I just added some more server monitoring using monit to my server so I thought I'd share a bit of the config in case someone else has a use for it.
Since /etc/monitrc is by default rather verbose and well commented I'll skip this though (also this is covered in a lot of other tutorials anyway)
the start script names, sockets, ports, pid files will probably have to be adjusted depending on your distribution/config. Mine are mostly based on Gentoo defaults. On another note I use "restart" instead of "start" for most since openrc does notice if it is stopped (and start doesn't do anything if the previous stop for some reason failed or something)
so here are the config files for the services I monitor with monit at the moment (most of it is pretty standard but anyway ;)):
clamav:
check process clamd with pidfile /var/run/clamav/clamd.pid group virus start program = "/etc/init.d/clamd start" stop program = "/etc/init.d/clamd stop" if failed unixsocket /var/run/clamav/clamd.sock then restart if 5 restarts within 5 cycles then timeout
postgresql:
check process postgres with pidfile /var/lib/postgresql/9.2/data/postmaster.pid group database start program = "/etc/init.d/postgresql-9.2 start" stop program = "/etc/init.d/postgresql-9.2 stop" if failed unixsocket /run/postgresql/.s.PGSQL.5432 protocol pgsql then restart if failed host 127.0.0.1 port 5432 protocol pgsql then restart if 5 restarts within 5 cycles then timeout
postfix:
check process postfix with pidfile /var/spool/postfix/pid/master.pid group mail start program = "/etc/init.d/postfix start" stop program = "/etc/init.d/postfix stop" if failed port 25 protocol smtp then restart if 5 restarts within 5 cycles then timeout
dbmail (this is mostly based on the mail to the dbmail mailinglist by Harald Leithner in October 2013):
check process dbmail-imapd with pidfile /var/run/dbmail/dbmail-imapd.pid group dbmail start program = "/etc/init.d/dbmail-imapd restart" stop program = "/etc/init.d/dbmail-imapd stop" if failed port 143 protocol imap with timeout 2 seconds within 2 cycles then restart if failed port 993 type TCPSSL protocol imap with timeout 15 seconds within 3 cycles then restart if memory > 1024 MB for 3 cycles then alert if memory > 1524 MB for 3 cycles then restart if cpu > 80% for 5 cycles then alert if cpu > 80% for 15 cycles then restart check process dbmail-lmtpd with pidfile /var/run/dbmail/dbmail-lmtpd.pid group dbmail start program = "/etc/init.d/dbmail-lmtpd restart" stop program = "/etc/init.d/dbmail-lmtpd stop" if failed port 24 protocol lmtp with timeout 10 seconds within 3 cycles then restart if 3 restarts within 5 cycles then timeout if totalmemory > 1024 MB for 3 cycles then restart if cpu > 80% for 5 cycles then alert check process dbmail-timsieved with pidfile /var/run/dbmail/dbmail-timsieved.pid group dbmail start program = "/etc/init.d/dbmail-timsieved restart" stop program = "/etc/init.d/dbmail-timsieved stop" # if failed port 2000 then restart ## deactivated port check as it caused problems if 3 restarts within 5 cycles then timeout if totalmemory > 1024 MB for 3 cycles then restart if cpu > 80% for 5 cycles then alert
openfire (ports for this can be seen on the admin console in case you have different ones):
check process openfire with pidfile /var/run/jabber/openfire.pid start program "/etc/init.d/openfire restart" stop program "/etc/init.d/openfire stop" if failed port 5222 then restart if failed port 5223 type tcpssl then restart if failed port 5229 then restart if failed port 5269 then restart if failed port 7070 protocol http then restart if failed port 7443 type tcpssl protocol http then restart if failed port 7777 then restart if failed port 9090 protocol http then restart if failed port 9091 type tcpssl protocol http then restart if 5 restarts within 5 cycles then timeout # Copy paste from admin page # All addresses 5222 This port uses SSL to encrypt traffic over the network Client to Server The standard port for clients to connect to the server. Connections may or may not be encrypted. You can update the security settings for this port. # All addresses 5223 This port uses SSL to encrypt traffic over the network Client to Server The port used for clients to connect to the server using the old SSL method. The old SSL method is not an XMPP standard method and will be deprecated in the future. You can update the security settings for this port. # All addresses 9090 Admin Console The port used for unsecured Admin Console access. # All addresses 9091 This port uses SSL to encrypt traffic over the network Admin Console The port used for secured Admin Console access. # All addresses 7777 File Transfer Proxy The port used for the proxy service that allows file transfers to occur between two entities on the XMPP network. # All addresses 7070 HTTP Binding The port used for unsecured HTTP client connections. # All addresses 7443 This port uses SSL to encrypt traffic over the network HTTP Binding The port used for secured HTTP client connections. # All addresses 10000 - 20000 Real time media proxy The port used for the proxy service that allows Jingle connections between two entities on the XMPP network. # All addresses 5229 Flash Cross Domain Service that allows Flash clients connect to other hostnames and ports.Share on Twitter Share on Facebook
Comments
There are currently no comments
New Comment