diff options
| author | heinz <heinz@pkgsrc.org> | 2007-04-30 20:53:46 +0000 |
|---|---|---|
| committer | heinz <heinz@pkgsrc.org> | 2007-04-30 20:53:46 +0000 |
| commit | 69cf56745ccaba567f78fad9c82fe31de80c6c23 (patch) | |
| tree | f229f51dfdd53976b7a1e2c61f6f9344d38c0e00 /sysutils/monit | |
| parent | 7755d827caa73fbea5472fc4aaf14d65cc5e5183 (diff) | |
| download | pkgsrc-69cf56745ccaba567f78fad9c82fe31de80c6c23.tar.gz | |
Initial import of monit 4.9.
Monit is a utility for managing and monitoring, processes, files,
directories and devices on a UNIX system. Monit conducts automatic
maintenance and repair and can execute meaningful causal actions in
error situations.
Diffstat (limited to 'sysutils/monit')
| -rw-r--r-- | sysutils/monit/DESCR | 4 | ||||
| -rw-r--r-- | sysutils/monit/Makefile | 79 | ||||
| -rw-r--r-- | sysutils/monit/PLIST | 27 | ||||
| -rw-r--r-- | sysutils/monit/distinfo | 13 | ||||
| -rwxr-xr-x | sysutils/monit/files/monit-rc-script.sh | 36 | ||||
| -rw-r--r-- | sysutils/monit/patches/patch-aa | 20 | ||||
| -rw-r--r-- | sysutils/monit/patches/patch-ab | 15 | ||||
| -rw-r--r-- | sysutils/monit/patches/patch-ac | 15 | ||||
| -rw-r--r-- | sysutils/monit/patches/patch-ad | 39 | ||||
| -rw-r--r-- | sysutils/monit/patches/patch-ae | 3900 | ||||
| -rw-r--r-- | sysutils/monit/patches/patch-af | 16 | ||||
| -rw-r--r-- | sysutils/monit/patches/patch-ag | 15 | ||||
| -rw-r--r-- | sysutils/monit/patches/patch-ah | 23 |
13 files changed, 4202 insertions, 0 deletions
diff --git a/sysutils/monit/DESCR b/sysutils/monit/DESCR new file mode 100644 index 00000000000..b1dd63ab015 --- /dev/null +++ b/sysutils/monit/DESCR @@ -0,0 +1,4 @@ +Monit is a utility for managing and monitoring, processes, files, +directories and devices on a UNIX system. Monit conducts automatic +maintenance and repair and can execute meaningful causal actions in +error situations. diff --git a/sysutils/monit/Makefile b/sysutils/monit/Makefile new file mode 100644 index 00000000000..8102f755358 --- /dev/null +++ b/sysutils/monit/Makefile @@ -0,0 +1,79 @@ +# $NetBSD: Makefile,v 1.1.1.1 2007/04/30 20:53:46 heinz Exp $ +# + +DISTNAME= monit-4.9 +CATEGORIES= sysutils +MASTER_SITES= http://www.tildeslash.com/monit/dist/ + +MAINTAINER= heinz@NetBSD.org +HOMEPAGE= http://www.tildeslash.com/monit/ +COMMENT= Utility for monitoring processes, files, directories and devices + +PKG_DESTDIR_SUPPORT= user-destdir + +# no platform specific code yet +NOT_FOR_PLATFORM+= BSDOS-*-* DragonFly-*-* Interix-*-* IRIX-*-* OSF1-*-* + +USE_TOOLS+= gmake flex yacc pax +USE_PKGLOCALEDIR= yes +GNU_CONFIGURE= yes + +PKG_OPTIONS_VAR= PKG_OPTIONS.monit +PKG_SUPPORTED_OPTIONS= ssl +PKG_SUGGESTED_OPTIONS= ssl + +.include "../../mk/bsd.options.mk" +.if empty(PKG_OPTIONS:Mssl) +CONFIGURE_ARGS+= --without-ssl +.endif +CONFIGURE_ARGS+= --with-ssl-dir=${SSLBASE:Q} +CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR:Q} +PKG_SYSCONFSUBDIR= monit + +RCD_SCRIPTS= monit +RCD_SCRIPT_SRC.monit= ${FILESDIR}/monit-rc-script.sh + +CONF_FILES= ${EGDIR}/monitrc.sample ${PKG_SYSCONFDIR}/monitrc +CONF_FILES_MODE= 0600 + +OWN_DIRS+= ${PKG_SYSCONFDIR}/monit.d + +DOC_SUBDIR= share/docs/monit +DOCDIR= ${PREFIX}/${DOC_SUBDIR} +EG_SUBDIR= share/examples/monit +EGDIR= ${PREFIX}/${EG_SUBDIR} + +M_DOCFILES= CHANGES.txt CONTRIBUTORS COPYING FAQ.txt LICENSE +M_DOCFILES+= PACKAGES PLATFORMS README README.SSL STATUS UPGRADE.txt + +SUBST_CLASSES+= monit +SUBST_STAGE.monit= pre-configure +SUBST_MESSAGE.monit= Setting daemon interval +SUBST_FILES.monit= monitrc +SUBST_SED.monit= -e "s|^\# *set *daemon|set daemon|" +SUBST_SED.monit+= -e "s|include */etc/monit.d|include ${PKG_SYSCONFDIR}/monit.d|" + +post-extract: + ${MV} -f ${WRKSRC}/monit.1 ${WRKSRC}/monit.1.obsolete + cd ${WRKSRC}/contrib && ${PAX} -zrf monit-OSX-startup.tar.gz + +post-install: + ${INSTALL_DATA_DIR} ${DESTDIR}${DOCDIR} +.for f in ${M_DOCFILES} + ${INSTALL_DATA} ${WRKSRC}/${f} ${DESTDIR}${DOCDIR} +.endfor + ${INSTALL_DATA_DIR} ${DESTDIR}${EGDIR} + ${INSTALL_DATA_DIR} ${DESTDIR}${EGDIR}/MacOSX + ${INSTALL_DATA} ${WRKSRC}/monitrc ${DESTDIR}${EGDIR}/monitrc.sample + ${INSTALL_DATA} ${WRKSRC}/contrib/monit.php ${DESTDIR}${EGDIR}/ + ${INSTALL_DATA} ${WRKSRC}/contrib/monitrc-gentoo ${DESTDIR}${EGDIR}/ + ${INSTALL_DATA} ${WRKSRC}/contrib/wap.php ${DESTDIR}${EGDIR}/ +.for f in README StartupParameters.plist monit monit.plist monitrc + ${INSTALL_DATA} ${WRKSRC}/contrib/monit/${f} ${DESTDIR}${EGDIR}/MacOSX +.endfor + + + +.include "../../mk/pthread.buildlink3.mk" +.include "../../security/openssl/buildlink3.mk" +.include "../../mk/bsd.pkg.mk" diff --git a/sysutils/monit/PLIST b/sysutils/monit/PLIST new file mode 100644 index 00000000000..2590931ae08 --- /dev/null +++ b/sysutils/monit/PLIST @@ -0,0 +1,27 @@ +@comment $NetBSD: PLIST,v 1.1.1.1 2007/04/30 20:53:46 heinz Exp $ +bin/monit +man/man1/monit.1 +share/docs/monit/CHANGES.txt +share/docs/monit/CONTRIBUTORS +share/docs/monit/COPYING +share/docs/monit/FAQ.txt +share/docs/monit/LICENSE +share/docs/monit/PACKAGES +share/docs/monit/PLATFORMS +share/docs/monit/README +share/docs/monit/README.SSL +share/docs/monit/STATUS +share/docs/monit/UPGRADE.txt +share/examples/monit/monitrc.sample +share/examples/monit/monit.php +share/examples/monit/monitrc-gentoo +share/examples/monit/wap.php +share/examples/monit/MacOSX/README +share/examples/monit/MacOSX/StartupParameters.plist +share/examples/monit/MacOSX/monit +share/examples/monit/MacOSX/monit.plist +share/examples/monit/MacOSX/monitrc +share/examples/rc.d/monit +@dirrm share/docs/monit +@dirrm share/examples/monit/MacOSX +@dirrm share/examples/monit diff --git a/sysutils/monit/distinfo b/sysutils/monit/distinfo new file mode 100644 index 00000000000..94a0197b4a5 --- /dev/null +++ b/sysutils/monit/distinfo @@ -0,0 +1,13 @@ +$NetBSD: distinfo,v 1.1.1.1 2007/04/30 20:53:46 heinz Exp $ + +SHA1 (monit-4.9.tar.gz) = a910b07a9ecc7d2803368d7d114df01f4e0916cd +RMD160 (monit-4.9.tar.gz) = 5c9c9ac48d22d327818253122418e9b4c7f12587 +Size (monit-4.9.tar.gz) = 573711 bytes +SHA1 (patch-aa) = 11d458ca0e8a4047b45651ead153d4acc167d462 +SHA1 (patch-ab) = d97d12c660d170dbd527d5055c2149faf8197838 +SHA1 (patch-ac) = 606529cf1b739591da6ed021866e5390dc9fed9e +SHA1 (patch-ad) = a4d9464bf6c9ed6ab6f725339787fb4308735fb5 +SHA1 (patch-ae) = 0e782ca1cf00a6bdb4edd1761761833ff988b554 +SHA1 (patch-af) = dc51bf856e7a6747c51ba8385c7ccd15dc26964e +SHA1 (patch-ag) = 8c4a29764732f4b7f1ebd05f9390448af07b1797 +SHA1 (patch-ah) = 9e9951aec935b242219164d9f7206d417a189679 diff --git a/sysutils/monit/files/monit-rc-script.sh b/sysutils/monit/files/monit-rc-script.sh new file mode 100755 index 00000000000..846cc01086c --- /dev/null +++ b/sysutils/monit/files/monit-rc-script.sh @@ -0,0 +1,36 @@ +#!@RCD_SCRIPTS_SHELL@ +# +# $NetBSD: monit-rc-script.sh,v 1.1.1.1 2007/04/30 20:53:46 heinz Exp $ +# +# Start script for 'monit'. +# + +## +# PROVIDE: monit +# REQUIRE: NETWORKING SERVERS +# BEFORE: DAEMON +# KEYWORD: shutdown +## + +PATH=/sbin:/bin:/usr/sbin:/usr/bin:@PREFIX@/bin +export PATH + +if [ -f /etc/rc.subr ] +then + . /etc/rc.subr +fi + +name="monit" +rcvar=$name +command="@PREFIX@/bin/monit" +pidfile="@VARBASE@/run/${name}.pid" +statefile="@VARBASE@/run/${name}.state" +monitrc="@PKG_SYSCONFDIR@/monitrc" +extra_commands="reload" +sig_stop="TERM" +sig_reload="HUP" + +monit_flags=${monit_flags-"-c ${monitrc} -p ${pidfile} -s ${statefile}"} + +load_rc_config $name +run_rc_command "$1" diff --git a/sysutils/monit/patches/patch-aa b/sysutils/monit/patches/patch-aa new file mode 100644 index 00000000000..a14963357c6 --- /dev/null +++ b/sysutils/monit/patches/patch-aa @@ -0,0 +1,20 @@ +$NetBSD: patch-aa,v 1.1.1.1 2007/04/30 20:53:54 heinz Exp $ + +Shut up warnings about "subscript has type char" + +--- util.c.orig 2007-02-03 00:00:25.000000000 +0100 ++++ util.c +@@ -367,11 +367,11 @@ int Util_countWords(char *s, const char + */ + int Util_startsWith(const char *a, const char *b) { + +- if((!a || !b) || toupper(*a)!=toupper(*b)) return FALSE; ++ if((!a || !b) || toupper((int)*a)!=toupper((int)*b)) return FALSE; + + while(*a && *b) { + +- if(toupper(*a++) != toupper(*b++)) return FALSE; ++ if(toupper((int)*a++) != toupper((int)*b++)) return FALSE; + + } + diff --git a/sysutils/monit/patches/patch-ab b/sysutils/monit/patches/patch-ab new file mode 100644 index 00000000000..8e9c149db06 --- /dev/null +++ b/sysutils/monit/patches/patch-ab @@ -0,0 +1,15 @@ +$NetBSD: patch-ab,v 1.1.1.1 2007/04/30 20:53:54 heinz Exp $ + +Shut up warnings about "subscript has type char" + +--- p.y.orig 2007-01-12 22:17:12.000000000 +0100 ++++ p.y +@@ -3320,7 +3320,7 @@ static int cleanup_hash_string(char *has + + if (isxdigit((int) hashstring[i])) { + +- hashstring[j]=tolower(hashstring[i]); ++ hashstring[j]=tolower((int)hashstring[i]); + j++; + + } diff --git a/sysutils/monit/patches/patch-ac b/sysutils/monit/patches/patch-ac new file mode 100644 index 00000000000..e683236e4c1 --- /dev/null +++ b/sysutils/monit/patches/patch-ac @@ -0,0 +1,15 @@ +$NetBSD: patch-ac,v 1.1.1.1 2007/04/30 20:53:54 heinz Exp $ + +C source files must be told where the "sysconfdir" is. + +--- Makefile.in.orig 2007-01-11 23:04:46.000000000 +0100 ++++ Makefile.in +@@ -61,7 +61,7 @@ PROG = monit + + INCDIR = -I. -I./device -I./http -I./process -I./protocols + LIB = @LEXLIB@ @LIBS@ +-DEFINES = -D@ARCH@ ++DEFINES = -D@ARCH@ -DSYSCONFDIR="\"@sysconfdir@\"" + + # ------------------------------------------------------------------- # + diff --git a/sysutils/monit/patches/patch-ad b/sysutils/monit/patches/patch-ad new file mode 100644 index 00000000000..3f4129723fa --- /dev/null +++ b/sysutils/monit/patches/patch-ad @@ -0,0 +1,39 @@ +$NetBSD: patch-ad,v 1.1.1.1 2007/04/30 20:53:54 heinz Exp $ + +Pre-processor macro SYSCONFDIR will be defined on the command line. +SYSCONFDIR has to be a string enclosed by "" to enable string literal +concatenation. + +--- file.c.orig 2007-01-03 22:02:06.000000000 +0100 ++++ file.c +@@ -145,9 +145,9 @@ time_t File_getTimestamp(char *object, m + + /** + * Search the system for the monit control file. Try first ~/.monitrc, +- * if that fails try /etc/monitrc, then /usr/local/etc/monitrc and +- * finally ./monitrc. Exit the application if the control file was +- * not found. ++ * if that fails try /etc/monitrc, then SYSCONFDIR/monitrc (default: ++ * /usr/local/etc/monitrc) and finally ./monitrc. ++ * Exit the application if the control file was not found. + * @return The location of monits control file (monitrc) + */ + char *File_findControlFile() { +@@ -164,7 +164,7 @@ char *File_findControlFile() { + return (rcfile); + } + memset(rcfile, 0, STRLEN); +- snprintf(rcfile, STRLEN, "/usr/local/etc/%s", MONITRC); ++ snprintf(rcfile, STRLEN, SYSCONFDIR "/%s", MONITRC); + if(File_exist(rcfile)) { + return (rcfile); + } +@@ -174,7 +174,7 @@ char *File_findControlFile() { + return (rcfile); + } + LogError("%s: Cannot find the control file at " +- "~/.