API tools faq
paste
ctbrec

ctbrec monit config

ctbrec
Jan 2nd, 2020
209
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 13.28 KB | None | 0 0
raw download clone embed print report
  1. ###############################################################################
  2. ## Monit control file
  3. ###############################################################################
  4. ##
  5. ## Comments begin with a '#' and extend through the end of the line. Keywords
  6. ## are case insensitive. All path's MUST BE FULLY QUALIFIED, starting with '/'.
  7. ##
  8. ## Below you will find examples of some frequently used statements. For
  9. ## information about the control file and a complete list of statements and
  10. ## options, please have a look in the Monit manual.
  11. ##
  12. ##
  13. ###############################################################################
  14. ## Global section
  15. ###############################################################################
  16. ##
  17. ## Start Monit in the background (run as a daemon):
  18. #
  19. set daemon  30              # check services at 30 seconds intervals
  20. #   with start delay 240    # optional: delay the first check by 4-minutes (by
  21. #                           # default Monit check immediately after Monit start)
  22. #
  23. #
  24. ## Set syslog logging. If you want to log to a standalone log file instead,
  25. ## specify the full path to the log file
  26. #
  27. set log syslog
  28.  
  29. #
  30. #
  31. ## Set the location of the Monit lock file which stores the process id of the
  32. ## running Monit instance. By default this file is stored in $HOME/.monit.pid
  33. #
  34. # set pidfile /var/run/monit.pid
  35. #
  36. ## Set the location of the Monit id file which stores the unique id for the
  37. ## Monit instance. The id is generated and stored on first Monit start. By
  38. ## default the file is placed in $HOME/.monit.id.
  39. #
  40. # set idfile /var/.monit.id
  41. #
  42. ## Set the location of the Monit state file which saves monitoring states
  43. ## on each cycle. By default the file is placed in $HOME/.monit.state. If
  44. ## the state file is stored on a persistent filesystem, Monit will recover
  45. ## the monitoring state across reboots. If it is on temporary filesystem, the
  46. ## state will be lost on reboot which may be convenient in some situations.
  47. #
  48. # set statefile /var/.monit.state
  49. #
  50. #
  51.  
  52. ## Set limits for various tests. The following example shows the default values:
  53. ##
  54. # set limits {
  55. #     programOutput:     512 B,      # check program's output truncate limit
  56. #     sendExpectBuffer:  256 B,      # limit for send/expect protocol test
  57. #     fileContentBuffer: 512 B,      # limit for file content test
  58. #     httpContentBuffer: 1 MB,       # limit for HTTP content test
  59. #     networkTimeout:    5 seconds   # timeout for network I/O
  60. #     programTimeout:    300 seconds # timeout for check program
  61. #     stopTimeout:       30 seconds  # timeout for service stop
  62. #     startTimeout:      30 seconds  # timeout for service start
  63. #     restartTimeout:    30 seconds  # timeout for service restart
  64. # }
  65.  
  66. ## Set global SSL options (just most common options showed, see manual for
  67. ## full list).
  68. #
  69. # set ssl {
  70. #     verify     : enable, # verify SSL certificates (disabled by default but STRONGLY RECOMMENDED)
  71. #     selfsigned : allow   # allow self signed SSL certificates (reject by default)
  72. # }
  73. #
  74. #
  75. ## Set the list of mail servers for alert delivery. Multiple servers may be
  76. ## specified using a comma separator. If the first mail server fails, Monit
  77. # will use the second mail server in the list and so on. By default Monit uses
  78. # port 25 - it is possible to override this with the PORT option.
  79. #
  80. # set mailserver mail.bar.baz,               # primary mailserver
  81. #                backup.bar.baz port 10025,  # backup mailserver on port 10025
  82. #                localhost                   # fallback relay
  83. #
  84. #
  85. ## By default Monit will drop alert events if no mail servers are available.
  86. ## If you want to keep the alerts for later delivery retry, you can use the
  87. ## EVENTQUEUE statement. The base directory where undelivered alerts will be
  88. ## stored is specified by the BASEDIR option. You can limit the queue size
  89. ## by using the SLOTS option (if omitted, the queue is limited by space
  90. ## available in the back end filesystem).
  91. #
  92. # set eventqueue
  93. #     basedir /var/monit  # set the base directory where events will be stored
  94. #     slots 100           # optionally limit the queue size
  95. #
  96. #
  97. ## Send status and events to M/Monit (for more informations about M/Monit
  98. ## see https://mmonit.com/). By default Monit registers credentials with
  99. ## M/Monit so M/Monit can smoothly communicate back to Monit and you don't
  100. ## have to register Monit credentials manually in M/Monit. It is possible to
  101. ## disable credential registration using the commented out option below.
