Monit is controlled via an easy to configure control file based on afree-format, token-oriented syntax. Monit logs to syslog or to its own logfile and notifies you about error conditions via customizable alert messages.Monit can perform various TCP/IP network checks, protocol checks and canutilize SSL for such checks. Monit provides a http(s) interface and you mayuse a browser to access the Monit program.WHAT TO MONITOR?You can use Monit to monitor daemon processes or similar programs runningon localhost. Monit is particularly useful for monitoring daemon processes,such as those started at system boot time from /etc/init.d/. For instancesendmail, sshd, apache and mysql.
In contrast to many other monitoringsystems, Monit can act if an error situation should occur, e.g.; if sendmailis not running, monit can start sendmail again automatically or if apache isusing too many resources (e.g. If a DoS attack is in progress) Monit can stopor restart apache and send you an alert message. Monit can also monitorprocess characteristics, such as how much memory or cpu cycles a process isusing. HPrint a help textArgumentsOnce you have Monit running as a daemon process, you can call Monit with one ofthe following arguments.
Medical Science Monitor Basic Research has been selected for the ESCI - Emerging Sources Citation Index (Thomson Reuters, Web of Science, ISI), launching in November 2015 as a new edition of the Web of Science.
Monit will then connect to the Monit daemon (on TCPport 127.0.0.1:2812 by default) and ask the Monit daemon to perform therequested action. In other words; calling monit without arguments starts theMonit daemon, and calling monit with arguments enables you tocommunicate with the Monit daemon process.start all Start all services listed in the control file and enable monitoring forthem. If the group option is set ( -g), only start and enablemonitoring of services in the named group ('all' is not requiredin this case).
Start name Start the named service and enable monitoring for it. The name is aservice entry name from the monitrc file. Stop all Stop all services listed in the control file and disable their monitoring.If the group option is set, only stop and disable monitoring of theservices in the named group (all' is not required in this case). Stop name Stop the named service and disable its monitoring. The name is a serviceentry name from the monitrc file. Restart all Stop and start all services. If the group option is set, onlyrestart the services in the named group ('all' is not requiredin this case).
Restart name Restart the named service. The name is a service entry name from themonitrc file.
Monitor all Enable monitoring of all services listed in the control file. If the groupoption is set, only start monitoring of services in the named group('all' is not required in this case). Monitor name Enable monitoring of the named service. The name is a service entry namefrom the monitrc file. Monit will also enable monitoring of all servicesthis service depends on. Unmonitor all Disable monitoring of all services listed in the control file.
If thegroup option is set, only disable monitoring of services in the namedgroup ('all' is not required in this case). Unmonitor name Disable monitoring of the named service. The name is a service entry namefrom the monitrc file. Monit will also disable monitoring of all servicesthat depends on this service. Status Print status information of each service.
Summary Print a short status summary. Reload Reinitialize a running Monit daemon, the daemon will reread itsconfiguration, close and reopen log files. Quit Kill the Monit daemon process validate Check all services listed in the control file. This action is also thedefault behavior when Monit runs in daemon mode. Procmatch regex Allows for easy testing of pattern for process match check. The commandtakes regular expression as an argument and displays all running processesmatching the pattern.
THE MONIT CONTROL FILEMonit is configured and controlled via a control file called monitrc. Thedefault location for this file is /.monitrc. If this file does not exist,Monit will try /etc/monitrc, then @sysconfdir@/monitrc and finally./monitrc.The value of @sysconfdir@ is given at configure time as./configure-sysconfdir. For instance, using./configure -sysconfdir /var/monit/etc will make Monit search for monitrc in/var/monit/etc. On a semantic level, the control file consists of three types of entries:1. Global set-statements A global set-statement starts with the keyword set and the item toconfigure. Global include-statement The include statement consists of the keyword include and a globstring.
One or more service entry statements. Each service entry consists of the keywords check, followed by theservice type. Each entry requires a unique descriptive name, whichmay be freely chosen. This name is used by monit to refer to the serviceinternally and in all interactions with the user. Currently, eight types of check statements are supported:1. CHECK PROCESS MATCHING is the absolute path to the program's pidfile. If the pidfiledoes not exist or does not contain the pid number of a running process,Monit will call the entry's start method if defined.
Isalternative process specification using pattern matching to process name(command line) from process table instead of pidfile. The first match isused so this form of check is useful for unique pattern matching - thepidfile should be used where possible as it defines expected pid exactly(pattern matching won't be useful for Apache in most cases or forprocesses which start child processes using fork/clone as the child willmatch the same pattern temporarily). The pattern can be obtained usingmonit procmatch '.' CLI command which lists allprocesses visible to Monit or using the ps utility. The'procmatch' CLI command can be used to test your pattern aswell.
