Monit基础教程

Monit是一个跨平台的用来监控Unix/linux系统（比如Linux、BSD、OSX、Solaris）的工具。Monit易于安装，而且非常轻量级（只有500KB大小），并且不依赖任何第三方程序、插件或者库。

Monit可以监控服务进程状态、HTTP/TCP状态码、服务器资源变化、文件系统变动等等，根据这些变化，可以设定邮件报警、重启进程或服务。易于安装、轻量级的实现以及强大的功能，让Monit成为一个理想的监控工具。

在中小企业中，还没有能力自主开发相应的监控工具，可以考虑使用Monit。

配置文件

主配置文件

root@53dea:/etc/monit# cat monitrc # Monit control file # Comments begin with a '#' and extend through the end of the line. Keywords are case insensitive. All path's MUST BE FULLY QUALIFIED, starting with '/'. Below you will find examples of some frequently used statements. For information about the control file and a complete list of statements and options, please have a look in the Monit manual. # Global section # Start Monit in the background (run as a daemon): # set daemon 120 # check services at 2-minute intervals # with start delay 240 # optional: delay the first check by 4-minutes (by # # default Monit check immediately after Monit start) # # Set syslog logging. If you want to log to a standalone log file instead, specify the full path to the log file # set log /var/log/monit.log # # Set the location of the Monit lock file which stores the process id of the running Monit instance. By default this file is stored in $HOME/.monit.pid # # set pidfile /var/run/monit.pid # Set the location of the Monit id file which stores the unique id for the Monit instance. The id is generated and stored on first Monit start. By default the file is placed in $HOME/.monit.id. # # set idfile /var/.monit.id set idfile /var/lib/monit/id # Set the location of the Monit state file which saves monitoring states on each cycle. By default the file is placed in $HOME/.monit.state. If the state file is stored on a persistent filesystem, Monit will recover the monitoring state across reboots. If it is on temporary filesystem, the state will be lost on reboot which may be convenient in some situations. # set statefile /var/lib/monit/state # # Set limits for various tests. The following example shows the default values: # set limits { # programOutput: 512 B, # check program's output truncate limit # sendExpectBuffer: 256 B, # limit for send/expect protocol test # fileContentBuffer: 512 B, # limit for file content test # httpContentBuffer: 1 MB, # limit for HTTP content test # networkTimeout: 5 seconds # timeout for network I/O # programTimeout: 300 seconds # timeout for check program # stopTimeout: 30 seconds # timeout for service stop # startTimeout: 30 seconds # timeout for service start # restartTimeout: 30 seconds # timeout for service restart # } Set global SSL options (just most common options showed, see manual for full list). # # set ssl { # verify : enable, # verify SSL certificates (disabled by default but STRONGLY RECOMMENDED) # selfsigned : allow # allow self signed SSL certificates (reject by default) # } # # Set the list of mail servers for alert delivery. Multiple servers may be specified using a comma separator. If the first mail server fails, Monit # will use the second mail server in the list and so on. By default Monit uses # port 25 - it is possible to override this with the PORT option. # # set mailserver mail.bar.baz, # primary mailserver # backup.bar.baz port 10025, # backup mailserver on port 10025 # localhost # fallback relay # # By default Monit will drop alert events if no mail servers are available. If you want to keep the alerts for later delivery retry, you can use the EVENTQUEUE statement. The base directory where undelivered alerts will be stored is specified by the BASEDIR option. You can limit the queue size by using the SLOTS option (if omitted, the queue is limited by space available in the back end filesystem). # set eventqueue basedir /var/lib/monit/events # set the base directory where events will be stored slots 100 # optionally limit the queue size # # Send status and events to M/Monit (for more informations about M/Monit see https://mmonit.com/). By default Monit registers credentials with M/Monit so M/Monit can smoothly communicate back to Monit and you don't have to register Monit credentials manually in M/Monit. It is possible to disable credential registration using the commented out option below. Though, if safety is a concern we recommend instead using https when communicating with M/Monit and send credentials encrypted. The password should be URL encoded if it contains URL-significant characters like ":", "?", "@". Default timeout is 5 seconds, you can customize it by adding the timeout option. # # set mmonit http://monit:monit@192.168.1.10:8080/collector # # with timeout 30 seconds # Default timeout is 5 seconds # # and register without credentials # Don't register credentials # # Monit by default uses the following format for alerts if the mail-format statement is missing:: --8<-- set mail-format { from: Monit 
  
