Setting up Monit

Install

see monit-install and/or monit-source

Setup

#nmap -p 80,443,8080,8443 mmonit
nc -vz -w5 mmonit 443

official binary

mv /etc/monitrc /etc/monitrc.dist
sed '/^[[:space:]]*$/d; /^[[:space:]]*#/d' /etc/monitrc.dist > /etc/monitrc
chmod 600 /etc/monitrc
vi /etc/monitrc

Ubuntu package

mv /etc/monit/monitrc /etc/monit/monitrc.dist
sed '/^[[:space:]]*$/d; /^[[:space:]]*#/d' /etc/monit/monitrc.dist > /etc/monit/monitrc
chmod 600 /etc/monit/monitrc
vi /etc/monit/monitrc

NetBSD package

mv /usr/pkg/etc/monit/monitrc /usr/pkg/etc/monit/monitrc.dist
sed '/^[[:space:]]*$/d; /^[[:space:]]*#/d' /usr/pkg/etc/monit/monitrc.dist > /usr/pkg/etc/monit/monitrc
chmod 600 /usr/pkg/etc/monit/monitrc
vi /usr/pkg/etc/monit/monitrc

MWE e.g.

set daemon 30
set log syslog
set httpd port 2812 and
    allow localhost
    allow admin:monit

set mmonit https://monit:PASSWORD@mmonit/mmonit/collector
#set mmonit https://monit:PASSWORD@mmonit/collector

check network xenbr0 with interface xenbr0
check network lo with interface lo

check filesystem rootfs/ with path /
check filesystem data/ with path /data/

TODO change httpd admin password

Ready go to

start & enable

Start and enable the daemon at boot time

Upstream binary

vi /etc/rc.local

# self-verbose
/usr/local/bin/monit

otherwise (binaries on Debian)

#echo -n starting monit...
#/usr/local/monit/bin/monit start all && echo done

Slackware system packages

vi /etc/rc.local

#self verbose
/usr/bin/monit

Debian systems

systemctl reload monit
systemctl status monit

Old Redhat systems

service monit restart
chkconfig monit on

New Redhat systems

systemctl start monit
systemctl enable monit
systemctl status monit

NetBSD

/etc/rc.d/monit start

You should now see the added host within the M/Monit interface.

reload

/usr/local/bin/monit reload

–or– with the traditional method (also works)

kill -HUP PID

Acceptance

wait a few seconds and your performance graphs should show up

https://mmonit/mmonit/reports/analytics/
#https://mmonit/reports/analytics/

Troubleshooting

Eventually check that the monit host resolves, responds, and that the mmonit service is reachable, preferably on port 443,

ping -c1 mmonit
nmap -p 80,8080,443 mmonit

For network monitoring, identify what network interface you are using,

    netifs=`ifconfig | grep ^[[:alpha:]] | egrep -v ^lo | awk '{print $1}'`
    echo $conf
echo $netifs

for netif in $netifs; do cat >> $conf <<-EOF

check network $netif with interface $netif
        if failed link then alert
        if changed link then alert
        if saturation > 90% then alert
        if total upload > 1 GB in last hour then alert
EOF
done; unset netif

unset netifs

Check how many CPUs you have,

grep ^proc /proc/cpuinfo | wc -l

Check your short hostname and FQDN,

#hostname
#hostname --long

The default CPU info that shows up is wait. I like that so I do not tweak that.

#cat >> $conf <<-EOF
#
#check system HOSTNAME
#       if loadavg (15min) > 4 then alert
#       if memory usage > 90% then alert
#       if swap usage > 5% then alert
#       if cpu usage (wait) > 10% then alert
#       group system_resources
#EOF

Eventually check that your smtp relay responds and that your email setup is in place.

hostmaster=hostmaster@example.com
smarthost=smarthost.example.local
nmap -p 25 $smarthost
telnet $smarthost 25
quit

Mail alerts setup,

set mailserver $smarthost, localhost
set alert $hostmaster

set mail-format {
    from: $hostmaster
    subject: Monit alert -- $EVENT $SERVICE
    message: $EVENT Service $SERVICE

    Date:        $DATE
    Action:      $ACTION
    Host:        $HOST
    Description: $DESCRIPTION