  102. ## Though, if safety is a concern we recommend instead using https when
  103. ## communicating with M/Monit and send credentials encrypted. The password
  104. ## should be URL encoded if it contains URL-significant characters like
  105. ## ":", "?", "@". Default timeout is 5 seconds, you can customize it by
  106. ## adding the timeout option.
  107. #
  108. # set mmonit http://monit:monit@192.168.1.10:8080/collector
  109. #     # with timeout 30 seconds              # Default timeout is 5 seconds
  110. #     # and register without credentials     # Don't register credentials
  111. #
  112. #
  113. ## Monit by default uses the following format for alerts if the mail-format
  114. ## statement is missing::
  115. ## --8<--
  116. ## set mail-format {
  117. ##   from:    Monit <monit@$HOST>
  118. ##   subject: monit alert --  $EVENT $SERVICE
  119. ##   message: $EVENT Service $SERVICE
  120. ##                 Date:        $DATE
  121. ##                 Action:      $ACTION
  122. ##                 Host:        $HOST
  123. ##                 Description: $DESCRIPTION
  124. ##
  125. ##            Your faithful employee,
  126. ##            Monit
  127. ## }
  128. ## --8<--
  129. ##
  130. ## You can override this message format or parts of it, such as subject
  131. ## or sender using the MAIL-FORMAT statement. Macros such as $DATE, etc.
  132. ## are expanded at runtime. For example, to override the sender, use:
  133. #
  134. # set mail-format { from: monit@foo.bar }
  135. #
  136. #
  137. ## You can set alert recipients whom will receive alerts if/when a
  138. ## service defined in this file has errors. Alerts may be restricted on
  139. ## events by using a filter as in the second example below.
  140. #
  141. # set alert sysadm@foo.bar                       # receive all alerts
  142. #
  143. ## Do not alert when Monit starts, stops or performs a user initiated action.
  144. ## This filter is recommended to avoid getting alerts for trivial cases.
  145. #
  146. # set alert your-name@your.domain not on { instance, action }
  147. #
  148. #
  149. ## Monit has an embedded HTTP interface which can be used to view status of
  150. ## services monitored and manage services from a web interface. The HTTP
  151. ## interface is also required if you want to issue Monit commands from the
  152. ## command line, such as 'monit status' or 'monit restart service' The reason
  153. ## for this is that the Monit client uses the HTTP interface to send these
  154. ## commands to a running Monit daemon. See the Monit Wiki if you want to
  155. ## enable SSL for the HTTP interface.
  156. #
  157. set httpd port 2812 and
  158.     use address localhost  # only accept connection from localhost (drop if you use M/Monit)
  159.     allow localhost        # allow localhost to connect to the server and
  160.     allow admin:monit      # require user 'admin' with password 'monit'
  161.     #with ssl {            # enable SSL/TLS and set path to server certificate
  162.     #    pemfile: /etc/ssl/certs/monit.pem
  163.     #}
  164.  
  165. ###############################################################################
  166. ## Services
  167. ###############################################################################
  168. ##
  169. ## Check general system resources such as load average, cpu and memory
  170. ## usage. Each test specifies a resource, conditions and the action to be
  171. ## performed should a test fail.
  172. #
  173. #  check system $HOST
  174. #    if loadavg (1min) per core > 2 for 5 cycles then alert
  175. #    if loadavg (5min) per core > 1.5 for 10 cycles then alert
  176. #    if cpu usage > 95% for 10 cycles then alert
  177. #    if memory usage > 75% then alert
  178. #    if swap usage > 25% then alert
  179. #
  180. #
  181. ## Check if a file exists, checksum, permissions, uid and gid. In addition
  182. ## to alert recipients in the global section, customized alert can be sent to
  183. ## additional recipients by specifying a local alert handler. The service may
  184. ## be grouped using the GROUP option. More than one group can be specified by
  185. ## repeating the 'group name' statement.
  186. #
  187. #  check file apache_bin with path /usr/local/apache/bin/httpd
  188. #    if failed checksum and
  189. #       expect the sum 8f7f419955cefa0b33a2ba316cba3659 then unmonitor
  190. #    if failed permission 755 then unmonitor
  191. #    if failed uid "root" then unmonitor
  192. #    if failed gid "root" then unmonitor
  193. #    alert security@foo.bar on {
  194. #           checksum, permission, uid, gid, unmonitor
  195. #        } with the mail-format { subject: Alarm! }
  196. #    group server
  197. #
  198. #
  199. ## Check that a process is running, in this case Apache, and that it respond
  200. ## to HTTP and HTTPS requests. Check its resource usage such as cpu and memory,
  201. ## and number of children. If the process is not running, Monit will restart
  202. ## it by default. In case the service is restarted very often and the
  203. ## problem remains, it is possible to disable monitoring using the TIMEOUT
  204. ## statement. This service depends on another service (apache_bin) which
  205. ## is defined above.