If Monit runs in passive mode or the start methods is not defined,Monit will just send alerts on errors. CHECK FILE PATH is the absolute path to the file. If the file does not existor disappeared, Monit will call the entry's start method if defined, if does not point to a regular file type (for instance adirectory), Monit will disable monitoring of this entry.
If Monit runs inpassive mode or the start methods is not defined, Monit will just sendalerts on errors. CHECK FIFO PATH is the absolute path to the fifo. If the fifo does not existor disappeared, Monit will call the entry's start method if defined, if does not point to a fifo type (for instance a directory),Monit will disable monitoring of this entry. If Monit runs in passive modeor the start methods is not defined, Monit will just send alerts onerrors. CHECK FILESYSTEM PATH is the path to the filesystem block special device, mountpoint, file or a directory which is part of a filesystem. It isrecommended to use a block special file directly (for example /dev/hda1 onLinux or /dev/dsk/c0t0d0s1 on Solaris, etc.) If you use a mount point (forexample /data), be careful, because if the filesystem is unmounted thetest will still be true because the mount point exist.
If the filesystem becomes unavailable, Monit will call the entry's startmethod if defined. If does not point to a filesystem, Monitwill disable monitoring of this entry. If Monit runs in passive mode orthe start methods is not defined, Monit will just send alerts onerrors. CHECK DIRECTORY PATH is the absolute path to the directory. If the directory doesnot exist or disappeared, Monit will call the entry's start method ifdefined, if does not point to a directory, monit will disablemonitoring of this entry.
If Monit runs in passive mode or the startmethods is not defined, Monit will just send alerts on errors. CHECK HOST ADDRESS The host address can be specified as a hostname string or as an ip-addressstring on a dotted decimal format. Such as, tildeslash.com or'64.87.72.95'. CHECK SYSTEM The system name is usually hostname, but any descriptive name can be used.You can use the variable $HOST as the name, which will expand to thehostname. This test allows one to check general system resources such asCPU usage (percent of time spent in user, system and wait), total memoryusage or load average.
The unique name is used as the system hostname inmail alerts and when M/Monit is configured, then also as initial name ofthe host entry in M/Monit. CHECK PROGRAM PATH TIMEOUT SECONDS is the absolute path to the executable program or script. Thestatus test allows one to check the program's exit status. Ifprogram will not finish within seconds, Monit willterminate it. The default program timeout is 600 seconds (5 minutes). Theoutput of the program is recorded (up to 1kB). LOGGINGMonit will log status and error messages to a log file.
Use the setlogfile statement in the monitrc control file. To setup Monit to log toits own logfile, use e.g. Set logfile /var/log/monit.log. Ifsyslog is given as a value for the -l command-line switch (orthe keyword set logfile syslog is found in the control file) Monit willuse the syslog system daemon to log messages with a priority assignedto each message based on the context. To turn off logging, simply do not setthe logfile in the control file (and of course, do not use the -l switch)DAEMON MODEUse. If Monit is used to monitor services that are also started at boot time (e.g.services started via SYSV init rc scripts or via inittab) then, in some cases,a race condition could occur.
That is; if a service is slow to start, Monitcan assume that the service is not running and possibly try to start it andraise an alert, while, in fact the service is already about to start oralready in its startup sequence. Please see the FAQ for a solution to thisproblem.INCLUDE FILESThe Monit control file, monitrc, can include additional configurationfiles. This feature helps one to maintain a certain structure or to placerepeating settings into one file. Include statements can be placed atvirtually any spot. The syntax is the following.
O A service does not exist (e.g. Process is not running)o Cannot read service data (e.g.
Cannot get filesystem usage)o Execution of a service related script failed (e.g. Start failed)o Invalid service type (e.g. If path points to directory instead of file)o Custom test script returned erroro Ping test failedo TCP/UDP connection and/or port test failedo Resource usage test failed (e.g. Cpu usage too high)o Checksum mismatch or change (e.g. File changed)o File size test failed (e.g. File too large)o Timestamp test failed (e.g. File is older then expected)o Permission test failed (e.g.
File mode doesn't match)o An UID test failed (e.g. File owned by different user)o A GID test failed (e.g. File owned by different group)o A process' PID changed out of Monit's controlo A process' PPID changed out of Monit controlo Too many service recovery attempts failedo A file content test found a matcho Filesystem flags changedo A service action was performed by administratoro Monit was started, stopped or reloaded. Character: Description:-.