%s, /etc/%s, /usr/local/etc/%s or at ./%s \n", ++ "~/.%s, /etc/%s, " SYSCONFDIR "/%s or at ./%s \n", + prog, MONITRC, MONITRC, MONITRC, MONITRC); + exit(1); + diff --git a/sysutils/monit/patches/patch-ae b/sysutils/monit/patches/patch-ae new file mode 100644 index 00000000000..e2bd6505cb9 --- /dev/null +++ b/sysutils/monit/patches/patch-ae @@ -0,0 +1,3900 @@ +$NetBSD: patch-ae,v 1.1.1.1 2007/04/30 20:53:54 heinz Exp $ + +Create monit.1.in so we can replace @sysconfdir@ in the configure script. + +--- monit.1.in.orig 2007-04-16 23:45:44.000000000 +0200 ++++ monit.1.in +@@ -0,0 +1,3893 @@ ++.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32 ++.\" ++.\" Standard preamble: ++.\" ======================================================================== ++.de Sh \" Subsection heading ++.br ++.if t .Sp ++.ne 5 ++.PP ++\fB\\$1\fR ++.PP ++.. ++.de Sp \" Vertical space (when we can't use .PP) ++.if t .sp .5v ++.if n .sp ++.. ++.de Vb \" Begin verbatim text ++.ft CW ++.nf ++.ne \\$1 ++.. ++.de Ve \" End verbatim text ++.ft R ++.fi ++.. ++.\" Set up some character translations and predefined strings. \*(-- will ++.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left ++.\" double quote, and \*(R" will give a right double quote. \*(C+ will ++.\" give a nicer C++. Capital omega is used to do unbreakable dashes and ++.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, ++.\" nothing in troff, for use with C<>. ++.tr \(*W- ++.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' ++.ie n \{\ ++. ds -- \(*W- ++. ds PI pi ++. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch ++. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch ++. ds L" "" ++. ds R" "" ++. ds C` "" ++. ds C' "" ++'br\} ++.el\{\ ++. ds -- \|\(em\| ++. ds PI \(*p ++. ds L" `` ++. ds R" '' ++'br\} ++.\" ++.\" If the F register is turned on, we'll generate index entries on stderr for ++.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index ++.\" entries marked with X<> in POD. Of course, you'll have to process the ++.\" output yourself in some meaningful fashion. ++.if \nF \{\ ++. de IX ++. tm Index:\\$1\t\\n%\t"\\$2" ++.. ++. nr % 0 ++. rr F ++.\} ++.\" ++.\" For nroff, turn off justification. Always turn off hyphenation; it makes ++.\" way too many mistakes in technical documents. ++.hy 0 ++.if n .na ++.\" ++.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). ++.\" Fear. Run. Save yourself. No user-serviceable parts. ++. \" fudge factors for nroff and troff ++.if n \{\ ++. ds #H 0 ++. ds #V .8m ++. ds #F .3m ++. ds #[ \f1 ++. ds #] \fP ++.\} ++.if t \{\ ++. ds #H ((1u-(\\\\n(.fu%2u))*.13m) ++. ds #V .6m ++. ds #F 0 ++. ds #[ \& ++. ds #] \& ++.\} ++. \" simple accents for nroff and troff ++.if n \{\ ++. ds ' \& ++. ds ` \& ++. ds ^ \& ++. ds , \& ++. ds ~ ~ ++. ds / ++.\} ++.if t \{\ ++. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" ++. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' ++. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' ++. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' ++. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' ++. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' ++.\} ++. \" troff and (daisy-wheel) nroff accents ++.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' ++.ds 8 \h'\*(#H'\(*b\h'-\*(#H' ++.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] ++.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' ++.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' ++.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] ++.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] ++.ds ae a\h'-(\w'a'u*4/10)'e ++.ds Ae A\h'-(\w'A'u*4/10)'E ++. \" corrections for vroff ++.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' ++.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' ++. \" for low resolution devices (crt and lpr) ++.if \n(.H>23 .if \n(.V>19 \ ++\{\ ++. ds : e ++. ds 8 ss ++. ds o a ++. ds d- d\h'-1'\(ga ++. ds D- D\h'-1'\(hy ++. ds th \o'bp' ++. ds Th \o'LP' ++. ds ae ae ++. ds Ae AE ++.\} ++.rm #[ #] #H #V #F C ++.\" ======================================================================== ++.\" ++.IX Title "MONIT 1" ++.TH MONIT 1 "www.tildeslash.com" "February 19. 2007" "User Commands" ++.SH "NAME" ++monit \- utility for monitoring services on a Unix system ++.SH "SYNOPSIS" ++.IX Header "SYNOPSIS" ++\&\fBmonit\fR [options] {arguments} ++.SH "DESCRIPTION" ++.IX Header "DESCRIPTION" ++\&\fBmonit\fR is a utility for managing and monitoring processes, ++files, directories and devices on a Unix system. Monit conducts ++automatic maintenance and repair and can execute meaningful ++causal actions in error situations. E.g. monit can start a ++process if it does not run, restart a process if it does not ++respond and stop a process if it uses to much resources. You may ++use monit to monitor files, directories and devices for changes, ++such as timestamps changes, checksum changes or size changes. ++.PP ++Monit is controlled via an easy to configure control file based ++on a free\-format, token-oriented syntax. Monit logs to syslog or ++to its own log file and notifies you about error conditions via ++customizable alert messages. Monit can perform various \s-1TCP/IP\s0 ++network checks, protocol checks and can utilize \s-1SSL\s0 for