Created
December 29, 2017 03:47
-
-
Save vietdien2005/c8b38cbf3811c6c3a8aeffeab687f28b to your computer and use it in GitHub Desktop.
LEMP config monit
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Apache monitoring. | |
| ## Test the httpd service. | |
| check process apache with pidfile /run/httpd/httpd.pid | |
| group apache | |
| start program = "/usr/bin/systemctl start httpd" | |
| stop program = "/usr/bin/systemctl stop httpd" | |
| restart program = "/usr/bin/systemctl restart httpd" | |
| ## Test port 80. Restart if the server is down. | |
| if failed host localhost port 80 protocol http then restart | |
| ## If the restarts attempts fail then alert. | |
| if 3 restarts within 5 cycles then timeout | |
| depends on apache_bin | |
| depends on apache_init | |
| alert root@localhost only on {timeout} | |
| ## Test the process binary. | |
| check file apache_bin with path /usr/sbin/httpd | |
| group apache | |
| if failed checksum then unmonitor | |
| if failed permission 755 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Test the init scripts. | |
| check file apache_init with path /usr/lib/systemd/system/httpd.service | |
| group apache | |
| if failed checksum then unmonitor | |
| if failed permission 644 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Nginx monitoring. | |
| ## Test the nginx service. | |
| check process nginx with pidfile /run/nginx.pid | |
| group nginx | |
| start program = "/usr/bin/systemctl start nginx" | |
| stop program = "/usr/bin/systemctl stop nginx" | |
| restart program = "/usr/bin/systemctl restart nginx" | |
| ## Test port 80. Restart if the server is down. | |
| if failed host localhost port 80 protocol http then restart | |
| ## If the restarts attempts fail then alert. | |
| if 3 restarts within 5 cycles then timeout | |
| depends on nginx_bin | |
| depends on nginx_init | |
| alert root@localhost only on {timeout} | |
| ## Test the process binary. | |
| check file nginx_bin with path /usr/sbin/nginx | |
| group nginx | |
| if failed checksum then unmonitor | |
| if failed permission 755 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Test the init scripts. | |
| check file nginx_init with path /usr/lib/systemd/system/nginx.service | |
| group nginx | |
| if failed checksum then unmonitor | |
| if failed permission 644 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Mariadb monitoring. | |
| ## Test the mariadb service. | |
| check process mariadb with pidfile /run/mariadb/mariadb.pid | |
| group database | |
| start program = "/usr/bin/systemctl start mariadb" | |
| stop program = "/usr/bin/systemctl stop mariadb" | |
| restart program = "/usr/bin/systemctl restart mariadb" | |
| if failed port 3306 protocol mysql then restart | |
| if 3 restarts within 5 cycles then timeout | |
| # This process check depends on checking the binary if the mariadb | |
| # daemon and the init script. | |
| depends on mariadb_bin | |
| depends on mariadb_init | |
| alert root@localhost only on {timeout} | |
| ## Test the process binary. | |
| check file mariadb_bin with path /usr/bin/mysqld_safe | |
| group database | |
| if failed checksum then unmonitor | |
| if failed permission 755 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Test the init scripts. | |
| check file mariadb_init with path /usr/lib/systemd/system/mariadb.service | |
| group database | |
| if failed checksum then unmonitor | |
| if failed permission 644 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## PHP-FPM monitoring. | |
| ## Test the php-fpm service. | |
| check process php-fpm-tcp with pidfile /run/php-fpm/php-fpm.pid | |
| group phpcgi-tcp | |
| start program = "/usr/bin/systemctl start php-fpm" | |
| stop program = "/usr/bin/systemctl stop php-fpm" | |
| restart program = "/usr/bin/systemctl restart php-fpm" | |
| ## Test the FCGI protocol with an empty FCGI request. | |
| if failed port 9000 | |
| ## This was based from here: | |