(asterisk) The asterisk indicates that the expression will match for all values of the field; e.g., using an asterisk in the 4th field (month) would indicate every month.- (hyphen) Hyphens are used to define ranges. For example8-9 in the hour field indicate between 8AM and 9AM. Note that range is from time1 until and including time2. That is, from 8AM and until 10AM unless minutes are set. Another example1-5 in the weekday field, specify from monday to friday (including friday)., (comma) Comma are used to specify a sequence. For example 17,18 in the day field indicate the 17th and 18th day of the month.
A sequence can also include ranges. For example, using 1-5,0 in the weekday field indicate monday to friday and sunday. The current test scheduler is poll cycle based.
When Monit starts testing andthe service test is constraint with the every cron statement, it checkswhether the current time match the cron-string pattern. If it does, the testis done, otherwise it is skipped. The cron specification thus does notguarantee when exactly the test will run - that depends on the default polltime and the length of the testing cycle. In other words, we cannot guaranteethat Monit will run on a specific time. Therefor we strongly recommendto use an asterix in the minute field or at minimum a range, e.g.
0-15.Never use a specific minute as Monit may not run on that minute. Services specified in a depend statement will be checked duringstop/start/monitor/unmonitor operations. If a service is stopped orunmonitored it will stop/unmonitor any services that depends on itself.Likewise, if a service is started, it will first stop any services thatdepends on itself and after it is started, start all depending services again.If the service is to be monitored (enable monitoring), all services which thisservice depends on will be monitored before enabling monitoring of thisservice. The first entry is the process entry for apache shown before (abbreviated forclarity). The fourth line sets up a dependency between this entry and theservice entry named httpd in line 6. A depend tree works as follows, if anaction is conducted in a lower branch it will propagate upward in the tree andfor every dependent entry execute the same action.
In this case, if thechecksum should fail in line 7 then an unmonitor action is executed and theapache binary is not checked anymore. But since the apache process entrydepends on the httpd entry this entry will also execute the unmonitor action.In short, if the checksum test for the httpd binary file should fail, both thecheck file httpd entry and the check process apache entry is set inun-monitoring mode. Here we describe how Monit will function with the above dependencies:If no servers are running Monit will start the servers in the following order: d, c,b, a If all servers are running When you run 'Monit stop all' this is the stop order: a, b,c, d. If you run 'Monit stop d' then a, b andc are also stopped because they depend on d and finallyd is stopped.
If a does not run When Monit runs it will start a If b does not run When Monit runs it will first stop a then start b andfinally start a again. If c does not run When Monit runs it will first stop a and b then startc and finally start b then a. If d does not run When Monit runs it will first stop a, b and c thenstart d and finally start c, b then a. If the control file contains a depend loop. A depend loop is for example; a-b and b-a or a-b-c-a. In each test you must select the action to be executed from this list:. ALERT sends the user an alert event on each state change.
RESTART restarts the service and sends an alert. Restart isconducted by calling service's registered restart method or by firstcalling the stop method followed by start method if restart is notset. START starts the service by calling the service's registered startmethod and sends an alert.
STOP stops the service by calling the service's registered stopmethod and sends an alert. If Monit stops a service it will not bechecked by Monit anymore nor restarted again later. To reactivatemonitoring of the service again you must explicitly enable monitoring fromthe web interface or from the console. EXEC can be used to execute an arbitrary program and send analert.
If you choose this action you must state the program to be executedand if the program require arguments you must enclose the program and itsarguments in a quoted string. You may optionally specify the uid and gidthe executed program should switch to upon start. For instance.
Program checks are asynchronous. Meaning that Monit will not wait for theprogram to exit, but instead, Monit will start the program in the backgroundand immediately continue checking the next service entry in monitrc.
Atthe next cycle, Monit will check if the program has finished and if so,collect the programs exit status - if the status indicate a failure, Monitwill raise an alert message containing the program's error (stderr) output, ifany. If the program has not exited after the first cycle, Monit will waitanother cycle and so on. If the program is still running after 5 minutes,Monit will kill it and generate a program timeout event.