such ++checks. Monit provides a http(s) interface and you may use a ++browser to access the monit program. ++.SH "GENERAL OPERATION" ++.IX Header "GENERAL OPERATION" ++The behavior of monit is controlled by command-line options ++\&\fIand\fR a run control file, \fI~/.monitrc\fR, the syntax of which we ++describe in a later section. Command-line options override ++\&\fI.monitrc\fR declarations. ++.PP ++The following options are recognized by monit. However, it is ++recommended that you set options (when applicable) directly in ++the \fI.monitrc\fR control file. ++.Sh "General Options and Arguments" ++.IX Subsection "General Options and Arguments" ++\&\fB\-c\fR \fIfile\fR ++ Use this control file ++.PP ++\&\fB\-d\fR \fIn\fR ++ Run as a daemon once per \fIn\fR seconds ++.PP ++\&\fB\-g\fR ++ Set group name for start, stop, restart and status ++.PP ++\&\fB\-l\fR \fIlogfile\fR ++ Print log information to this file ++.PP ++\&\fB\-p\fR \fIpidfile\fR ++ Use this lock file in daemon mode ++.PP ++\&\fB\-s\fR \fIstatefile\fR ++ Write state information to this file ++.PP ++\&\fB\-I\fR ++ Do not run in background (needed for run from init) ++.PP ++\&\fB\-t\fR ++ Run syntax check for the control file ++.PP ++\&\fB\-v\fR ++ Verbose mode, work noisy (diagnostic output) ++.PP ++\&\fB\-H\fR \fI[filename]\fR ++ Print \s-1MD5\s0 and \s-1SHA1\s0 hashes of the file or of stdin if the ++ filename is omitted; monit will exit afterwards ++.PP ++\&\fB\-V\fR ++ Print version number and patch level ++.PP ++\&\fB\-h\fR ++ Print a help text ++.PP ++In addition to the options above, monit can be started with one ++of the following action arguments; monit will then execute the ++action and exit without transforming itself to a daemon. ++.PP ++\&\fBstart all\fR ++ Start all services listed in the control file and ++ enable monitoring for them. If the group option is ++ set, only start and enable monitoring of services in ++ the named group. ++.PP ++\&\fBstart name\fR ++ Start the named service and enable monitoring for ++ it. The name is a service entry name from the ++ monitrc file. ++.PP ++\&\fBstop all\fR ++ Stop all services listed in the control file and ++ disable their monitoring. If the group option is ++ set, only stop and disable monitoring of the services ++ in the named group. ++.PP ++\&\fBstop name\fR ++ Stop the named service and disable its monitoring. ++ The name is a service entry name from the monitrc ++ file. ++.PP ++\&\fBrestart all\fR ++ Stop and start \fIall\fR services. If the group option ++ is set, only restart the services in the named group. ++.PP ++\&\fBrestart name\fR ++ Restart the named service. The name is a service entry ++ name from the monitrc file. ++.PP ++\&\fBmonitor all\fR ++ Enable monitoring of all services listed in the ++ control file. If the group option is set, only start ++ monitoring of services in the named group. ++.PP ++\&\fBmonitor name\fR ++ Enable monitoring of the named service. The name is ++ a service entry name from the monitrc file. Monit will ++ also enable monitoring of all services this service ++ depends on. ++.PP ++\&\fBunmonitor all\fR ++ Disable monitoring of all services listed in the ++ control file. If the group option is set, only disable ++ monitoring of services in the named group. ++.PP ++\&\fBunmonitor name\fR ++ Disable monitoring of the named service. The name is ++ a service entry name from the monitrc file. Monit ++ will also disable monitoring of all services that ++ depends on this service. ++.PP ++\&\fBstatus\fR ++ Print full status information for each service. ++.PP ++\&\fBsummary\fR ++ Print short status information for each service. ++.PP ++\&\fBreload\fR ++ Reinitialize a running monit daemon, the daemon will ++ reread its configuration, close and reopen log files. ++.PP ++\&\fBquit\fR ++ Kill a monit daemon process ++.PP ++\&\fBvalidate\fR ++ Check all services listed in the control file. This ++ action is also the default behavior when monit runs ++ in daemon mode. ++.SH "WHAT TO MONITOR" ++.IX Header "WHAT TO MONITOR" ++You may use monit to monitor daemon processes or similar programs ++running on localhost. Monit is particular useful for monitoring ++daemon processes, such as those started at system boot time from ++/etc/init.d/. For instance sendmail, sshd, apache and mysql. In ++difference to many monitoring systems, monit can act if an error ++situation should occur, e.g.; if sendmail is not running, monit ++can start sendmail or if apache is using to much system resources ++(e.g. if a DoS attack is in progress) monit can stop or restart ++apache and send you an alert message. Monit does also monitor ++process characteristics, such as; if a process has become a ++zombie and how much memory or cpu cycles a process is using. ++.PP ++You may also use monit to monitor files, directories and devices ++on localhost. Monit can monitor these items for changes, such as ++timestamps changes, checksum changes or size changes. This is ++also useful for security reasons \- you can monitor the md5 ++checksum of files that should not change. ++.PP ++You may even use monit to monitor remote hosts. First and ++foremost monit is a utility for monitoring and mending services ++on localhost, but if a service depends on a remote service, ++e.g. a database server or an application server, it might by ++useful to be able to test a remote host as well. ++.PP ++You may