1

Topic: [FAQ] How to monitor mail related service with monit

Credits

Thanks to dasher for his sharing.

What monit is

Monit is a free open source utility for managing and monitoring, processes, files, directories and filesystems on a UNIX system. Monit conducts automatic maintenance and repair and can execute meaningful causal actions in error situations.

Homepage: http://mmonit.com/monit/

What Monit can do

Monit can start a process if it does not run, restart a process if it does not respond and stop a process if it uses too much resources. You can use Monit to monitor files, directories and filesystems for changes, such as timestamp changes, checksum changes or size changes. You can also monitor remote hosts; Monit can ping a remote host and can check TCP/IP port connections and server protocols. Monit is controlled via an easy to use control file based on a free-format, token-oriented syntax. Monit logs to syslog or to its own log file and notifies you about error conditions and recovery status via customizable alert.

How to install it

- On RHEL/CentOS, you can download monit from EPEL repository, and then install it manually:
  + i386: http://download.fedora.redhat.com/pub/e … rver/i386/
  + x86_64: http://download.fedora.redhat.com/pub/e … er/x86_64/

- On Debian/Ubuntu, you can install monit with apt-get directly:

# apt-get install monit

- On FreeBSD, you can install it with port tree:

# cd /usr/ports/sysutils/monit/
# make install clean
How to configure it

We use RHEL/CentOS as example here.

On RHEL/CentOS, the main config is /etc/monit.conf, and all files under /etc/monit.d/ will be included as config files too.

Monit is configured by default, we just need to add service monitors. You can save and place below files under /etc/monit.d/, and then start monit service.

Reference:

# File: /etc/monit.d/buildinhttp
# Auth user with basic HTTP auth, use plain text as password here.
#
# ---- NOTE: Do NOT forget to open this port in your iptables rules ----
#
set httpd port 2812 and
    #SSL ENABLE         # <- Enable SSL
    #PEMFILE   /var/certs/monit.pem
    allow username:password
# File: /etc/monit.d/amavisd
# amavis
check process amavisd with pidfile /var/amavis/amavisd.pid
   group services
   start program = "/etc/init.d/amavisd start"
   stop  program = "/etc/init.d/amavisd stop"
   if failed port 10024 then restart
   if 5 restarts within 5 cycles then timeout
# File: /etc/monit.d/httpd
 check process apache with pidfile /var/run/httpd.pid
   group www
   start program = "/etc/init.d/httpd start"
   stop  program = "/etc/init.d/httpd stop"
   if failed port 80 then restart
   if 5 restarts within 5 cycles then timeout
   depends on apache_bin
   depends on apache_rc

 check file apache_bin with path /usr/sbin/httpd
   group www
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor

 check file apache_rc with path /etc/init.d/httpd
   group www
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor
# File: /etc/monit.d/clamd
 check process clamd with pidfile /var/run/clamav/clamd.pid
   group virus
   start program = "/etc/init.d/clamd start"
   stop  program = "/etc/init.d/clamd stop"
   if 5 restarts within 5 cycles then timeout
   depends on clamavd_bin
   depends on clamavd_rc

 check file clamavd_bin with path /usr/sbin/clamd
   group virus
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor

 check file clamavd_rc with path /etc/init.d/clamd
   group virus
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor
# File: /etc/monit.d/crond
 check process cron with pidfile /var/run/crond.pid
   group system
   start program = "/etc/init.d/crond start"
   stop  program = "/etc/init.d/crond stop"
   if 5 restarts within 5 cycles then timeout
   depends on cron_rc

 check file cron_rc with path /etc/init.d/crond
   group system
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor
# File: /etc/monit.d/dovecot
check process dovecot with pidfile /var/run/dovecot/master.pid
   start program = "/etc/init.d/dovecot start"
   stop program = "/etc/init.d/dovecot stop"
   group mail
   if failed host localhost port 993 type tcpssl sslauto protocol imap then restart
   if failed host localhost port 143 protocol imap  then restart
   if 5 restarts within 5 cycles then timeout
   depends dovecot_init
   depends dovecot_bin
check file dovecot_init with path /etc/init.d/dovecot
   group mail
check file dovecot_bin with path /usr/sbin/dovecot
   group mail
# File: /etc/monit.d/logging
# log to monit.log
set logfile /var/log/monit.log
# File: /etc/monit.d/mysqld
check process mysql with pidfile /var/run/mysqld/mysqld.pid
   group database
   start program = "/etc/init.d/mysqld start"
   stop program = "/etc/init.d/mysqld stop"
   if failed host 127.0.0.1 port 3306 protocol mysql then restart
   if 5 restarts within 5 cycles then timeout
   depends on mysql_bin
   depends on mysql_rc

 check file mysql_bin with path /usr/bin/mysqld_safe
   group database
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor

 check file mysql_rc with path /etc/init.d/mysqld
   group database
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor
# File: /etc/monit.d/openldap
check process slapd with pidfile /var/run/openldap/slapd.pid
   group database
   start program = "/etc/init.d/ldap start"
   stop program = "/etc/init.d/ldap stop"
   if 5 restarts within 5 cycles then timeout
   depends on slapd_bin
   depends on slapd_rc