    subject: monit alert -- $EVENT $SERVICE message: $EVENT Service $SERVICE Date: $DATE Action: $ACTION Host: $HOST Description: $DESCRIPTION Your faithful employee, Monit } --8<-- You can override this message format or parts of it, such as subject or sender using the MAIL-FORMAT statement. Macros such as $DATE, etc. are expanded at runtime. For example, to override the sender, use: # # set mail-format { from: monit@foo.bar } # # You can set alert recipients whom will receive alerts if/when a service defined in this file has errors. Alerts may be restricted on events by using a filter as in the second example below. # # set alert sysadm@foo.bar # receive all alerts # Do not alert when Monit starts, stops or performs a user initiated action. This filter is recommended to avoid getting alerts for trivial cases. # # set alert your-name@your.domain not on { instance, action } # # Monit has an embedded HTTP interface which can be used to view status of services monitored and manage services from a web interface. The HTTP interface is also required if you want to issue Monit commands from the command line, such as 'monit status' or 'monit restart service' The reason for this is that the Monit client uses the HTTP interface to send these commands to a running Monit daemon. See the Monit Wiki if you want to enable SSL for the HTTP interface. # set httpd port 2812 and use address localhost # only accept connection from localhost allow localhost # allow localhost to connect to the server and allow admin:monit # require user 'admin' with password 'monit' # #with ssl { # enable SSL/TLS and set path to server certificate # # pemfile: /etc/ssl/certs/monit.pem # #} # Services # Check general system resources such as load average, cpu and memory usage. Each test specifies a resource, conditions and the action to be performed should a test fail. # # check system $HOST # if loadavg (1min) > 4 then alert # if loadavg (5min) > 2 then alert # if cpu usage > 95% for 10 cycles then alert # if memory usage > 75% then alert # if swap usage > 25% then alert # # Check if a file exists, checksum, permissions, uid and gid. In addition to alert recipients in the global section, customized alert can be sent to additional recipients by specifying a local alert handler. The service may be grouped using the GROUP option. More than one group can be specified by repeating the 'group name' statement. # # check file apache_bin with path /usr/local/apache/bin/httpd # if failed checksum and # expect the sum 8f7f419955cefa0b33a2ba316cba3659 then unmonitor # if failed permission 755 then unmonitor # if failed uid "root" then unmonitor # if failed gid "root" then unmonitor # alert security@foo.bar on { # checksum, permission, uid, gid, unmonitor # } with the mail-format { subject: Alarm! } # group server # # Check that a process is running, in this case Apache, and that it respond to HTTP and HTTPS requests. Check its resource usage such as cpu and memory, and number of children. If the process is not running, Monit will restart it by default. In case the service is restarted very often and the problem remains, it is possible to disable monitoring using the TIMEOUT statement. This service depends on another service (apache_bin) which is defined above. # # check process apache with pidfile /usr/local/apache/logs/httpd.pid # start program = "/etc/init.d/httpd start" with timeout 60 seconds # stop program = "/etc/init.d/httpd stop" # if cpu > 60% for 