monitor the general system-wide resources such as cpu ++usage, memory and load average. ++.SH "HOW TO MONITOR" ++.IX Header "HOW TO MONITOR" ++monit is configured and controlled via a control file called ++\&\fBmonitrc\fR. The default location for this file is ~/.monitrc. If ++this file does not exist, monit will try /etc/monitrc, then ++@sysconfdir@/monitrc and finally ./monitrc. ++.PP ++A monit control file consists of a series of service entries and ++global option statements in a free\-format, token-oriented syntax. ++Comments begin with a # and extend through the end of the line. ++There are three kinds of tokens in the control file: grammar ++keywords, numbers and strings. ++.PP ++On a semantic level, the control file consists of three types of ++statements: ++.IP "1. Global set-statements" 4 ++.IX Item "1. Global set-statements" ++A global set-statement starts with the keyword \fIset\fR and the ++item to configure. ++.IP "2. Global include-statement" 4 ++.IX Item "2. Global include-statement" ++The include statement consists of the keyword \fIinclude\fR and ++a glob string. ++.IP "3. One or more service entry statements." 4 ++.IX Item "3. One or more service entry statements." ++A service entry starts with the keyword \fIcheck\fR followed by the ++service type. ++.PP ++This is the hello galaxy version of a monit control file: ++.PP ++.Vb 3 ++\& # ++\& # monit control file ++\& # ++.Ve ++.PP ++.Vb 6 ++\& set daemon 120 # Poll at 2\-minute intervals ++\& set logfile syslog facility log_daemon ++\& set alert foo@bar.baz ++\& set httpd port 2812 and use address localhost ++\& allow localhost # Allow localhost to connect ++\& allow admin:monit # Allow Basic Auth ++.Ve ++.PP ++.Vb 7 ++\& check system myhost.mydomain.tld ++\& if loadavg (1min) > 4 then alert ++\& if loadavg (5min) > 2 then alert ++\& if memory usage > 75% then alert ++\& if cpu usage (user) > 70% then alert ++\& if cpu usage (system) > 30% then alert ++\& if cpu usage (wait) > 20% then alert ++.Ve ++.PP ++.Vb 11 ++\& check process apache ++\& with pidfile "/usr/local/apache/logs/httpd.pid" ++\& start program = "/etc/init.d/httpd start" ++\& stop program = "/etc/init.d/httpd stop" ++\& if 2 restarts within 3 cycles then timeout ++\& if totalmem > 100 Mb then alert ++\& if children > 255 for 5 cycles then stop ++\& if cpu usage > 95% for 3 cycles then restart ++\& if failed port 80 protocol http then restart ++\& group server ++\& depends on httpd.conf, httpd.bin ++.Ve ++.PP ++.Vb 5 ++\& check file httpd.conf ++\& with path /usr/local/apache/conf/httpd.conf ++\& # Reload apache if the httpd.conf file was changed ++\& if changed checksum ++\& then exec "/usr/local/apache/bin/apachectl graceful" ++.Ve ++.PP ++.Vb 7 ++\& check file httpd.bin ++\& with path /usr/local/apache/bin/httpd ++\& # Run /watch/dog in the case that the binary was changed ++\& # and alert in the case that the checksum value recovered ++\& # later ++\& if failed checksum then exec "/watch/dog" ++\& else if recovered then alert ++.Ve ++.PP ++.Vb 2 ++\& include /etc/monit/mysql.monitrc ++\& include /etc/monit/mail/*.monitrc ++.Ve ++.PP ++This example illustrate a service entry for monitoring the apache ++web server process as well as related files. The meaning of the ++various statements will be explained in the following sections. ++.SH "LOGGING" ++.IX Header "LOGGING" ++monit will log status and error messages to a log file. Use the ++\&\fIset logfile\fR statement in the monitrc control file. To setup ++monit to log to its own logfile, use e.g. \fIset logfile ++/var/log/monit.log\fR. If \fBsyslog\fR is given as a value for the ++\&\fI\-l\fR command-line switch (or the keyword \fIset logfile syslog\fR ++is found in the control file) monit will use the \fBsyslog\fR system ++daemon to log messages. The priority is assigned to each message ++based on the context. To turn off logging, simply do not set ++the logfile in the control file (and of course, do not use the \-l ++switch) ++.SH "DAEMON MODE" ++.IX Header "DAEMON MODE" ++The \fI\-d interval\fR command-line switch runs monit in daemon ++mode. You must specify a numeric argument which is a polling ++interval in seconds. ++.PP ++In daemon mode, monit detaches from the console, puts itself in ++the background and runs continuously, monitoring each specified ++service and then goes to sleep for the given poll interval. ++.PP ++.Vb 1 ++\& Simply invoking ++.Ve ++.PP ++.Vb 1 ++\& monit \-d 300 ++.Ve ++.PP ++will poll all services described in your \fI~/.monitrc\fR file every ++5 minutes. ++.PP ++It is strongly recommended to set the poll interval in your ++~/.monitrc file instead, by using \fIset daemon \f(BIn\fI\fR, where \fBn\fR ++is an integer number of seconds. If you do this, monit will ++always start in daemon mode (as long as no action arguments are ++given). ++.PP ++Monit makes a per-instance lock-file in daemon mode. If you need ++more monit instances, you will need more configuration files, ++each pointing to its own lock\-file. ++.PP ++Calling \fImonit\fR with a monit daemon running in the background ++sends a wake-up signal to the daemon, forcing it to check ++services immediately. ++.PP ++The \fIquit\fR argument will kill a running daemon process instead ++of waking it up. ++.SH "INIT SUPPORT" ++.IX Header "INIT SUPPORT" ++Monit can run and be controlled from \fIinit\fR. If monit should ++crash, \fIinit\fR will