HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Tips/Tricks/Mods (http://www.howtoforge.com/forums/forumdisplay.php?f=29)
-   -   monitrc configuration for Debian ISPConfig 3 server (http://www.howtoforge.com/forums/showthread.php?t=43177)

Hans 31st January 2010 14:46

monitrc configuration for Debian ISPConfig 3 server
 
Hi all,

Because the architecture of an ISPConfig 3 server is quiet different then an ISPConfig 2 server, there are also different services to monitor.
So if you use monit, you need to change the configuration file /etc/monit/monitrc as well.

I found out how to monit almost all the services on an ISPConfig 3 server, like Spamassassin, Amavis, MyDNS, PureFTP and all the rest.

So here is the info you need for the monit configuration file:

Code:

# Amavis
#check process amavisd with pidfile /var/run/amavis/amavisd.pid
#  group mail
#  start program = "/etc/init.d/amavis start"
#  stop  program = "/etc/init.d/amavis stop"
#  if failed port 10024 protocol smtp then restart
#  if 5 restarts within 5 cycles then timeout

check process amavisd with pidfile /var/run/amavis/amavisd.pid
  group mail
  start program = "/etc/init.d/amavis start"
  stop  program = "/etc/init.d/amavis stop"
  if failed port 10024 protocol smtp then restart
  if 5 restarts within 5 cycles then timeout
  depends on amavisd_bin
  depends on amavisd_rc

check file amavisd_bin with path  /usr/sbin/amavisd-new
  group mail
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor

check file amavisd_rc with path /etc/init.d/amavis
  group mail
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor

# Apache2
check process apache with pidfile /var/run/apache2.pid
  group www
  start program = "/etc/init.d/apache2 start"
  stop program  = "/etc/init.d/apache2 stop"
  if failed port 80 protocol http then restart
  if cpu is greater than 60% for 2 cycles then alert
  if cpu > 80% for 5 cycles then restart
  if totalmem > 1500 MB for 5 cycles then restart
  if children > 512 then restart
  if loadavg(5min) greater than 10 for 8 cycles then stop
  if 3 restarts within 5 cycles then timeout

# Clamd
check process clamd with pidfile /var/run/clamav/clamd.pid
  group virus
  start program = "/etc/init.d/clamav-daemon start"
  stop  program = "/etc/init.d/clamav-daemon stop"
  if failed unixsocket /var/run/clamav/clamd.ctl then restart
  if 5 restarts within 5 cycles then timeout
  depends on clamavd_bin
  depends on clamavd_rc

check file clamavd_bin with path /usr/sbin/clamd
  group virus
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor

check file clamavd_rc with path /etc/init.d/clamav-daemon
  group virus
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor

# Courier_authdaemon
check process authdaemon with pidfile /var/run/courier/authdaemon/pid
  group services
  start program = "/etc/init.d/courier-authdaemon start"
  stop  program = "/etc/init.d/courier-authdaemon stop"
  if 5 restarts within 5 cycles then timeout

# Cron
check process cron with pidfile /var/run/crond.pid
  start program = "/etc/init.d/cron start"
  stop  program = "/etc/init.d/cron stop"
  group system
  depends cron_init, cron_bin

check file cron_init with path /etc/init.d/cron
  group system

check file cron_bin with path /usr/sbin/cron
  group system

# fail2ban
check process fail2ban with pidfile /var/run/fail2ban/fail2ban.pid
  group services
  start program = "/etc/init.d/fail2ban start"
  stop  program = "/etc/init.d/fail2ban stop"
  if 5 restarts within 5 cycles then timeout

# Courier_imapd
check process imap with pidfile /var/run/courier/imapd.pid
  group mail
  start program = "/etc/init.d/courier-imap start"
  stop  program = "/etc/init.d/courier-imap stop"
  if failed port 143 then restart
  if 5 restarts within 5 cycles then timeout

# Courier_immapd-ssl
check process imapd-ssl with pidfile /var/run/courier/imapd-ssl.pid
  group mail
  start program = "/etc/init.d/courier-imap-ssl start"
  stop  program = "/etc/init.d/courier-imap-ssl stop"
  if failed port 143 then restart
  if 5 restarts within 5 cycles then timeout

