Naujausias pranešimas: Samba kritinis pažeidžiamumas
frame

Sveiki apsilankę!

Jei forume lankaisi pirmą kartą, kviečiame registruotis ir prisijungti prie diskusijų.

Prisijungti Registruotis

Monit - servisų stebėjimo sistema

IV_RomanLIV_RomanL Interneto vizija
edited 2021 sausio 20 Į Monitoringas
Monit - nemokama, atvirojo kodo programa skirta serverio servisų, programų, failų ir failinių sistemų stebėjimui. Monit automatiškai atlieka reikiamus veiksmus kritinėse serveriui situacijose.

Diegiame CentOS 6/7 64-bit operacinėje sistemoje.

===============
0. Aktyvuojame RPMforge repozitoriją:

CentOS 7:
wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm
rpm -Uvh rpmforge-release-0.5.3-1.el7.rf.x86_64.rpm

CentOS 6:
wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
rpm -Uvh rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm


1. Įdiegiame Monit į serverį:
yum install monit
2. Redaguojame monitrc failą aplanke /etc/monit :
nano monitrc
Įklijuokite šias reikšmes:
###############################################################################
## Monit control file
###############################################################################
##
## Comments begin with a '#' and extend through the end of the line. Keywords
## are case insensitive. All path's MUST BE FULLY QUALIFIED, starting with '/'.
##
## Below you will find examples of some frequently used statements. For 
## information about the control file, a complete list of statements and 
## options please have a look in the monit manual.
##
##
###############################################################################
## Global section
###############################################################################
##
## Start monit in the background (run as a daemon) and check services at 
## 2-minute intervals.
#

set daemon  60

#
#
## Set syslog logging with the 'daemon' facility. If the FACILITY option is
## omitted, monit will use 'user' facility by default. If you want to log to 
## a stand alone log file instead, specify the path to a log file
#

set logfile syslog facility log_daemon                       

#
#
## Set the list of mail servers for alert delivery. Multiple servers may be 
## specified using comma separator. By default monit uses port 25 - this
## is possible to override with the PORT option.
#
#set mailserver mail.bar.baz,               # primary mailserver
#                backup.bar.baz port 10025,  # backup mailserver on port #10025
#                localhost                   # fallback relay
#
#
## By default monit will drop alert events if no mail servers are available. 
## If you want to keep the alerts for a later delivery retry, you can use the 
## EVENTQUEUE statement. The base directory where undelivered alerts will be 
## stored is specified by the BASEDIR option. You can limit the maximal queue
## size using the SLOTS option (if omitted, the queue is limited by space 
## available in the back end filesystem).
#

  set eventqueue
  basedir /var/log/monit  # set the base directory where events will be  stored
#  slots 100           # optionaly limit the queue size

#
#
## Monit by default uses the following alert mail format:
##
## --8<--
## From: monit@$HOST                         # sender
## Subject: monit alert --  $EVENT $SERVICE  # subject
##
## $EVENT Service $SERVICE                   #
##                                           #
##     Date:        $DATE                   #
##     Action:      $ACTION                 #
##     Host:        $HOST                   # body
##     Description: $DESCRIPTION            #
##                                           #
## Your faithful employee,                   #
## monit                                     #
## --8<--
##
## You can override this message format or parts of it, such as subject
## or sender using the MAIL-FORMAT statement. Macros such as $DATE, etc.
## are expanded at runtime. For example, to override the sender:
#
# set mail-format { from: monit@foo.bar }
#
#
## You can set alert recipients here whom will receive alerts if/when a 
## service defined in this file has errors. Alerts may be restricted on 
## events by using a filter as in the second example below. 
#
 set alert vardas@domenas.lt                   # receive all alerts
 set alert vardas@domenas.lt only on { timeout }  # receive just service-
#                                                # timeout alert
#
#
## Monit has an embedded web server which can be used to view status of 
## services monitored, the current configuration, actual services parameters
## and manage services from a web interface.
#
      set httpd port 8090 and
#    use address localhost  # only accept connection from this IP
    allow Jūsų IP       # allow localhost to connect to the server and
    allow vardas:slaptažodis   # require user 'admin' with password 'monit'
#
#

###############################################################################
## Services
###############################################################################
##
## Check general system resources such as load average, cpu and memory
## usage. Each test specifies a resource, conditions and the action to be
## performed should a test fail.
#
#  check system myhost.mydomain.tld
#    if loadavg (1min) > 4 then alert
#    if loadavg (5min) > 2 then alert
#    if memory usage > 75% then alert
#    if cpu usage (user) > 70% then alert
#    if cpu usage (system) > 30% then alert
#    if cpu usage (wait) > 20% then alert
#
#    
## Check a file for existence, checksum, permissions, uid and gid. In addition
## to alert recipients in the global section, customized alert will be sent to 
## additional recipients by specifying a local alert handler. The service may 
## be grouped using the GROUP option.
#    
#  check file apache_bin with path /usr/local/apache/bin/httpd
#    if failed checksum and 
#       expect the sum 8f7f419955cefa0b33a2ba316cba3659 then unmonitor
#    if failed permission 755 then unmonitor
#    if failed uid root then unmonitor
#    if failed gid root then unmonitor
#    alert security@foo.bar on {
#           checksum, permission, uid, gid, unmonitor
#        } with the mail-format { subject: Alarm! }
#    group server
#
#    
## Check that a process is running, in this case Apache, and that it respond
## to HTTP and HTTPS requests. Check its resource usage such as cpu and memory,
## and number of children. If the process is not running, monit will restart 
## it by default. In case the service was restarted very often and the 
## problem remains, it is possible to disable monitoring using the TIMEOUT
## statement. This service depends on another service (apache_bin) which
## is defined above.

