Monitorare un server con Munin e Monit: differenze tra le versioni

Riga 99: Riga 99:
# /etc/init.d/apache2 restart
# /etc/init.d/apache2 restart
# /etc/init.d/munin-node restart
# /etc/init.d/munin-node restart
</pre>
== Installazione di Monit ==
Installare Monit in Debian è semplice:
<pre>
# apt-get install monit
</pre>
Il file di configurazione è <tt>/etc/monit/monitrc</tt>. Il file di default contiene un sacco di esempi. Nel nostro caso noi vogliamo:
* monitorare proftpd, sshd, mysql, apache, postfix
* abilitare l'interfaccia di monit sulla porta 2812
* abilitare HTTPS sull'interfaccia
* proteggere le pagine con una username e una password
* inviare degli alert vie email all'indirizzo root@localhost
Salviamo la configurazione originale e creiamo quindi il nostro file di configurazione, secondo le specifiche stabilite:
<pre>
# cp /etc/monit/monitrc /etc/monit/monitrc_orig
# cat /dev/null > /etc/monit/monitrc
# nano /etc/monit/monitrc
</pre>
dandogli questo contenuto:
<pre>
set daemon  60
set logfile syslog facility log_daemon
set mailserver localhost
set mail-format { from: monit@server1.example.com }
set alert root@localhost
set httpd port 2812 and
    SSL ENABLE
    PEMFILE  /var/certs/monit.pem
    allow admin:test
check process proftpd with pidfile /var/run/proftpd.pid
  start program = "/etc/init.d/proftpd start"
  stop program  = "/etc/init.d/proftpd stop"
  if failed port 21 protocol ftp then restart
  if 5 restarts within 5 cycles then timeout
check process sshd with pidfile /var/run/sshd.pid
  start program  "/etc/init.d/ssh start"
  stop program  "/etc/init.d/ssh stop"
  if failed port 22 protocol ssh then restart
  if 5 restarts within 5 cycles then timeout
check process mysql with pidfile /var/run/mysqld/mysqld.pid
  group database
  start program = "/etc/init.d/mysql start"
  stop program = "/etc/init.d/mysql stop"
  if failed host 127.0.0.1 port 3306 then restart
  if 5 restarts within 5 cycles then timeout
check process apache with pidfile /var/run/apache2.pid
  group www
  start program = "/etc/init.d/apache2 start"
  stop program  = "/etc/init.d/apache2 stop"
  if failed host www.example.com port 80 protocol http
      and request "/monit/token" then restart
  if cpu is greater than 60% for 2 cycles then alert
  if cpu > 80% for 5 cycles then restart
  if totalmem > 500 MB for 5 cycles then restart
  if children > 250 then restart
  if loadavg(5min) greater than 10 for 8 cycles then stop
  if 3 restarts within 5 cycles then timeout
check process postfix with pidfile /var/spool/postfix/pid/master.pid
  group mail
  start program = "/etc/init.d/postfix start"
  stop  program = "/etc/init.d/postfix stop"
  if failed port 25 protocol smtp then restart
  if 5 restarts within 5 cycles then timeout
#check process nginx with pidfile /var/run/nginx.pid
#  start program = "/etc/init.d/nginx start"
#  stop  program = "/etc/init.d/nginx stop"
#  if failed host 127.0.0.1 port 80 then restart
#
#check process memcached with pidfile /var/run/memcached.pid
#  start program = "/etc/init.d/memcached start"
#  stop  program = "/etc/init.d/memcached stop"
#  if failed host 127.0.0.1 port 11211  then restart
#
#check process pureftpd with pidfile /var/run/pure-ftpd/pure-ftpd.pid
#  start program = "/etc/init.d/pure-ftpd-mysql start"
#  stop program  = "/etc/init.d/pure-ftpd-mysql stop"
#  if failed port 21 protocol ftp then restart
#  if 5 restarts within 5 cycles then timeout
#
#check process named with pidfile /var/run/named/named.pid
#  start program = "/etc/init.d/bind9 start"
#  stop program = "/etc/init.d/bind9 stop"
#  if failed host 127.0.0.1 port 53 type tcp protocol dns then restart
#  if failed host 127.0.0.1 port 53 type udp protocol dns then restart
#  if 5 restarts within 5 cycles then timeout
#
#check process ntpd with pidfile /var/run/ntpd.pid
#  start program = "/etc/init.d/ntp start"
#  stop  program = "/etc/init.d/ntp stop"
#  if failed host 127.0.0.1 port 123 type udp then restart
#  if 5 restarts within 5 cycles then timeout
#
#check process mailman with pidfile /var/run/mailman/mailman.pid
#  group mail
#  start program = "/etc/init.d/mailman start"
#  stop  program = "/etc/init.d/mailman stop"
#
#check process amavisd with pidfile /var/run/amavis/amavisd.pid
#  group mail
#  start program = "/etc/init.d/amavis start"
#  stop  program = "/etc/init.d/amavis stop"
#  if failed port 10024 protocol smtp then restart
#  if 5 restarts within 5 cycles then timeout
#
#check process courier-imap with pidfile /var/run/courier/imapd.pid
#  group mail
#  start program = "/etc/init.d/courier-imap start"
#  stop program = "/etc/init.d/courier-imap stop"
#  if failed host localhost port 143 type tcp protocol imap then restart
#  if 5 restarts within 5 cycles then timeout
#
#check process courier-imap-ssl with pidfile /var/run/courier/imapd-ssl.pid
#  group mail
#  start program = "/etc/init.d/courier-imap-ssl start"
#  stop program = "/etc/init.d/courier-imap-ssl stop"
#  if failed host localhost port 993 type tcpssl sslauto protocol imap then restart
#  if 5 restarts within 5 cycles then timeout
#
#check process courier-pop3 with pidfile /var/run/courier/pop3d.pid
#  group mail
#  start program = "/etc/init.d/courier-pop start"
#  stop program = "/etc/init.d/courier-pop stop"
#  if failed host localhost port 110 type tcp protocol pop then restart
#  if 5 restarts within 5 cycles then timeout
#
#check process courier-pop3-ssl with pidfile /var/run/courier/pop3d-ssl.pid
#  group mail
#  start program = "/etc/init.d/courier-pop-ssl start"
#  stop program = "/etc/init.d/courier-pop-ssl stop"
#  if failed host localhost port 995 type tcpssl sslauto protocol pop then restart
#  if 5 restarts within 5 cycles then timeout
#
#check process dovecot with pidfile /var/run/dovecot/master.pid
#  group mail
#  start program = "/etc/init.d/dovecot start"
#  stop program = "/etc/init.d/dovecot stop"
#  if failed host localhost port 993 type tcpssl sslauto protocol imap then restart
#  if 5 restarts within 5 cycles then timeout
</pre>
</pre>