re-spawn a new monit process. Using init to ++start monit is probably the best way to run monit if you want to ++be certain that you always have a running monit daemon on your ++system. (It's obvious, but never the less worth to stress; Make ++sure that the control file does not have any syntax errors before ++you start monit from init. Also, make sure that if you run monit ++from init, that you do not start monit from a startup scripts as ++well). ++.PP ++To setup monit to run from init, you can either use the 'set ++init' statement in monit's control file or use the \-I option from ++the command line and here is what you must add to /etc/inittab: ++.PP ++.Vb 2 ++\& # Run monit in standard run\-levels ++\& mo:2345:respawn:/usr/local/bin/monit \-Ic /etc/monitrc ++.Ve ++.PP ++After you have modified init's configuration file, you can run ++the following command to re-examine /etc/inittab and start monit: ++.PP ++.Vb 1 ++\& telinit q ++.Ve ++.PP ++For systems without telinit: ++.PP ++.Vb 1 ++\& kill \-1 1 ++.Ve ++.PP ++If monit is used to monitor services that are also started at ++boot time (e.g. services started via \s-1SYSV\s0 init rc scripts or via ++inittab) then, in some cases, a race condition could occur. That ++is; if a service is slow to start, monit can assume that the ++service is not running and possibly try to start it and raise an ++alert, while, in fact the service is already about to start or ++already in its startup sequence. Please see the \s-1FAQ\s0 for solutions ++to this problem. ++.SH "INCLUDE FILES" ++.IX Header "INCLUDE FILES" ++The monit control file, \fImonitrc\fR, can include additional ++configuration files. This feature helps to maintain a certain ++structure or to place repeating settings into one file. Include ++statements can be placed at virtually any spot. The syntax is the ++following: ++.PP ++.Vb 1 ++\& INCLUDE globstring ++.Ve ++.PP ++The globstring is any kind of string as defined in \fIglob\fR\|(7). ++Thus, you can refer to a single file or you can load several ++files at once. In case you want to use whitespace in your string ++the globstring need to be embedded into quotes (') or double ++quotes ("). For example, ++.PP ++.Vb 1 ++\& INCLUDE "/etc/monit/monit configuration files/printer.*.monitrc" ++.Ve ++.PP ++loads any file matching the single globstring. If the globstring ++matches a directory instead of a file, it is silently ignored. ++.PP ++\&\fI\s-1INCLUDE\s0\fR statements in included files are parsed as in the main ++control file. ++.PP ++If the globstring matches several results, the files are included ++in a non sorted manner. If you need to rely on a certain order, ++you might need to use single \fIinclude\fR statements. ++.SH "GROUP SUPPORT" ++.IX Header "GROUP SUPPORT" ++Service entries in the control file, \fImonitrc\fR, can be grouped ++together by the \fIgroup\fR statement. The syntax is simply (keyword ++in capital): ++.PP ++.Vb 1 ++\& GROUP groupname ++.Ve ++.PP ++With this statement it is possible to group similar service ++entries together and manage them as a whole. Monit provides ++functions to start, stop and restart a group of services, like ++so: ++.PP ++To start a group of services from the console: ++.PP ++.Vb 1 ++\& monit \-g <groupname> start ++.Ve ++.PP ++To stop a group of services: ++.PP ++.Vb 1 ++\& monit \-g <groupname> stop ++.Ve ++.PP ++To restart a group of services: ++.PP ++.Vb 1 ++\& monit \-g <groupname> restart ++.Ve ++.SH "MONITORING MODE" ++.IX Header "MONITORING MODE" ++Monit supports three monitoring modes per service: \fIactive\fR, ++\&\fIpassive\fR and \fImanual\fR. See also the example section below for ++usage of the mode statement. ++.PP ++In \fIactive\fR mode, monit will monitor a service and in case of ++problems monit will act and raise alerts, start, stop or restart ++the service. Active mode is the default mode. ++.PP ++In \fIpassive\fR mode, monit will passively monitor a service and ++specifically \fBnot\fR try to fix a problem, but it will still raise ++alerts in case of a problem. ++.PP ++For use in clustered environments there is also a \fImanual\fR ++mode. In this mode, monit will enter \fIactive\fR mode \fBonly\fR if a ++service was brought under monit's control, for example by ++executing the following command in the console: ++.PP ++.Vb 2 ++\& monit start sybase ++\& (monit will call sybase's start method and enable monitoring) ++.Ve ++.PP ++If a service was not started by monit or was stopped or disabled ++for example by: ++.PP ++.Vb 2 ++\& monit stop sybase ++\& (monit will call sybase's stop method and disable monitoring) ++.Ve ++.PP ++monit will not monitor the service. This allows for having ++services configured in monitrc and start it with monit only if it ++should run. This feature can be used to build a simple failsafe ++cluster. To see how, read more about how to setup a cluster with ++monit using the \fIheartbeat\fR system in the examples sections ++below. ++.SH "ALERT MESSAGES" ++.IX Header "ALERT MESSAGES" ++Monit will raise an email alert in the following situations: ++.PP ++.Vb 14 ++\& o A service timed out ++\& o A service does not exist ++\& o A service related data access problem ++\& o A service related program execution problem ++\& o A service is of invalid object type ++\& o A icmp problem ++\& o A port connection problem ++\& o A resource statement match ++\& o A file checksum problem ++\& o A file size problem ++\& o A file/directory timestamp problem ++\& o A file/directory/device permission problem ++\& o A file/directory/device uid problem ++\& o A file/directory/device gid problem ++.Ve ++.PP ++Monit will send an alert each time a monitored object changed. ++This involves: ++.PP ++.Vb 5 ++\& o Monit started, stopped or reloaded ++\& o A file checksum changed ++\& o A file size changed ++\& o A file content match ++\& o A file/directory timestamp changed ++.Ve ++.PP ++You use the alert statement to notify monit that you want alert ++messages sent to an email address. If you do not specify an alert ++statement, monit will not send alert messages. ++.PP ++There are two forms of alert statement: ++.PP ++.Vb 2 ++\& o Global \- common for all services ++\& o Local \- per service ++.Ve ++.PP ++In both cases you can use more than one alert statement. In other ++words, you can send many different emails to many different ++addresses. (in case you now got a new business idea: monit is not ++really suitable for sending spam). ++.PP ++Recipients in the global and in the local lists are alerted when ++a service failed, recovered or changed. If the same email address ++is in the global and in the local list, monit will send only one ++alert. Local (per service) defined alert email addresses override ++global addresses in case of a conflict. Finally, you may choose ++to only use a global alert list (recommended), a local per ++service list or both. ++.PP ++It is also possible to disable the global alerts localy for ++particular service(s) and recipients. ++.Sh "Setting a global alert statement" ++.IX Subsection "Setting a global alert statement" ++If a change occurred on a monitored services, monit will send an ++alert to all recipients in the global list who have registered ++interest for the event type. Here is the syntax for the global ++alert statement: ++.IP "\s-1SET\s0 \s-1ALERT\s0 mail-address [ [\s-1NOT\s0] {events}] [\s-1MAIL\-FORMAT\s0 {mail\-format}] [\s-1REMINDER\s0 number]" 4 ++.IX Item "SET ALERT mail-address [ [NOT] {events}] [MAIL-FORMAT {mail-format}] [REMINDER number]" ++.PP ++Simply using the following in the global section of monitrc: ++.PP ++.Vb 1 ++\& set alert foo@bar ++.Ve ++.PP ++will send a default email to the address foo@bar whenever an ++event occurred on any service. Such an event may be that a ++service timed out, a service was doesn't exist or a service does ++exist (on recovery) and so on. If you want to send alert messages ++to more email addresses, add a \fIset alert 'email'\fR statement for ++each address. ++.PP ++For explanations of the \fIevents, MAIL-FORMAT and \s-1REMINDER\s0\fR ++keywords above, please see below. ++.PP ++When you want to enable global alert recipient which will receive ++all event alerts except some type, you can also use the \s-1NOT\s0 negation ++option ahead of events list which allows you to set the recipient ++for \*(L"all but specified events\*(R" (see bellow for more details). ++.Sh "Setting a local alert statement" ++.IX Subsection "Setting a local alert statement" ++Each service can also have its own recipient list. ++.IP "\s-1ALERT\s0 mail-address [ [\s-1NOT\s0] {events}] [\s-1MAIL\-FORMAT\s0 {mail\-format}] [\s-1REMINDER\s0 number]" 4 ++.IX Item "ALERT mail-address [ [NOT] {events}] [MAIL-FORMAT {mail-format}] [REMINDER number]" ++.PP ++or ++.IP "\s-1NOALERT\s0 mail-address" 4 ++.IX Item "NOALERT mail-address" ++.PP ++If you only want an alert message sent for certain events for ++certain service(s), for example only for timeout events or only ++if a service died, then postfix the alert-statement with a filter ++block: ++.PP ++.Vb 3 ++\& check process myproc with pidfile /var/run/my.pid ++\& alert foo@bar only on { timeout, nonexist } ++\& ... ++.Ve ++.PP ++(\fIonly\fR and \fIon\fR are noise keywords, ignored by monit. As a ++side note; Noise keywords are used in the control file grammar to ++make an entry resemble English and thus make it easier to read ++(or, so goes the philosophy). The full set of available noise ++keywords are listed below in the Control File section). ++.PP ++You can also set the alert to send all events except specified ++using the list negation \- the word \fInot\fR ahead of the event ++list. For example when you want to receive alerts for all events ++except the monit instance related, you can write (note that the ++noise words 'but' and 'on' are optional): ++.PP ++.Vb 3 ++\& check system myserver ++\& alert foo@bar but not on { instance } ++\& ... ++.Ve ++.PP ++instead of: ++.PP ++.Vb 13 ++\& alert foo@bar on { change ++\& checksum ++\& data ++\& exec ++\& gid ++\& icmp ++\& invalid ++\& match ++\& nonexist ++\& permission ++\& size ++\& timeout ++\& timestamp } ++.Ve ++.PP ++This will enable all alerts for foo@bar, except the monit instance ++related alerts. ++.PP ++Event filtering can be used to send a mail to different email ++addresses depending on the events that occurred. For instance: ++.PP ++.Vb 3 ++\& alert foo@bar { nonexist, timeout, resource, icmp, connection } ++\& alert security@bar on { checksum, permission, uid, gid } ++\& alert manager@bar ++.Ve ++.PP ++This will send an alert message to foo@bar whenever a nonexist, ++timeout, resource or connection problem occurs and a message to ++security@bar if a checksum, permission, uid or gid problem ++occurs. And finally, a message to manager@bar