[B]#ProFTPd ftp serveris[/B]

 check process proftpd with pidfile /var/run/proftpd.pid
   start program = "/etc/init.d/proftpd start"
   stop program  = "/etc/init.d/proftpd stop"
   if failed port 21 protocol ftp then restart
   if 5 restarts within 5 cycles then timeout

[B]#SSHd servisas[/B]

check process sshd with pidfile /var/run/sshd.pid
   start program  "/etc/init.d/ssh start"
   stop program  "/etc/init.d/ssh stop"
   if failed port 22 protocol ssh then restart
   if 5 restarts within 5 cycles then timeout

[B]# Postfix Mail serveris[/B]

check process postfix with pidfile /var/spool/postfix/pid/master.pid
   group mail
   start program = "/etc/init.d/postfix start"
   stop  program = "/etc/init.d/postfix stop"
   if failed port 25 protocol smtp then restart
   if 5 restarts within 5 cycles then timeout
   depends on postfix_rc

 check file postfix_rc with path /etc/init.d/postfix
   group mail
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor

[B]# MySQL serveris[/B]

check process mysql with pidfile /var/run/mysqld/mysqld.pid
   group database
   start program = "/etc/init.d/mysqld start"
   stop program = "/etc/init.d/mysqld stop"
   if failed host localhost port 3306 protocol mysql then restart
   if 5 restarts within 5 cycles then timeout
   depends on mysql_rc

 check file mysql_rc with path /etc/init.d/mysql
   group database
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor


## Check device permissions, uid, gid, space and inode usage. Other services,
## such as databases, may depend on this resource and an automatically graceful
## stop may be cascaded to them before the filesystem will become full and data
## lost.
#
#  check device datafs with path /dev/sdb1
#    start program  = "/bin/mount /data"
#    stop program  = "/bin/umount /data"
#    if failed permission 660 then unmonitor
#    if failed uid root then unmonitor
#    if failed gid disk then unmonitor
#    if space usage > 80% for 5 times within 15 cycles then alert
#    if space usage > 99% then stop
#    if inode usage > 30000 then alert
#    if inode usage > 99% then stop
#    group server
#
#
## Check a file's timestamp. In this example, we test if a file is older 
## than 15 minutes and assume something is wrong if its not updated. Also,
## if the file size exceed a given limit, execute a script
#
#  check file database with path /data/mydatabase.db
#    if failed permission 700 then alert
#    if failed uid data then alert
#    if failed gid data then alert
#    if timestamp > 15 minutes then alert
#    if size > 100 MB then exec "/my/cleanup/script"
#
#
## Check directory permission, uid and gid.  An event is triggered if the 
## directory does not belong to the user with uid 0 and gid 0.  In addition, 
## the permissions have to match the octal description of 755 (see chmod(1)).
#
#  check directory bin with path /bin
#    if failed permission 755 then unmonitor
#    if failed uid 0 then unmonitor
#    if failed gid 0 then unmonitor
#
#
## Check a remote host network services availability using a ping test and 
## check response content from a web server. Up to three pings are sent and 
## connection to a port and a application level network check is performed.
#
#  check host myserver with address 192.168.1.1
#    if failed icmp type echo count 3 with timeout 3 seconds then alert
#    if failed port 3306 protocol mysql with timeout 15 seconds then alert
#    if failed url
#       http://user:password@www.foo.bar:8080/?querystring
#       and content == 'action="j_security_check"'
#       then alert
#
#
###############################################################################
## Includes
###############################################################################
##
## It is possible to include additional configuration parts from other files or
## directories.
#
#  include /etc/monit.d/*
#
#
3. Redaguojame monit failą /etc/default/monit aplanke:
nano monit
Įklijuokite šias reikšmes:
# You must set this variable to for monit to start
startup=1

# To change the intervals which monit should run uncomment
# and change this variable.
# CHECK_INTERVALS=180
4. Paleidžiame monit servisą:
service monit start
5. Galite peržiūrėti naršyklėje grafinę monit sistemos aplinką adresu:
serverioIP:8090
===================
Pastabos:

- Prieš įdiegiant stebėjimo sistemą įsitikinkite jog serveryje yra įdiegtos norimos stebėti aplikacijos
- Jei nepavyksta startuoti monit serviso, įsitikinkite jog visus konfiguracinius veiksmus atlikote teisingai (sintaksė, failų egzistavimas)
===================

Nuorodos:

Pažymėtos temos:
Norėdami palikti komentarą, turite prisijungti arba registruokis.
Dedikuoti.lt
Šiame forume rasite informaciją kaip atlikti serverio administravimą, konfigūravimą, įvairių tarnybų bei papildomų aplikacijų diegimą. Taip pat pateiksime rekomendacijų, skirtų serverių saugumui, monitoringui ir optimizavimui. Kviečiame prisijungti prie dedikuotų serverių administratorių bendruomenės, dalyvauti diskusijose ir praplėsti savo žinias serverių administravimo srityje!
© 2007 - 2023 Dedikuoti.lt forumas, visos teisės saugumos.