2 cycles then alert # if cpu > 80% for 5 cycles then restart # if totalmem > 200.0 MB for 5 cycles then restart # if children > 250 then restart # if loadavg(5min) greater than 10 for 8 cycles then stop # if disk read > 500 kb/s for 10 cycles then alert # if disk write > 500 kb/s for 10 cycles then alert # if failed host www.tildeslash.com port 80 protocol http and request "/somefile.html" then restart # if failed port 443 protocol https with timeout 15 seconds then restart # if 3 restarts within 5 cycles then unmonitor # depends on apache_bin # group server # # Check filesystem permissions, uid, gid, space usage, inode usage and disk I/O. Other services, such as databases, may depend on this resource and an automatically graceful stop may be cascaded to them before the filesystem will become full and data lost. # # check filesystem datafs with path /dev/sdb1 # start program = "/bin/mount /data" # stop program = "/bin/umount /data" # if failed permission 660 then unmonitor # if failed uid "root" then unmonitor # if failed gid "disk" then unmonitor # if space usage > 80% for 5 times within 15 cycles then alert # if space usage > 99% then stop # if inode usage > 30000 then alert # if inode usage > 99% then stop # if read rate > 1 MB/s for 5 cycles then alert # if read rate > 500 operations/s for 5 cycles then alert # if write rate > 1 MB/s for 5 cycles then alert # if write rate > 500 operations/s for 5 cycles then alert # if service time > 10 milliseconds for 3 times within 5 cycles then alert # group server # # Check a file's timestamp. In this example, we test if a file is older than 15 minutes and assume something is wrong if its not updated. Also, if the file size exceed a given limit, execute a script # # check file database with path /data/mydatabase.db # if failed permission 700 then alert # if failed uid "data" then alert # if failed gid "data" then alert # if timestamp > 15 minutes then alert # if size > 100 MB then exec "/my/cleanup/script" as uid dba and gid dba # # Check directory permission, uid and gid. An event is triggered if the directory does not belong to the user with uid 0 and gid 0. In addition, the permissions have to match the octal description of 755 (see chmod(1)). # # check directory bin with path /bin # if failed permission 755 then unmonitor # if failed uid 0 then unmonitor # if failed gid 0 then unmonitor # # Check a remote host availability by issuing a ping test and check the content of a response from a web server. Up to three pings are sent and connection to a port and an application level network check is performed. # # check host myserver with address 192.168.1.1 # if failed ping then alert # if failed port 3306 protocol mysql with timeout 15 seconds then alert # if failed port 80 protocol http # and request /some/path with content = "a string" # then alert # # Check a network link status (up/down), link capacity changes, saturation and bandwidth usage. # # check network public with interface eth0 # if failed link then alert # if changed link then alert # if saturation > 90% then alert # if download > 10 MB/s then alert # if total uploaded > 1 GB in last hour then alert # # Check custom program status output. # # check program myscript with path /usr/local/bin/myscript.sh # if status != 0 then alert # # # Includes # It is possible to include additional configuration parts from other files or directories. # include /etc/monit/conf.d/* include /etc/monit/conf-enabled/* # 
  