 check file slapd_bin with path /usr/sbin/slapd
   group database
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor

 check file slapd_rc with path /etc/init.d/ldap
   group database
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor
# File: /etc/monit.d/policyd
check process policyd with pidfile /var/run/policyd.pid
   group mail
   start program = "/etc/init.d/policyd start"
   stop  program = "/etc/init.d/policyd stop"
   if failed port 10031 protocol postfix-policy then restart
   if 5 restarts within 5 cycles then timeout
   depends on postfix-policyd

 check file postfix-policyd with path /usr/sbin/policyd
   group mail
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor
# File: /etc/monit.d/postfix
check process postfix with pidfile /var/spool/postfix/pid/master.pid
   group mail
   start program = "/etc/init.d/postfix start"
   stop  program = "/etc/init.d/postfix stop"
   if failed port 25 protocol smtp then restart
   if 5 restarts within 5 cycles then timeout
   depends on postfix_rc

 check file postfix_rc with path /etc/init.d/postfix
   group mail
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor
# File: /etc/monit.d/syslog
check process syslogd with pidfile /var/run/syslogd.pid
   start program = "/etc/init.d/syslog start"
   stop program = "/etc/init.d/syslog stop"
   if 5 restarts within 5 cycles then timeout
# File: /etc/monit.d/sshd
 check process sshd with pidfile /var/run/sshd.pid
   start program  "/etc/init.d/sshd start"
   stop program  "/etc/init.d/sshd stop"
   if failed port 22 protocol ssh then restart
   if 5 restarts within 5 cycles then timeout

Start monit service:

# /etc/init.d/monit restart

Access port 2812 of your server address (http://x.x.x.x:2812/) to view the service status. Below are screenshots from monit web site:

http://mmonit.com/monit/_Media/monit47_httpd-2.png
http://mmonit.com/monit/_Media/monit_httpd2-2.png
http://mmonit.com/monit/_Media/monit_httpd1-2.png

2 (edited by conheotiensinh1983 2010-01-20 11:29:52)

Re: [FAQ] How to monitor mail related service with monit

Hi Zhang,

Another Way we can install monit by yum (if you use  centos or Redhat 5 ) as step:

Step1: rpm -Uvh http://packages.sw.be/rpmforge-release/ … f.i386.rpm //create rpmforge.repo

Step 2:yum -y install monit

Beside you can create SSL for access monit by add line

set httpd port 2812 and
  SSL ENABLE
  PEMFILE   /var/certs/monit.pem

My system using monit for monitor system

Thanks for sharing

3

Re: [FAQ] How to monitor mail related service with monit

@conheotiensinh1983: Thanks for your sharing. Added in my post. smile

4

Re: [FAQ] How to monitor mail related service with monit

Hi all,
I have to add 'set daemon 60' to be able to start monit on CentOS

Don't know if you have to do too ?

5

Re: [FAQ] How to monitor mail related service with monit

Reminder: open the port 2812 in iptables
change the username:password to your own. Some symbol may not allow

6

Re: [FAQ] How to monitor mail related service with monit

Hi, just a little observation, that might lead to a trap  - you are using localhost most of the time for testing servers - that means monit will only test the service listening on 127.0.0.1 - if you have dovecot also listening on another IP, you should also test this IP, because you might not be alerted if anything is wrong with your ip configuration or your firewall or anything else. At least you want your mailserver to be reachable from outside world, maybe smile

so change e.g. the dovecot config to

# File: /etc/monit.d/dovecot.monitrc
check process dovecot with pidfile /var/run/dovecot/master.pid
   start program = "/etc/init.d/dovecot start"
   stop program = "/etc/init.d/dovecot stop"
   group mail
   if failed host 74.220.219.116 port 993 type tcpssl sslauto protocol imap then restart
   if failed host 74.220.219.116 port 143 protocol imap  then restart
   if 5 restarts within 5 cycles then timeout
   depends dovecot_init
   depends dovecot_bin
check file dovecot_init with path /etc/init.d/dovecot
   group mail
check file dovecot_bin with path /usr/sbin/dovecot
   group mail

same with postfix - there is an even bigger trap here, because monit assumes 127.0.0.1 if no host is given, so instead of

if failed port 25 protocol smtp then restart

you should write

if failed host 74.220.219.116 port 25 protocol smtp then restart

Also you should use at least one externel email address for alerts, because, well, if your email server is down, you will not receive alerts.

This all sounds very easy, but I have seen more than one installation where people forgot about these very basic things, mostly just copy-n-pasting configs from the internet without thinking. Hope this will make your monit setup more useful smile

have a nice day,
Snaky

7

Re: [FAQ] How to monitor mail related service with monit

Hi, Snaky.

You are right, hope it will help others to setup this. smile

8

Re: [FAQ] How to monitor mail related service with monit

After this I just get Firefox is taking too long to respond where do  I look for error bugs?

Thanks