# Zabbix - help with error message



## fred974 (Jun 19, 2017)

Hi,

I monitor our FreeBSD production server using zabbix-agent and I keep getting this email:

```
Subject: PROBLEM: Too many processes on FreeBSD.mydomain.co.uk
Trigger: Too many processes on FreeBSD.mydomain.co.uk
Trigger status: PROBLEM
Trigger severity: Warning
Trigger URL:

Item values:

1. Number of processes (FreeBSD.mydomain.co.uk:proc.num[]): 327
2. *UNKNOWN* (*UNKNOWN*:*UNKNOWN*): *UNKNOWN*
3. *UNKNOWN* (*UNKNOWN*:*UNKNOWN*): *UNKNOWN*

Original event ID: 234
```
I am not sure what this mean.. what is classify as too many request?
`ps r|wc`

```
20     131     933
```
I have 14 jails on that host:
1 Mail
1 Database
12 webjail

Could anyone please help me as to how to treat such email notification?

Thank you


----------



## SirDice (Jun 19, 2017)

The default limit is rather low, so if you have 14 jails running there will be a _lot_ more processes on the host itself. You'll need to increase the limit on the host configuration in Zabbix.


----------



## fred974 (Jun 21, 2017)

SirDice said:


> You'll need to increase the limit on the host configuration in Zabbix


Hi SirDice ,
What do you use to set the limit? Do you just pick a number or is there a methodology to follow?


----------



## Eric A. Borisch (Jun 22, 2017)

I tend to look at trends when it is running "as expected" at set the trigger significantly above.  This trigger is really looking for "out of the norm "activities, like a stript gone awry forking.  Or disable this trigger, and just rely on either the running processes or load level triggers.


----------



## fred974 (Jun 22, 2017)

Eric A. Borisch said:


> I tend to look at trends when it is running "as expected" at set the trigger significantly above


Would you check with `ps r|wc` or another command?


----------



## SirDice (Jun 23, 2017)

In Zabbix, go to "Latest data". Lookup the process count for the host. There's a "Graph" button on the right hand side. If you click on it you'll see a graph of the number of processes. Change the time-period to a week or more and look at the graph itself. Look at the shape (straight line, more or less random, or something else). Then try to imagine what the graph will do in the future. Base your numbers on that.

Alert thresholds aren't dynamic. So you'll need to adjust the thresholds according to _your_ usage patterns. For example, a typical firewall doesn't have a lot of processes running and a host with 14 jails on it will have quite a lot. So for each host you will need to set the right numbers, the firewall needs a lower threshold than the host with the 14 jails.


----------

