Some monit configurations for my server, from `/etc/monit/conf.d`:
check process crond with pidfile /var/run/crond.pid group system group crond start program = "/etc/init.d/cron start" stop program = "/etc/init.d/cron stop" if 5 restarts with 5 cycles then timeout depend cron_bin depend cron_rc depend cron_spool check file cron_bin with path /usr/sbin/cron group crond include /etc/monit/templates/rootbin check file cron_rc with path "/etc/init.d/cron" group crond include /etc/monit/templates/rootbin check directory cron_spool with path /var/spool/cron/crontabs group crond if failed permission 1730 then unmonitor if failed uid root then unmonitor if failed gid crontab then unmonitor
check process fail2ban with pidfile /var/run/fail2ban/fail2ban.pid group monitoring start program = "/etc/init.d/fail2ban start" stop program = "/etc/init.d/fail2ban stop" if failed unixsocket /var/run/fail2ban/fail2ban.sock then restart if 5 restarts within 5 cycles then timeout depends on fail2ban_bin depends on fail2ban_rc check file fail2ban_bin with path /usr/bin/fail2ban-client group monitoring include /etc/monit/templates/rootbin check file fail2ban_rc with path /etc/init.d/fail2ban group monitoring include /etc/monit/templates/rootbin
check process munin-node with pidfile /var/run/munin/munin-node.pid group monitoring start program = "/etc/init.d/munin-node start" stop program = "/etc/init.d/munin-node stop" if 5 restarts within 5 cycles then timeout depends on munin-node_bin depends on munin-node_rc check file munin-node_bin with path /usr/sbin/munin-node group monitoring include /etc/monit/templates/rootbin check file munin-node_rc with path /etc/init.d/munin-node group monitoring include /etc/monit/templates/rootbin
check process sshd with pidfile /var/run/sshd.pid group system group sshd start program = "/etc/init.d/ssh start" stop program = "/etc/init.d/ssh stop" if failed host localhost port 22 with proto ssh then restart if 5 restarts with 5 cycles then timeout depend on sshd_bin depend on sftp_bin depend on sshd_rc depend on sshd_rsa_key depend on sshd_dsa_key check file sshd_bin with path /usr/sbin/sshd group sshd include /etc/monit/templates/rootbin check file sftp_bin with path /usr/lib/openssh/sftp-server group sshd include /etc/monit/templates/rootbin check file sshd_rsa_key with path /etc/ssh/ssh_host_rsa_key group sshd include /etc/monit/templates/rootstrict check file sshd_dsa_key with path /etc/ssh/ssh_host_dsa_key group sshd include /etc/monit/templates/rootstrict check file sshd_rc with path /etc/ssh/sshd_config group sshd include /etc/monit/templates/rootrc
check process rsyslog with pidfile /var/run/rsyslogd.pid group monitoring start program = "/etc/init.d/rsyslog start" stop program = "/etc/init.d/rsyslog stop" if 5 restarts within 5 cycles then timeout depends on rsyslog_bin depends on rsyslog_rc check file rsyslog_bin with path /usr/sbin/rsyslogd group monitoring include /etc/monit/templates/rootbin check file rsyslog_rc with path /etc/init.d/rsyslog group monitoring include /etc/monit/templates/rootbin
check process sendmail with pidfile /var/run/sendmail/mta/sendmail.pid group mail start program = "/etc/init.d/sendmail start" stop program = "/etc/init.d/sendmail stop" # if failed port 25 protocol smtp then restart if 5 restarts within 5 cycles then timeout depends on sendmail_bin depends on sendmail_rc # /usr/lib/sendmail points to /etc/alternatives/lib.sendmail which in # turn points to the file tested: check file sendmail_bin with path /usr/lib/sm.bin/sendmail group mail if failed checksum then unmonitor if failed permission 2755 then unmonitor if failed uid root then unmonitor if failed gid smmsp then unmonitor check file sendmail_rc with path /etc/init.d/sendmail group mail include /etc/monit/templates/rootbin
There’s some stuff in `/etc/monit/monitrc` which I adapted from the defaults (the admin password and all that).
I changed the defaults for the system check:
check system Kallobombus if loadavg (5min) > 4 then alert # if loadavg (10min) > 2 then alert # if loadavg (15min) > 1 then alert if memory usage > 75% then alert # if swap usage > 25% then alert # if cpu usage (user) > 98% then alert if cpu usage (user) > 98% for 5 cycles then alert if cpu usage (system) > 50% then alert if cpu usage (wait) > 20% then alert
This is also changed from the defaults in `/etc/monit/monitrc`.
check process apache with pidfile /var/run/apache2.pid
group www
start program = "/etc/init.d/apache2 start"
stop program = "/etc/init.d/apache2 stop"
if failed host alexschroeder.ch port 80 protocol http
and request "/monit/token" then restart
# if cpu is greater than 60% for 2 cycles then alert
# if cpu > 80% for 5 cycles then restart
# if totalmem > 500 MB for 5 cycles then restart
if children > 250 then restart
# if loadavg(5min) greater than 10 for 8 cycles then stop
if 3 restarts within 5 cycles then timeout
Needed to create the file `/etc/rsyncd.conf` in order to actually share something. And I needed to set `RSYNC_ENABLE=true` in `/etc/default/rsync` in order to have rsync start up as a demon. And `sudo service rsync start`, of course.
For monit, however:
check process rsyncd with pidfile /var/run/rsync.pid start program = "/etc/init.d/rsync start" stop program = "/etc/init.d/rsync stop" if 5 restarts with 5 cycles then timeout depend rsync_bin depend rsync_rc depend rsync_conf check file rsync_bin with path /usr/bin/rsync include /etc/monit/templates/rootbin check file rsync_rc with path "/etc/init.d/rsync" include /etc/monit/templates/rootbin check file rsync_conf with path "/etc/rsyncd.conf" include /etc/monit/templates/rootrc
If you have nothing to share, disable it in `/etc/default/rsync` and stop monitoring it. Works for me!
#Monit #Administration