Current location - Quotes Website - Signature design - How to use Monit to deploy a server monitoring system
How to use Monit to deploy a server monitoring system

What is Monit?

Monit is

a cross-platform tool for monitoring Unix/linux systems (such as Linux, BSD, OSX, Solaris). Monit is extremely easy to install, is very lightweight (only 500KB in size), and does not rely on any third-party programs, plug-ins or libraries. However, Monit is capable of scenarios such as comprehensive monitoring, process status monitoring, file system change monitoring, email notifications, and customized actions on core services

. Easy installation, lightweight implementation and powerful functions make Monit an ideal backup monitoring tool.

I

have been using Monit on a few machines for a few years and I'm very pleased with its reliability. Even as a comprehensive monitoring system, Monit is very useful and powerful for any Linux system administrator

In this tutorial, I will show you how to deploy Monit (as a backup monitoring system) on a local server to monitor common services. During the deployment process, I will only show the parts we use.

Installing Monit on Linux

Monit is already included in the software repositories of most Linux distributions.

Debian, Ubuntu or Linux Mint:

$ sudo aptitude install monit

Fedora or CentOS/RHEL:

On CentOS/RHEL , you must first enable EPEL or Repoforge software repository.

# yum install monit

Monit

comes with a well-documented configuration file, which contains Many examples. The main configuration file is /etc/monit.conf (Fedora/CentOS/RHEL

), or /etc/monit/monitrc (Debian/Ubuntu/Mint

). The Monit configuration file has two parts: "Global" and "Services".

Global Configuration: Web Status Page (Global Configuration: Web Status Page)

Monit can use the email service to send notifications, and can also use HTTP/HTTPS pages for display. Let’s first use the web status page configured as follows:

Monit listens to port 1966.

Access to the web status page is encrypted via SSL.

Log in using monituser/romania as username/password.

Access is only allowed through localhost, myhost.mydomain.ro and within the LAN (192.168.0.0/16).

Monit uses SSL certificates in pem format.

For the next steps, I will use a Red Hat-based system. The steps are similar on Debian-based systems.

First, generate a self-signed certificate (monit.pem) in /var/cert:

# mkdir /var/certs # cd /etc/pki/tls/certs # ./make-dummy-cert monit.pem # cp monit.pem /var/certs # chmod 0400 /var/certs/monit.pem

Now put the following code snippet into Monit’s main configuration file . You can create an empty configuration file or modify it based on the provided configuration file.

set httpd port 1966 and SSL ENABLE PEMFILE /var/certs/monit.pem allow monituser:romania allow localhost allow 192.168.0.0/16 allow myhost.mydomain.ro

Global Configuration : Email Notification (Global Configuration: Email Notification)

Then, we set up Monit’s email notification. We need at least one available SMTP server for Monit to send emails. This will work (modify according to your actual situation):

The machine name of the mail server: smtp.monit.ro

The sender used by Monit: monit@monit.ro

Recipient of the email: guletz@monit.ro

SMTP port used by the mail server: 587 (default is 25)

With the above information, the email Notifications can be configured like this:

set mailserver smtp.monit.ro port 587 set mail-format { from: monit@monit.ro subject: $SERVICE $EVENT at $DATE on $HOST message: Monit $ ACTION $SERVICE $EVENT at $DATE on $HOST: $DESCRIPTION. Yours sincerely, Monit } set alert guletz@monit.ro

As you can see, Monit provides several internal variables ($ DATE, $EVENT, $HOST, etc.), you can customize the email content according to your needs. If you want to send mail from the machine where Monit is located, you need an installed sendmail-compatible program (such as postfix or ssmtp).

Global Configuration: Monit Daemon (Global Configuration: Monit daemon)

Next it is time to configure the Monit daemon. You can set it like this:

Do the first test after 120 seconds.

Check the service every 3 minutes.

Use syslog to record logs.

The following code snippet can meet the above requirements.

set daemon 120 with start delay 240 set logfile syslog facility log_daemon

We must define "idfile", a unique ID file for the Monit daemon; and "eventqueue", when monit If the email cannot be sent due to SMTP or network failure, the email will be temporarily stored here; and ensure that the /var/monit path exists. Then just use the configuration below.

set idfile /var/monit/id set eventqueue basedir /var/monit

Test global configuration

Now the "Global" part is complete. The Monit configuration file looks like this:

# Global Section # status webpage and acl's set httpd port 1966 and SSL ENABLE PEMFILE /var/certs/monit.pem allow monituser:romania allow localhost allow 192.168.0.0/ 16 allow myhost.mydomain.ro # mail-server set mailserver smtp.monit.ro port 587 # email-format set mail-format { from: monit@monit.ro subject: $SERVICE $EVENT at $DATE on $HOST message: Monit $ACTION $SERVICE $EVENT at $DATE on $HOST: $DESCRIPTION. Yours sincerely, Monit } set alert guletz@monit.ro # delay checks set daemon 120 with start delay 240 set logfile syslog facility log_daemon # idfile and mail queue path set idfile /var/monit/id set eventqueue basedir /var/monit

Now it’s time to verify our work, you can verify the existence of the configuration file (/etc/monit.conf) by running the following command ):

# monit -t Control file syntax OK

If monit prompts any errors, please check the configuration file again.

