Can anyone help me?
Do you mean create a batch script (containing the command)?
Edit the (or create a new) SAM template, from http://<Orion-server>/Orion/APM/Admin/ApplicationTemplates.aspx
Add a new component to the template and try using either the "Windows PowerShell Monitor" or the "Windows Script Monitor".
There are also some example scripts in your Program Files (x86)\SolarWinds\Orion\APM\SampleScriptMonitors folder.
Is that what you meant?
Okay, now that's a little clearer I have had a look at this.
I will assume that the screenshot above is from the Process Explorer, which uses WMI to get the running processes from the remote computer, giving this Task Manager like view.
I have checked on the process monitors I have in place, and they do not reference the command line of the process, in the data tables, or not that I have located yet.
I suspect that the monitor uses the WMI Win32_Process class, which uses the process name and does not need to retrieve (or store) the executable full path.
You may have to create a new monitor to retrieve this information - If anyone else has better info please chip in!
I did some testing using Get-Process and wrote this PowerShell monitor that checks that a process (Outlook in my example) is running and if so returning the executrices path.
$procname = 'OUTLOOK'
$info = Get-Process -Name $procname -ErrorAction SilentlyContinue
Write-Host "Statistic.Process: 0"
Write-Host "Message.Process: $procname was not found"
$ExitCode = 1 # Down
Write-Host "Statistic.Process: 1"
$data = get-wmiobject win32_process -filter "name like 'Outlook%'" | select Path
Write-Host "Message.Process: $data"
$ExitCode = 0 # Up
Once you have created this as a component of the monitor template, we then need to work out how to retrieve the data, back into an alert.
I will test and come back with some advice on doing that.
(Unless any other thwacker has a better way to skin this cat).
I am struggling to get the path variable to return cleanly in the Message result, although it is working perfectly when I run it in PoweShell ISE.
At least this version returns a path you can read.