| ## http://richard.wallman.org.uk/2010/03/monitor-a-fastcgi-server-using-monit/ | |
| ## and here: | |
| ## http://stackoverflow.com/questions/1302209/how-do-i-ping-a-fastcgi-server. | |
| ## Send FastCGI packet: version 1 (0x01), cmd FCGI_GET_VALUES (0x09) | |
| ## padding 8 bytes (0x08), followed by 8xNULLs padding. | |
| ## This follows the FCGI spec at http://www.fastcgi.com/devkit/doc/fcgi-spec.html#S3. | |
| ## 1. Version - 1 byte (version 1). | |
| ## 2. Type - 1 byte (FCGI_GET_VALUES = 9). | |
| ## 3. Request ID - 2 bytes (set to 0 - null request ID). | |
| ## 4. Content length - 2 bytes (set to 0). | |
| ## 5. Padding length - 1 byte (set to 8). | |
| ## 6. Reserved - 1 byte (set to 0). | |
| ## 7. Content data - variable size set to NULL. | |
| ## 8. Padding data - variable size set to 8 bytes (all NULL). | |
| send "\0x01\0x09\0x00\0x00\0x00\0x00\0x08\0x00\0x00\0x00\0x00\0x00\0x00\0x00\0x00\0x00" | |
| ## Expect FastCGI packet: version 1 (0x01), resp FCGI_GET_VALUES_RESULT (0x0A). | |
| ## 1. Version - 1 byte (version 1). | |
| ## 2. Type - 1 byte (FCGI_GET_VALUES_RESULT = 10). | |
| expect "\0x01\0x0A" | |
| ## Timeout because we don't care about anything else then the two initial bytes. | |
| timeout 5 seconds | |
| then restart | |
| ## If the restarts attempts fail then alert. | |
| if 3 restarts within 5 cycles then timeout | |
| depends on php-fpm-tcp_bin | |
| depends on php-fpm-tcp_init | |
| alert root@localhost only on {timeout} | |
| ## Test the php-fpm binary. | |
| check file php-fpm-tcp_bin with path /usr/sbin/php-fpm | |
| group phpcgi-tcp | |
| if failed checksum then unmonitor | |
| if failed permission 755 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Test the init scripts. | |
| check file php-fpm-tcp_init with path /usr/lib/systemd/system/php-fpm.service | |
| group phpcgi-tcp | |
| if failed checksum then unmonitor | |
| if failed permission 644 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## SSH monitoring. | |
| ## Test the sshd service. | |
| check process sshd with pidfile /run/sshd.pid | |
| group ssh | |
| start program = "/usr/bin/systemctl start sshd" | |
| stop program = "/usr/bin/systemctl stop sshd" | |
| restart program = "/usr/bin/systemctl restart sshd" | |
| if failed port 22 protocol ssh then restart | |
| if 3 restarts within 5 cycles then timeout | |
| depends on sshd_bin | |
| depends on sshd_init | |
| alert root@localhost only on {timeout} | |
| ## Test the process binary. | |
| check file sshd_bin with path /usr/sbin/sshd | |
| group ssh | |
| if failed checksum then unmonitor | |
| if failed permission 755 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Test the init scripts. | |
| check file sshd_init with path /usr/lib/systemd/system/sshd.service | |
| group ssh | |
| if failed checksum then unmonitor | |
| if failed permission 644 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Cron monitoring. | |
| ## Test the crond service. | |
| check process crond with pidfile /run/crond.pid | |
| group cron | |
| start program = "/usr/bin/systemctl start crond" | |
| stop program = "/usr/bin/systemctl stop crond" | |
| restart program = "/usr/bin/systemctl restart crond" | |
| depends on crond_bin | |
| depends on crond_init | |
| alert root@localhost | |
| ## Test the process binary. | |
| check file crond_bin with path /usr/sbin/crond | |
| group cron | |
| if failed checksum then unmonitor | |
| if failed permission 755 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Test the init scripts. | |
| check file crond_init with path /usr/lib/systemd/system/crond.service | |
| group cron | |
| if failed checksum then unmonitor | |
| if failed permission 644 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Postfix monitoring. | |
| ## Test the postfix service. | |
| check process postfix with pidfile /var/spool/postfix/pid/master.pid | |
| group mailserver | |
| start program = "/usr/bin/systemctl start postfix" | |
| stop program = "/usr/bin/systemctl stop postfix" | |