服务配置

root@53dea:/etc/monit/conf.d# cat spawn-fcgi.conf # 该配置文件是 监听9001端口的pid文件 check process spawn-fcgi-9001 with pidfile /var/run/scan.9001.pid #9001端口服务启动命令 start program = "/light_keypoints/scan/start.sh 9001" #在5个周期内重启三次的话，就不再监控该服务 if 3 restarts within 5 cycles then unmonitor 

服务启动

启动Monit服务

root@53dea:/etc/monit/conf.d# service monit start * Starting daemon monitor monit [ OK ] 

查看Monit监控服务状态

root@53dea:/etc/monit/conf.d# monit status Monit 5.25.1 uptime: 0m Process 'spawn-fcgi-9001' status Does not exist monitoring status Monitored monitoring mode active on reboot start data collected Tue, 10 Mar 2020 08:01:45 System '53dea' status OK monitoring status Monitored monitoring mode active on reboot start load average [0.00] [0.02] [0.00] cpu 0.0%us 0.0%sy 0.0%wa memory usage 337.3 MB [4.2%] swap usage 0 B [0.0%] uptime 6d 23h 37m boot time Tue, 03 Mar 2020 08:24:40 data collected Tue, 10 Mar 2020 08:01:45 

 启动所有监控服务

root@53dea:/etc/monit/conf.d# monit start all 

查看所有监控服务状态 

root@53dea:/etc/monit# monit status Monit 5.25.1 uptime: 9h 30m Process 'spawn-fcgi-9001' status OK monitoring status Monitored monitoring mode active on reboot start pid 435 parent pid 1 uid 0 effective uid 0 gid 0 uptime 9h 22m threads 1 children 0 cpu 0.0% cpu total 0.0% memory 0.1% [7.0 MB] memory total 0.1% [7.0 MB] security attribute (null) disk read 0 B/s [272 kB total] data collected Wed, 11 Mar 2020 04:02:13 System '53dea' status OK monitoring status Monitored monitoring mode active on reboot start load average [0.00] [0.00] [0.00] cpu 0.1%us 0.4%sy 0.0%wa memory usage 338.3 MB [4.2%] swap usage 0 B [0.0%] uptime 7d 19h 38m boot time Tue, 03 Mar 2020 08:24:40 data collected Wed, 11 Mar 2020 04:02:13 

常用命令

# 配置文件检测 monit -t # 启动monit 服务 daemon service monit start # 启动monit daemon时指定配置文件 monit -c /var/monit/monitrc # 当更新了配置文件需要重载 monit reload # 查看所有服务状态 monit status # 查看某个服务状态 monit status someone # 启动所有服务 monit start all # 启动某个服务 monit start someone # 停止所有服务 monit stop all # 停止某个服务 monit stop someone monit -V # 查看版本 

配置实例

Monitrc文件 　　set daemon 120 #设置monit检查的间隔时间，单位是秒！！ 　　set logfile syslog facility log_daemon #用syslog来记录log 　　set logfile /var/logs/monit.log #设置日志路径 　　set idfile /var/.monit.id #设置PID文件的位置 　　set mailserver 192.168.0.21, # primary mailserver 邮件服务器的IP 　　set mail-format { from:  } #设置你的邮件从哪个账号发出 　　set alert  #发到我的139邮箱,用139邮箱是因为139有一个邮件到达通知功能 　　set httpd port 2812 and #设置monit监听的端口号 　　use address 192.168.0.21 # 设置monit服务器的IP，可以让你方便的http访问 　　allow admin:pass #设置用户名和密码 　　 Services 　　监控服务器的磁盘使用情况 　　check device system with path /dev/mapper/VolGroup00-LogVol00 　　if space usage > 85% for 5 times within 15 cycles then alert 　　if space usage > 95% then stop 　　if inode usage > 85% then alert 　　if inode usage > 95% then stop 　　 　　#sshd 监控sshd进程 　　check process sshd with pidfile /var/run/sshd.pid 　　start program "/etc/init.d/sshd start" 　　stop program "/etc/init.d/sshd stop" 　　if failed host 127.0.0.1 port 22 then restart 　　if 5 restarts within 5 cycles then timeout 　　# 　　#cron 监控crontab进程 　　check process cron with pidfile /var/run/crond.pid 　　group system start program = "/etc/init.d/crond start" 　　stop program = "/etc/init.d/crond stop" 　　if 5 restarts within 5 cycles then timeout depends on cron_rc 　　# 　　#scripts 监控nginx的日志切割脚本文件 　　check file cut_nginx_log.sh with path /scripts/cut_nginx_log.sh 　　group scripts 　　if failed checksum then unmonitor 　　if failed permission 755 then unmonitor 　　if failed uid root then unmonitor 　　if failed gid root then unmonitor 　　 　　#systemfile 监控passwd文件和group文件 　　check file passwd with path /etc/passwd 　　group system 　　if failed checksum then unmonitor 　　if failed permission 644 then unmonitor 　　if failed uid root then unmonitor 　　if failed gid root then unmonitor 　　check file group with path /etc/group 　　group system 　　if failed checksum then unmonitor 　　if failed permission 644 then unmonitor 　　if failed uid root then unmonitor 　　if failed gid root then unmonitor 　　 　　# 监控本机的25,110端口号 　　check host localhost with address 127.0.0.1 　　if failed port 25 with timeout 15 seconds then exec "/usr/bin/qmailctl restart" 　　if failed port 110 protocol pop with timeout 15 seconds then exec "/usr/bin/vpopmailctl restart"