# Munin-node
check process munin-node with pidfile /var/run/munin/munin-node.pid
  group services
  start program = "/etc/init.d/munin-node start"
  stop  program = "/etc/init.d/munin-node stop"
  if 5 restarts within 5 cycles then timeout

#MyDNS
check process named with pidfile /var/run/mydns.pid
  start program = "/etc/init.d/mydns start"
  stop program = "/etc/init.d/mydns stop"
  if failed host 127.0.0.1 port 53 then alert
  if 5 restarts within 5 cycles then timeout

# MySQL
check process mysql with pidfile /var/run/mysqld/mysqld.pid
  group database
  start program = "/etc/init.d/mysql start"
  stop program = "/etc/init.d/mysql stop"
  if failed host 127.0.0.1 port 3306 protocol mysql then restart
  if 5 restarts within 5 cycles then timeout

# Courier_pop3d
check process pop3 with pidfile /var/run/courier/pop3d.pid
  group mail
  start program = "/etc/init.d/courier-pop start"
  stop  program = "/etc/init.d/courier-pop stop"
  if failed port 110 then restart
  if 5 restarts within 5 cycles then timeout

# Courier_pop3-ssl
check process pop3-ssl with pidfile /var/run/courier/pop3d-ssl.pid
  group mail
  start program = "/etc/init.d/courier-pop-ssl start"
  stop  program = "/etc/init.d/courier-pop-ssl stop"
  if failed port 995 then restart
  if 5 restarts within 5 cycles then timeout

#postfix
check process postfix with pidfile /var/spool/postfix/pid/master.pid
  group mail
  start program = "/etc/init.d/postfix start"
  stop  program = "/etc/init.d/postfix stop"
  if failed port 25 protocol smtp then restart
  if 5 restarts within 5 cycles then timeout
  depends on postfix_rc

check file postfix_rc with path /etc/init.d/postfix
  group mail
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor

#PureFTPd
check process pure-ftpd with pidfile /var/run/pure-ftpd/pure-ftpd.pid
  start program  "/etc/init.d/pure-ftpd-mysql start"
  stop program  "/etc/init.d/pure-ftpd-mysql stop"
  if failed host 127.0.0.1 port 21 then restart
  if 5 restarts within 5 cycles then timeout

# SSHd
check process sshd with pidfile /var/run/sshd.pid
  start program  "/etc/init.d/ssh start"
  stop program  "/etc/init.d/ssh stop"
  #if failed port 22 protocol ssh then restart
  if failed port 22 then restart
  if 5 restarts within 5 cycles then timeout

# Spamassassin
check process spamd with pidfile /var/run/spamd.pid
  group mail
  start program = "/etc/init.d/spamassassin start"
  stop  program = "/etc/init.d/spamassassin stop"
  if 5 restarts within 5 cycles then timeout
  if cpu usage > 99% for 5 cycles then alert
  if mem usage > 99% for 5 cycles then alert

check file spamd_bin with path /usr/sbin/spamd
  group mail
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor

 check file spamd_rc with path /etc/init.d/spamassassin
  group mail
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor

# Rsyslogd
check process syslogd with pidfile /var/run/rsyslogd.pid
  start program = "/etc/init.d/rsyslog start"
  stop program = "/etc/init.d/rsyslog stop"
  if 5 restarts within 5 cycles then timeout
  check file syslogd_file with path /var/log/syslog

Have fun with monit! :)

Norman 20th March 2011 04:55

This is a useful config.
Might just want to mention that the 1500MB restart limit on apache is a bit slim for big hosts.

vogelor 27th March 2011 23:22

yesterday i commited the first version of the rescue-module.
This is a module integrated into ISPConfig which tries to rescue (restart) the services, if they are down.
The first release only supports apache, but i am working at the other services...

maybe somebody can help me with ideas...

Olli


All times are GMT +2. The time now is 03:15.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.