Fortunately, error/warning messages can help you identify the problem, such as:

monit: Cannot stat the SSL server PEM file '/var/certs/monit.pem' -- No such file or directory /etc/monit/monitrc: 10: Warning: hostname did not resolve 'smtp.monit.ro'

Once you confirm that the configuration file is OK, you can start the monit daemon and wait 2 to 3 Minutes:

# service monit start

If you are using systemd, run:

# systemctl start monit

Now open a browser window, and visit https://lt;monit_hostgt;:1966. Replace "monit_hostgt" with the machine name or IP address of the machine where Monit is located.

If you are using a self-signed SSL certificate, you will see a warning message in your browser. Just keep visiting.

After you complete the login, you will see this page.

In the remainder of this tutorial, we demonstrate methods of monitoring a local server and common services. You will see many useful examples on the official wiki page. Most of them can be copied and pasted directly!

Service Configuration: CPU/Memory Monitoring (Service Configuration: CPU, Memory Monitoring)

Let’s first monitor the CPU and memory usage of the local server. Copy the following code snippet into the configuration file.

check system localhost if loadavg (1min) gt; 10 then alert if loadavg (5min) gt; 6 then alert if memory usage gt; 75 then alert if cpu usage (user) gt; 70 then alert if cpu usage (system) gt; 60 then alert if cpu usage (wait) gt; 75 then alert

You can easily understand the above configuration. The check at the top means that the following operations are performed on the local machine every monitoring period (120 seconds set in the global configuration). If any of the conditions are met, the monit daemon sends an alert using email.

If a monitoring item does not need to be checked every cycle, you can use the following format, which will check the average load every 240 seconds.

if loadavg (1min) gt; 10 for 2 cycles then alert

Service Configuration: SSH Service Monitoring (Service Configuration: SSH Service Monitoring)

Check first Is our sshd installed in /usr/sbin/sshd:

check file sshd_bin with path /usr/sbin/sshd

We also want to check whether the sshd startup script exists:

check file sshd_init with path /etc/init.d/sshd

Finally, we also want to check whether the sshd daemon is alive and listening on port 22:

check process sshd with pidfile /var/run/sshd.pid start program "/etc/init.d/sshd start" stop program "/etc/init.d/sshd stop" if failed port 22 protocol ssh then restart if 5 restarts within 5 cycles then timeout

We

we can interpret the above configuration like this: we check if there is a process named sshd and there is a file holding its pid (/var /run/sshd.pid). If any

does not exist, we use the startup script to restart sshd. We check if there is a process listening on port 22 and using the SSH protocol. If not, we still restart sshd. If it has been restarted at least 5 times in the last 5 monitoring cycles (5x120 seconds), sshd is considered unusable and we will no longer check it.

Service Configuration: SMTP Service Monitoring (Service Configuration: SMTP Service Monitoring)

Now we set up a monitoring to check the remote SMTP server (such as 192.168.111.102). It is assumed that the SMTP server is running SMTP, IMAP, and SSH services.

check host MAIL with address 192.168.111.102 if failed icmp type echo within 10 cycles then alert if failed port 25 protocol smtp then alert else if recovered then exec "/scripts/mail-script" if failed port 22 protocol ssh then alert if failed port 143 protocol imap then alert

We

we check whether the remote host responds to the ICMP protocol. If we don't receive an ICMP response within 10 cycles, we send an alert. If it is detected that the SMTP protocol on port 25 is abnormal, an alarm will be sent

. If monitoring succeeds after a monitoring failure, a script (/scripts/mail-script) is run. If the SSH on port 22 or the IMAP protocol on port 143 is abnormal, an alarm will also be sent.

Related articles
  • The most beautiful name of wechat.
  • Where can I sign online to buy commercial housing in Urumqi? What materials to provide
  • 100 WeChat signature unique to ethnic minorities.
  • Do parents need to sign a minor's name change?
  • The abbreviation of Li.
  • COVID-19 epidemic copy
  • What should Howard think of Kobe Bryant's soft and grateful remarks?
  • How to underline the signature in word?
  • Technical content of core public chain
  • What's the difference between Ramstein and slipknot?

    • copyright 2024 Quotes Website All rights reserved