Server monitoring with monit (dbmail, openfire, postfix, ..)

(0 comments)

I just added some more server monitoring using monit to my server so I thought I'd share a bit of the config in case someone else has a use for it.

Since /etc/monitrc is by default rather verbose and well commented I'll skip this though (also this is covered in a lot of other tutorials anyway)

the start script names, sockets, ports, pid files will probably have to be adjusted depending on your distribution/config. Mine are mostly based on Gentoo defaults. On another note I use "restart" instead of "start" for most since openrc does notice if it is stopped (and start doesn't do anything if the previous stop for some reason failed or something)
so here are the config files for the services I monitor with monit at the moment (most of it is pretty standard but anyway ;)):

clamav:

check process clamd with pidfile /var/run/clamav/clamd.pid
   group virus
   start program = "/etc/init.d/clamd start"
   stop  program = "/etc/init.d/clamd stop"
   if failed unixsocket /var/run/clamav/clamd.sock then restart
   if 5 restarts within 5 cycles then timeout

postgresql:

 check process postgres with pidfile /var/lib/postgresql/9.2/data/postmaster.pid
   group database
   start program = "/etc/init.d/postgresql-9.2 start"
   stop  program = "/etc/init.d/postgresql-9.2 stop"
   if failed unixsocket /run/postgresql/.s.PGSQL.5432 protocol pgsql
      then restart
   if failed host 127.0.0.1 port 5432 protocol pgsql then restart
   if 5 restarts within 5 cycles then timeout

postfix:

check process postfix with pidfile /var/spool/postfix/pid/master.pid
   group mail
   start program = "/etc/init.d/postfix start"
   stop  program = "/etc/init.d/postfix stop"
   if failed port 25 protocol smtp then restart
   if 5 restarts within 5 cycles then timeout

dbmail (this is mostly based on the mail to the dbmail mailinglist by Harald Leithner in October 2013):

check process dbmail-imapd with pidfile /var/run/dbmail/dbmail-imapd.pid
    group dbmail
    start program = "/etc/init.d/dbmail-imapd restart"
    stop  program = "/etc/init.d/dbmail-imapd stop"
    if failed port 143 protocol imap with timeout 2  seconds within 2  cycles then restart
    if failed port 993 type TCPSSL protocol imap with timeout 15 seconds  within 3 cycles then restart
    if memory > 1024 MB for 3 cycles then alert
    if memory > 1524 MB for 3 cycles then restart
    if cpu > 80% for 5 cycles then alert
    if cpu > 80% for 15 cycles then restart


check process dbmail-lmtpd with pidfile /var/run/dbmail/dbmail-lmtpd.pid
    group dbmail
    start program = "/etc/init.d/dbmail-lmtpd restart"
    stop  program = "/etc/init.d/dbmail-lmtpd stop"
    if failed port 24 protocol lmtp with timeout 10 seconds within 3 cycles then restart
    if 3 restarts within 5 cycles then timeout
    if totalmemory > 1024 MB for 3 cycles then restart
    if cpu > 80% for 5 cycles then alert


check process dbmail-timsieved with pidfile /var/run/dbmail/dbmail-timsieved.pid
    group dbmail
    start program = "/etc/init.d/dbmail-timsieved restart"
    stop  program = "/etc/init.d/dbmail-timsieved stop"
#    if failed port 2000 then restart
## deactivated port check as it caused problems
    if 3 restarts within 5 cycles then timeout
    if totalmemory > 1024 MB for 3 cycles then restart
    if cpu > 80% for 5 cycles then alert

openfire (ports for this can be seen on the admin console in case you have different ones):

check process openfire with pidfile /var/run/jabber/openfire.pid
  start program  "/etc/init.d/openfire restart"
  stop program  "/etc/init.d/openfire stop"

  if failed port 5222 then restart
  if failed port 5223 type tcpssl then restart
  if failed port 5229 then restart
  if failed port 5269 then restart
  if failed port 7070 protocol http then restart
  if failed port 7443 type tcpssl protocol http then restart
  if failed port 7777 then restart
  if failed port 9090 protocol http then restart
  if failed port 9091 type tcpssl protocol http then restart

  if 5 restarts within 5 cycles then timeout

# Copy paste from admin page
# All addresses         5222   This port uses SSL to encrypt traffic over the network   Client to Server        The standard port for clients to connect to the server. Connections may or may not be encrypted. You can update the security settings for this port.
# All addresses         5223   This port uses SSL to encrypt traffic over the network   Client to Server        The port used for clients to connect to the server using the old SSL method. The old SSL method is not an XMPP standard method and will be deprecated in the future. You can update the security settings for this port.
# All addresses         9090        Admin Console    The port used for unsecured Admin Console access.
# All addresses         9091        This port uses SSL to encrypt traffic over the network     Admin Console    The port used for secured Admin Console access.
# All addresses         7777             File Transfer Proxy      The port used for the proxy service that allows file transfers to occur between two entities on the XMPP network.
# All addresses         7070                  HTTP Binding        The port used for unsecured HTTP client connections.
# All addresses         7443                  This port uses SSL to encrypt traffic over the network      HTTP Binding  The port used for secured HTTP client connections.
# All addresses         10000 - 20000              Real time media proxy    The port used for the proxy service that allows Jingle connections between two entities on the XMPP network.
# All addresses         5229    Flash Cross Domain      Service that allows Flash clients connect to other hostnames and ports.

Currently unrated

Comments

There are currently no comments

New Comment

required

required (not published)

optional

required

Recent Posts

Archive

2023
2022
2021
2020
2019
2018
2014
2012
2011
2010
2009
2008
2007

Categories

Authors

Feeds

RSS / Atom