| restart program = "/usr/bin/systemctl restart postfix" | |
| if failed port 25 protocol smtp then restart | |
| if 3 restarts within 5 cycles then timeout | |
| depends on postfix_bin | |
| depends on postfix_init | |
| alert root@localhost only on {timeout} | |
| ## Test the process binary. | |
| check file postfix_bin with path /usr/sbin/postfix | |
| group mailserver | |
| if failed checksum then unmonitor | |
| if failed permission 755 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Test the init scripts. | |
| check file postfix_init with path /usr/lib/systemd/system/postfix.service | |
| group mailserver | |
| if failed checksum then unmonitor | |
| if failed permission 644 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Memcache monitoring. | |
| ## Test the memcached service. | |
| check process memcached matching "memcache" | |
| group memcache | |
| start program = "/usr/bin/systemctl start memcached" | |
| stop program = "/usr/bin/systemctl stop memcached" | |
| restart program = "/usr/bin/systemctl restart memcached" | |
| if failed port 11211 protocol memcache then restart | |
| if 3 restarts within 5 cycles then timeout | |
| depends on memcached_bin | |
| depends on memcached_init | |
| alert root@localhost only on {timeout} | |
| ## Test the process binary. | |
| check file memcached_bin with path /usr/bin/memcached | |
| group memcache | |
| if failed checksum then unmonitor | |
| if failed permission 755 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Test the init scripts. | |
| check file memcached_init with path /usr/lib/systemd/system/memcached.service | |
| group memcache | |
| if failed checksum then unmonitor | |
| if failed permission 644 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Solr monitoring. | |
| ## Test the solr service. | |
| check process solr with pidfile /var/solr/solr-8983.pid | |
| group solr | |
| start program = "/usr/bin/systemctl start solr" | |
| stop program = "/usr/bin/systemctl stop solr" | |
| restart program = "/usr/bin/systemctl restart solr" | |
| if failed port 8983 then restart | |
| if 3 restarts within 5 cycles then timeout | |
| depends on solr_bin | |
| depends on solr_init | |
| alert root@localhost only on {timeout} | |
| ## Test the process binary. | |
| check file solr_bin with path /opt/solr/bin/solr | |
| group solr | |
| if failed checksum then unmonitor | |
| if failed permission 755 then unmonitor | |
| if failed uid solr then unmonitor | |
| if failed gid solr then unmonitor | |
| alert root@localhost | |
| ## Test the init scripts. | |
| check file solr_init with path /etc/init.d/solr | |
| group solr | |
| if failed checksum then unmonitor | |
| if failed permission 744 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Mongodb monitoring. | |
| ## Test the mongodb service. | |
| check process mongodb with pidfile /run/mongodb/mongod.pid | |
| group mongodb | |
| start program = "/etc/init.d/mongod start" | |
| stop program = "/etc/init.d/mongod stop" | |
| restart program = "/etc/init.d/mongod restart" | |
| if failed port 27017 then restart | |
| if 3 restarts within 5 cycles then timeout | |
| # This process check depends on checking the binary if the mariadb | |
| # daemon and the init script. | |
| depends on mongodb_bin | |
| depends on mongodb_init | |
| alert root@localhost only on {timeout} | |
| ## Test the process binary. | |
| check file mongodb_bin with path /usr/bin/mongod | |
| group mongodb | |
| if failed checksum then unmonitor | |
| if failed permission 755 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost | |
| ## Test the init scripts. | |
| check file mongodb_init with path /etc/init.d/mongod | |
| group mongodb | |
| if failed checksum then unmonitor | |
| if failed permission 755 then unmonitor | |
| if failed uid root then unmonitor | |
| if failed gid root then unmonitor | |
| alert root@localhost |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment