9
attribute groups situations 10
Disk Information
list of attributes 22
UNIXDISK historical table 88
Disk Performance
D
data
list of attributes 23
collecting 11
UNIXDPERF historical table 88
trace logs 98
File Information
viewing 11
list of attributes 24
data provider
UNIXFILE historical table 89
See agent
list of all 22
database agent installation problems 104
more information 21
default template 73
Network
detecting problems, modifying situation values 10
list of attributes 26
directory names, notation xi
UNIXNET historical table 89
disk capacity planning for historical data 51
NFS and RPC Statistics
Disk Information attribute group
list of attributes 30
list of attributes 22
UNIXNFS historical table 90
UNIXDISK historical table 88
overview 21
Disk Performance attribute group
Process
list of attributes 23
list of attributes 36
UNIXDPERF historical table 88
UNIXPS historical table 92
disk space requirements 5
SMP CPU
Disk Usage Details workspace 15
list of attributes 42
Disk Usage workspace 15
UNIXCPU historical table 87
Disk Utilization for Mount Point workspace 15
System
list of attributes 45
UNIXOS historical table 93
User E
list of attributes 51 education
UNIXUSER historical table 96 see Tivoli technical training x
attributes Enterprise UNIX System Summary workspace 14
more information 21 environment
overview 21 customizing 9
features 1
monitoring real-time 7
B real-time monitoring 7
environment variables, notation xi
books
event
feedback viii
mapping 75
online viii
events
ordering viii
investigating 8
see publications ix
workspaces 8
built-in problem determination features 97

© Copyright IBM Corp. 2005 129

F investigating an event 8

features, Monitoring Agent for UNIX OS 1

File Information attribute group
list of attributes 24 K
UNIXFILE historical table 89 knowledge bases for support 117
File Information workspace 15
files
agent trace 99 L
installation trace 99 legal notices 125
other trace log 100 logging
trace logs 98 agent trace logs 99, 100
fixes, obtaining 118 built-in features 97
installation log files 99
location and configuration of logs 98
G trace log files 98
gathering support information 97

M
H manuals
historical data feedback viii
calculate disk space 51 online viii
disk capacity planning 51 ordering viii
historical data, collecting and viewing 11 see publications ix
historical reports memory requirements 5
attributes 68 messages
column header 68 built-in features 97
cross reference 68 modifying situation values to detect problems 10
historical tables Monitoring Agent for UNIX OS
UNIXCPU 87 components 2
UNIXDISK 88 features 1
UNIXDPERF 88 tasks 7
UNIXFILE 89 using 7
UNIXNET 89 Monitoring Agent for UNIX OS installation problems 104
UNIXNFS 90 monitoring, viewing the real-time environment 7
UNIXOS 93 multiple-instance attributes
UNIXPS 92 definition 67
UNIXUSER 96

N
I N/A value
IBM Software Support assignment 67
See support Network attribute group
IBM Tivoli Enterprise Console list of attributes 26
event mapping 75 UNIXNET historical table 89
IBM Tivoli Monitoring for UNIX Network workspace 16
benefits of 1 NFS Activity workspace 16
definition of 1 NFS and RPC Statistics attribute group
types of infomation collected by 1 list of attributes 30
information centers for support 117 UNIXNFS historical table 90
information, additional notation
attributes 21 environment variables xi
policies 65 path names xi
procedural 7 typeface xi
situations 56
Take Action commands 63
workspaces 13 O
installation online publications
log file 99 accessing ix
more information 7 for support 117
problems 104 operating systems 5
installation requirements 5 operation of resource, recovering 8
interface, user 2 ordering publications ix
problem determination for Tivoli Enterprise Portal 112 other requirements 5
Internet
for product support 118