  206. #
  207. #  check process apache with pidfile /usr/local/apache/logs/httpd.pid
  208. #    start program = "/etc/init.d/httpd start" with timeout 60 seconds
  209. #    stop program  = "/etc/init.d/httpd stop"
  210. #    if cpu > 60% for 2 cycles then alert
  211. #    if cpu > 80% for 5 cycles then restart
  212. #    if totalmem > 200.0 MB for 5 cycles then restart
  213. #    if children > 250 then restart
  214. #    if disk read > 500 kb/s for 10 cycles then alert
  215. #    if disk write > 500 kb/s for 10 cycles then alert
  216. #    if failed host www.tildeslash.com port 80 protocol http and request "/somefile.html" then restart
  217. #    if failed port 443 protocol https with timeout 15 seconds then restart
  218. #    if 3 restarts within 5 cycles then unmonitor
  219. #    depends on apache_bin
  220. #    group server
  221. #
  222. check process ctbrec with pidfile /tmp/ctbrec/ctbrec.pid
  223.   start program = "/tmp/ctbrec/server-linux.sh start" with timeout 60 seconds
  224.   stop program  = "/tmp/ctbrec/server-linux.sh stop" with timeout 600 seconds
  225.   group server
  226.  
  227. check filesystem rootfs with path /
  228.   if space usage > 90% then alert
  229.  
  230.  
  231. ## Check filesystem permissions, uid, gid, space usage, inode usage and disk I/O.
  232. ## Other services, such as databases, may depend on this resource and an automatically
  233. ## graceful stop may be cascaded to them before the filesystem will become full and data
  234. ## lost.
  235. #
  236. #  check filesystem datafs with path /dev/sdb1
  237. #    start program  = "/bin/mount /data"
  238. #    stop program  = "/bin/umount /data"
  239. #    if failed permission 660 then unmonitor
  240. #    if failed uid "root" then unmonitor
  241. #    if failed gid "disk" then unmonitor
  242. #    if space usage > 80% for 5 times within 15 cycles then alert
  243. #    if space usage > 99% then stop
  244. #    if inode usage > 30000 then alert
  245. #    if inode usage > 99% then stop
  246. #    if read rate > 1 MB/s for 5 cycles then alert
  247. #    if read rate > 500 operations/s for 5 cycles then alert
  248. #    if write rate > 1 MB/s for 5 cycles then alert
  249. #    if write rate > 500 operations/s for 5 cycles then alert
  250. #    if service time > 10 milliseconds for 3 times within 5 cycles then alert
  251. #    group server
  252. #
  253. #
  254. ## Check a file's timestamp. In this example, we test if a file is older
  255. ## than 15 minutes and assume something is wrong if its not updated. Also,
  256. ## if the file size exceed a given limit, execute a script
  257. #
  258. #  check file database with path /data/mydatabase.db
  259. #    if failed permission 700 then alert
  260. #    if failed uid "data" then alert
  261. #    if failed gid "data" then alert
  262. #    if timestamp > 15 minutes then alert
  263. #    if size > 100 MB then exec "/my/cleanup/script" as uid dba and gid dba
  264. #
  265. #
  266. ## Check directory permission, uid and gid.  An event is triggered if the
  267. ## directory does not belong to the user with uid 0 and gid 0.  In addition,
  268. ## the permissions have to match the octal description of 755 (see chmod(1)).
  269. #
  270. #  check directory bin with path /bin
  271. #    if failed permission 755 then unmonitor
  272. #    if failed uid 0 then unmonitor
  273. #    if failed gid 0 then unmonitor
  274. #
  275. #
  276. ## Check a remote host availability by issuing a ping test and check the
  277. ## content of a response from a web server. Up to three pings are sent and
  278. ## connection to a port and an application level network check is performed.
  279. #
  280. #  check host myserver with address 192.168.1.1
  281. #    if failed ping then alert
  282. #    if failed port 3306 protocol mysql with timeout 15 seconds then alert
  283. #    if failed port 80 protocol http
  284. #       and request /some/path with content = "a string"
  285. #    then alert
  286. #
  287. #
  288. ## Check a network link status (up/down), link capacity changes, saturation
  289. ## and bandwidth usage.
  290. #
  291. #  check network public with interface eth0
  292. #    if failed link then alert
  293. #    if changed link then alert
  294. #    if saturation > 90% then alert
  295. #    if download > 10 MB/s then alert
  296. #    if total uploaded > 1 GB in last hour then alert
  297. #
  298. #
  299. ## Check custom program status output.
  300. #
  301. #  check program myscript with path /usr/local/bin/myscript.sh
  302. #    if status != 0 then alert
  303. #
  304. #
  305. ###############################################################################
  306. ## Includes
  307. ###############################################################################
  308. ##
  309. ## It is possible to include additional configuration parts from other files or
  310. ## directories.
  311. #
  312. #  include /etc/monit.d/*
  313. #
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!