It is possible tooverride the default timeout (see the syntax below). The asynchronous nature of the program check allows for non-blocking behavior inthe current Monit design, but it comes with a side-effect: when the programhas finished executing and is waiting for Monit to collect the result, itbecomes a so-called 'zombie' process. A zombie process does notconsume any system resources (only the PID remains in use) and it is underMonit's control and the zombie process is removed from the system as soon asMonit collects the exit status. This means that every 'checkprogram' will be associated with either a running process or a temporaryzombie. This unwanted zombie side-effect will be removed in a later release ofMonit. Check program hwtest with path /usr/local/bin/hwtest.shif status = 1 then alertif status = 3 for 5 cycles then exec '/usr/local/bin/emergency.sh'NETWORK PING TESTMonit can perform a network ping test by sending ICMP echo request datagrampackets to a host and wait for the reply. This test can only be used within acheck host statement.
Monit must also run as the root user in order to be ableto perform the ping test (because a ping test must use raw sockets whichusually only the super user is allowed to do). The COUNT parameter specifies how many consecutive ping requests will besent to the host in one cycle. If no reply arrive within TIMEOUTseconds, Monit reports an error.
If at least one reply was received, the pingtest is considered a success. Monit will, by default, send three pingrequest packets in one cycle to prevent false alarm (i.e. Up to 66% packetloss is tolerated). You can set the COUNT option to a value between 1and 20 to send more or less packets. If you require 100% ping success, set thecount to 1 (i.e. Just one request will be sent, and if the packet was lost anerror will be reported).
Here's a more advanced example for monitoring an apache web-server listening onthe default port number for HTTP and HTTPS. In this example Monit will restartapache if it's not accepting connections at the port numbers. The method Monituse for a process restart is to first execute the stop-program, wait up to 30sfor the process to stop and then execute the start-program and wait up to 30sfor it to start.
The length of start or stop timeout can be overridden usingthe 'timeout' option. If Monit was unable to stop or start the service afailed alert message will be sent if you have requested alert messages to besent. This example demonstrate how you can run a program as a specified user (uid) andwith a specified group (gid). Many daemon programs will do the uid and gidswitch by them self, but for those programs that does not (e.g. Javaprograms), monit's ability to start a program as a certain user can be veryuseful. In this example we start the Tomcat Java Servlet Engine as thestandard nobody user and group. Please note that Monit will only switchuid and gid for a program if the super-user is running monit, otherwise Monitwill simply ignore the request to change uid and gid.
Check process oracle with pidfile /var/run/oracle.pidstart = '/etc/init.d/oracle start'stop = '/etc/init.d/oracle stop'if failed port 9001 for 3 cycles then restartcheck process oracle-importwith pidfile /var/run/oracle-import.pidstart = '/etc/init.d/oracle-import start'stop = '/etc/init.d/oracle-import stop'depends on oraclecheck process oracle-exportwith pidfile /var/run/oracle-export.pidstart = '/etc/init.d/oracle-export start'stop = '/etc/init.d/oracle-export stop'depends on oracleFILES /.monitrcDefault run control file. /.monit.idMonit save its unique id to this file.ENVIRONMENTNo environment variables are used by Monit. However, when Monit execute a scriptor a program Monit will set several environment variables which can beutilized by the executable.
The following and only the followingenvironment variables are available:MONITEVENT The event that occurred on the service MONITDESCRIPTION A description of the error condition MONITSERVICE The name of the service (from monitrc) on which the event occurred. MONITDATE The time and date (RFC 822 style) the event occurred MONITHOST The host the event occurred on. The following environment variables are only available for process serviceentries:MONITPROCESSPID The process pid. This may be 0 if the process was (re)started, MONITPROCESSMEMORY Process memory.
This may be 0 if the process was (re)started, MONITPROCESSCHILDREN Process children. This may be 0 if the process was (re)started, MONITPROCESSCPUPERCENT Process cpu%. This may be 0 if the process was (re)started, SIGNALSIf a Monit daemon is running, SIGUSR1 wakes it up from its sleep phase andforces a poll of all services.
SIGTERM and SIGINT will gracefully terminate aMonit daemon. The SIGTERM signal is sent to a Monit daemon if Monit is startedwith the quit action argument. The syntax (and parser) of the control file was inspired by Eric S. Raymond etal.
Excellent fetchmail program. Some portions of this man page also receiveinspiration from the same authors.COPYRIGHTCopyright (C) 2001-2014 by Tildeslash Ltd. All Rights Reserved.
This product isdistributed in the hope that it will be useful, but WITHOUT any warranty;without even the implied warranty of MERCHANTABILITY or FITNESS for aparticular purpose.SEE ALSOGNU text utilities;;;;;; www.mmonit.comSeptember 23.
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2023
Categories |