    -- 
    Monit http://$HOST:2812/
    M/Monit https://$mmonit/
}

Additional notes

old ubuntu 14

apt install git build-essential libtool automake
git clone https://bitbucket.org/tildeslash/monit.git
cd monit/
./bootstrap

apt install byacc flex zlib1g-dev libssl-dev
./configure --without-pam
make
#apt purge monit
#apt autoremove
make install
cp ~/monit/monitrc /etc/
ln -s /etc/monitrc ~/

vi /etc/rc.local

#self verbose
/usr/local/bin/monit

workstation

Prepare some dummy key,

#apt install ssl-cert
#/var/lib/dpkg/info/ssl-cert.postinst
ls -lhF /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/private/ssl-cert-snakeoil.key
chmod 400 /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/private/ssl-cert-snakeoil.key

and add this to monitrc (eventuall enable ssl),

set httpd port 2812
        signature disable
        #ssl enable
        #pemfile /etc/ssl/certs/ssl-cert-snakeoil.pem
        allow localhost        # allow localhost to connect to the server and
        allow admin:monit      # require user 'admin' with password 'monit'

monitoring assets

Get some sample config quick & dirty

ifconfig | grep ^[[:alpha:]] | cut -f1 -d:
df -P | egrep '^/dev/sda|^/dev/xbd|^/dev/root' | awk '{print $NF}'

for netif in `ifconfig | grep ^[[:alpha:]] | cut -f1 -d:`; do
    echo check network $netif with interface $netif
done; unset netif; for fs in `df -P | egrep '^/dev/sda|^/dev/xbd|^/dev/root' | awk '{print $NF}'`; do
    echo check filesystem `echo $fs | sed 's#/#_#g'` with path /
done; unset fs

Setup additional services'monitoring e.g.,

check process mongod with pidfile /var/run/mongodb/mongod.pid
    if cpu > 60% for 2 cycles then alert
    #if totalmem > 1 GB for 5 cycles then restart
    if children > 250 then restart
    if loadavg(5min) greater than 10 for 8 cycles then alert
    group server

moar examples – alerts

# NSD
check process nsd with pidfile /var/chroot/nsd/db/nsd.pid
    if failed host 127.0.0.1 port 53 type tcp protocol dns then alert
    if failed host 127.0.0.1 port 53 type udp protocol dns then alert

# Postfix
check process postfix with pidfile /var/spool/postfix/pid/master.pid
    if failed host 127.0.0.1 port 25 type tcp protocol smtp then alert

moar examples – graphs

# CPU load
check system $HOST
    if loadavg (1min) per core > 2 for 5 cycles then alert
    if loadavg (5min) per core > 1.5 for 10 cycles then alert
    if cpu usage > 95% for 10 cycles then alert
    if memory usage > 75% then alert
    if swap usage > 25% then alert

# TX/RX -- beware of backups every night
check network xenbr0 with interface xenbr0
    if link down then alert
    if changed link then alert
    if saturation > 90% then alert
    if download > 10 MB/s then alert
    if total uploaded > 1 GB in last hour then alert

check network lo with interface lo
    if link down then alert
    if changed link then alert
    if saturation > 90% then alert
    if download > 10 MB/s then alert
    if total uploaded > 1 GB in last hour then alert

# file-system usage
check filesystem rootfs/ with path /
check filesystem data/ with path /data/

Operations

reload after changes (HUP also works)

monit reload

Resources

https://mmonit.com/wiki/Monit/ConfigurationExamples

https://github.com/danschultzer/monit-graph/

https://www.slimframework.com/docs/v4/start/web-servers.html#nginx-configuration

https://dreamconception.com/tech/tools/measure-your-server-performance-with-monit-and-monit-graph/

https://mmonit.com/wiki/MMonit/PushoverNotification

https://mmonit.com/wiki/Monit/ConfigurationExamples

https://metin2.dev/board/topic/23392-monitoring-your-servers-with-monit/

moar

https://superuser.com/questions/1129639/use-monit-to-monitorize-a-web-site-using-a-nagios-plugin –> take advantage of nagios plugins


HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Copyright © 2024 Pierre-Philipp Braun