130 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide

P S
path names, for trace logs 98
path names, notation xi
policies
list of all 65
more information 65
overview 65
predefined 65
UNIX_CPU_Busy 65
UNIX_Disk_Space_Full 66
UNIX_Virtual_Memory_High
problem determination 97, 103
agents 107
built-in features 97
describing problems 120
determining business impact
information centers for 117
installation 104
installation logs 99
knowledge bases for 117
remote deployment 112
situations 113, 114
submitting problems 120
Take Action commands 116
Tivoli Enterprise Portal 112
uninstallation 104
uninstallation logs 99
workspaces 112
problems
detecting 10
problems and workarounds 103
problems with monitoring UNIX
procedures 7
Process attribute group
list of attributes 36
UNIXPS historical table 92
Process workspace 16
product-provided situations
UNIX_System_Busy_Warning
publications
accessing online ix
feedback viii
for support 117
online viii
ordering viii, ix
purposes
problem determination 97
Q UNIXCPU historical table 87
queries, using attributes 21
R describing problems 120
real-time data, viewing 7
recovering the operation of a resource 8
remote deployment
problem determination 112
requirements
disk space 5
memory 5
operating system 5
other 5
requirements, installation 5
resource, recovering operation 8
RPC Performance workspace 18
Sample_kill_Process Take Action command 64
single-instance attributes
definition 67
situations
general problem determination 114
list of all 56
more information 56
overview 55
predefined 56
66 specific problem determination 113
template state assignments 73
UNIX_Active_Virtual_Memory 60, 69
UNIX_CMD_Disk_Inodes_Critical 57, 69
UNIX_CMD_Disk_Space_Warning 57, 69
120 UNIX_CMD_Process_Critical 59, 69
UNIX_CMD_Runaway_Process 59, 69
UNIX_CPU_Busy_Critical 60
UNIX_CPU_Busy_Warning 60, 70
UNIX_CPU_Critical 59, 70
UNIX_CPU_Warning 59, 70
UNIX_CPU-Busy_Critical 70
UNIX_Disk_Availability 57, 70
UNIX_Filemount_Critical 57, 70
UNIX_HD_Config_Critical 57, 70
UNIX_HD_Excessive_IO_Wait 60, 70
UNIX_Network_Collsns_Critical 58, 70
UNIX_Network_Collsns_Warning 58, 70
UNIX_Network_Errors 58, 70
UNIX_Network_Interface_Busy 58, 71
UNIX_Network_Interface_Idle 58, 71
116 UNIX_NFS_RPC_Rejects 58, 71
UNIX_Process Memory_Warning 71
UNIX_Process_Memory_Critical 59, 71
UNIX_Process_Memory_Leak 59
UNIX_Process_Memory_Warning 59
UNIX_Process_MISSING_inetd 59
UNIX_scratch_tmp_Disk_Full 57
72 UNIX_System_Busy_Critical 60, 71
UNIX_System_Busy_Warning 60
UNIX_System_Capacity_Critical 60, 72
UNIX_System_Paging_Critical 60, 72
UNIX_System_Virtual_Memory_Warning 61, 72
UNIX_User_CPU_Critical 61, 72
UNIX_User_File_Exists 58, 72
values, modifying 10
situations, using attributes 21
SMP CPU attribute group
list of attributes 42
Solaris System CPU Workload Summary workspace 18
support
about 117
contacting 119
determining business impact of problems 120
gathering information for 97
information centers for 117
knowledge bases for 117
obtaining fixes 118
on Internet 118
submitting problems 120
weekly update option 118
System attribute group
list of attributes 45
UNIXOS historical table 93
System Details workspace 19
Index 131
System Information workspace 19
T UNIX_NFS_RPC_Rejects situation 58
Take Action commands 8
more information 63
overview 63
problem determination 116
Sample_kill_Process 64
target application
problems 116
tasks
collecting data 11
customizing monitoring environment 9
investigating events 8
monitoring with custom situations 10
recovering resource operation 8
viewing data 11
viewing real-time monitoring environment
templates 73
UNIX Disk 73
UNIX LoadLeveler 73
UNIX Net 73
UNIX System (default) 73
UNIX User 73
Terminal 96
Tivoli Enterprise Portal
problem determination 112
Tivoli software information center ix
Tivoli technical training x
trace logs 98
directories 98
trademarks 127
training, Tivoli technical x
transport command 116
troubleshooting 97
typeface conventions x
U variables, notation for xi
uninstallation
log file 99
problems 104
UNIX Details workspace 14
UNIX problems 116
UNIX Summary workspace 14
UNIX_Active_Virtual_Memory situation 60
UNIX_CMD_Disk_Inodes_Critical situation 57
UNIX_CMD_Disk_Space_Warning situation 57
UNIX_CMD_Process_Critical situation 59
UNIX_CMD_Runaway_Process situation 59
UNIX_CPU_Busy policy 65
UNIX_CPU_Busy_Critical 70
UNIX_CPU_Busy_Critical situation 60
UNIX_CPU_Busy_Warning 70
UNIX_CPU_Busy_Warning situation 60
UNIX_CPU_Critical situation 59
UNIX_CPU_Warning situation 59
UNIX_Disk_Availability situation 57
UNIX_Disk_Space_Full policy 66
UNIX_Filemount_Critical situation 57
UNIX_HD_Config_Critical situation 57
UNIX_HD_Excessive_IO_Wait situation 60
UNIX_Network_Collsns_Critical situation 58
UNIX_Network_Collsns_Warning situation 58
UNIX_Network_Errors situation 58
132 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide
UNIX_Network_Interface_Busy situation 58
UNIX_Network_Interface_Idle situation 58
UNIX_NFS_RPC_Rejects 71
UNIX_Process Memory_Warning 71
UNIX_Process_Memory_Critical 71
UNIX_Process_Memory_Critical situation 59
UNIX_Process_Memory_Leak situation 59
UNIX_Process_Memory_Warning situation 59
UNIX_Process_MISSING_inetd situation 59
UNIX_scratch_tmp_Disk_Full situation 57
UNIX_System_Busy_Critical situation 60
UNIX_System_Busy_Warning situation 60
UNIX_System_Capacity_Critical situation 60
UNIX_System_Paging_Critical 72
UNIX_System_Paging_Critical situation 60
UNIX_System_Virtual_Memory_Warning 72
UNIX_System_Virtual_Memory_Warning situation 61
UNIX_User_CPU_Critical situation 61
7
UNIX_User_File_Exists situation 58
UNIX_Virtual_Memory_High policy 66
UNIXCPU historical table 87
UNIXDISK historical table 88
UNIXDPERF historical table 88
UNIXFILE historical table 89
UNIXNET historical table 89
UNIXNFS historical table 90
UNIXOS historical table 93
UNIXPS historical table 92
UNIXUSER historical table 96
User attribute group
list of attributes 51
UNIXUSER historical table 96
user interfaces options 2
Users workspace 19
V
values, modifying situations 10
viewing data 11
viewing real-time monitoring environment 7
W
weekly update support option 118
Windows agent installation problems 104
workarounds 103
agents 107
remote deployment 112
situations 113
Take Action commands 116
Tivoli Enterprise Portal 112
workspaces 112
workspaces
Disk Usage 15
Disk Usage Details 15
Disk Utilization for Mount Point 15
Enterprise UNIX System Summary 14
event 8
File Information 15
list of all 13
more information 13
Network 16
NFS Activity 16
overview 13
workspaces (continued)
predefined 13
problem determination 112
Process 16
RPC Performance 18
Solaris System CPU Workload Summary 18
System Details 19
System Information 19
UNIX Details 14
UNIX Summary 14
Users 19

Index 133
134 IBM Tivoli Monitoring: UNIX OS Agent: User’s Guide



Printed in USA

SC32-9446-00