whenever any error ++event occurs. ++.PP ++This is the list of events you can use in a mail\-filter: \fIuid, ++gid, size, nonexist, data, icmp, instance, invalid, exec, ++changed, timeout, resource, checksum, match, timestamp, ++connection, permission\fR ++.PP ++You can also disable the alerts localy using the \s-1NOALERT\s0 statement. ++This is useful for example when you have lot of services monitored, ++used the global alert statement, but don't want to receive alerts ++for some minor subset of services: ++.PP ++.Vb 1 ++\& noalert appadmin@bar ++.Ve ++.PP ++For example when you will place the noalert statement to the ++\&'check system', the given user won't receive the system related ++alerts (such as monit instance started/stopped/reloaded alert, ++system overloaded alert, etc.) but will receive the alerts for ++all other monitored services. ++.PP ++The following example will alert foo@bar on all events on all ++services by default, except the service mybar which will send an ++alert only on timeout. The trick is based on the fact that local ++definition of the same recipient overrides the global setting ++(including registered events and mail format): ++.PP ++.Vb 1 ++\& set alert foo@bar ++.Ve ++.PP ++.Vb 4 ++\& check process myfoo with pidfile /var/run/myfoo.pid ++\& ... ++\& check process mybar with pidfile /var/run/mybar.pid ++\& alert foo@bar only on { timeout } ++.Ve ++.PP ++The 'instance' alert type report events related to monit ++internals, such as when a monit instance was started, stopped or ++reloaded. ++.PP ++If the \s-1MTA\s0 (mailserver) for sending alerts is not available, ++monit \fIcan\fR queue events on the local file-system until the \s-1MTA\s0 ++recover. Monit will then post queued events in order with their ++original timestamp so the events are not lost. This feature is ++most useful if monit is used together with e.g. m/monit and when ++event history is important. ++.Sh "Alert message layout" ++.IX Subsection "Alert message layout" ++monit provides a default mail message layout that is short and to ++the point. Here's an example of a standard alert mail sent by ++monit: ++.PP ++.Vb 4 ++\& From: monit@tildeslash.com ++\& Subject: monit alert \-\- Does not exist apache ++\& To: hauk@tildeslash.com ++\& Date: Thu, 04 Sep 2003 02:33:03 +0200 ++.Ve ++.PP ++.Vb 1 ++\& Does not exist Service apache ++.Ve ++.PP ++.Vb 3 ++\& Date: Thu, 04 Sep 2003 02:33:03 +0200 ++\& Action: restart ++\& Host: www.tildeslash.com ++.Ve ++.PP ++.Vb 2 ++\& Your faithful employee, ++\& monit ++.Ve ++.PP ++If you want to, you can change the format of this message with ++the optional \fImail-format\fR statement. The syntax for this ++statement is as follows: ++.PP ++.Vb 7 ++\& mail\-format { ++\& from: monit@localhost ++\& subject: $SERVICE $EVENT at $DATE ++\& message: Monit $ACTION $SERVICE at $DATE on $HOST: $DESCRIPTION. ++\& Yours sincerely, ++\& monit ++\& } ++.Ve ++.PP ++Where the keyword \fIfrom:\fR is the email address monit should ++pretend it is sending from. It does not have to be a real mail ++address, but it must be a proper formated mail address, on the ++form: name@domain. The keyword \fIsubject:\fR is for the email ++subject line. The subject must be on only \fIone\fR line. The ++\&\fImessage:\fR keyword denotes the mail body. If used, this keyword ++should always be the last in a mail-format statement. The mail ++body can be as long as you want and must \fBnot\fR contain the '}' ++character. ++.PP ++All of these format keywords are optional but you must provide at ++least one. Thus if you only want to change the from address monit ++is using you can do: ++.PP ++.Vb 1 ++\& set alert foo@bar with mail\-format { from: bofh@bar.baz } ++.Ve ++.PP ++From the previous example you will notice that some special \f(CW$XXX\fR ++variables was used. If used, they will be substituted and ++expanded into the text with these values: ++.IP "* \fI$EVENT\fR" 4 ++.IX Item "$EVENT" ++.Vb 2 ++\& A string describing the event that occurred. The values are ++\& fixed and are: ++.Ve ++.Sp ++.Vb 19 ++\& Event: | Failure state: | Recovery state: ++\& \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- ++\& CHANGED | "Changed" | "Changed back" ++\& CHECKSUM | "Checksum failed" | "Checksum passed" ++\& CONNECTION| "Connection failed" | "Connection passed" ++\& DATA | "Data access error" | "Data access succeeded" ++\& EXEC | "Execution failed" | "Execution succeeded" ++\& GID | "GID failed" | "GID passed" ++\& ICMP | "ICMP failed" | "ICMP passed" ++\& INSTANCE | "Monit instance changed"| "Monit instance changed not" ++\& INVALID | "Invalid type" | "Type passed" ++\& MATCH | "Regex match" | "No regex match" ++\& NONEXIST | "Does not exist" | "Exists" ++\& PERMISSION| "Permission failed" | "Permission passed" ++\& RESOURCE | "Resource limit matched"| "Resource limit passed" ++\& SIZE | "Size failed" | "Size passed" ++\& TIMEOUT | "Timeout" | "Timeout recovery" ++\& TIMESTAMP | "Timestamp failed" | "Timestamp passed" ++\& UID | "UID failed" | "UID passed" ++.Ve ++.IP "* \fI$SERVICE\fR" 4 ++.IX Item "$SERVICE" ++.Vb 1 ++\& The service entry name in monitrc ++.Ve ++.IP "* \fI$DATE\fR" 4 ++.IX Item "$DATE" ++.Vb 1 ++\& The current time and date (RFC 822 date style). ++.Ve ++.IP "* \fI$HOST\fR" 4 ++.IX Item "$HOST" ++.Vb 1 ++\& The name of the host monit is running on ++.Ve ++.IP "* \fI$ACTION\fR" 4 ++.IX Item "$ACTION" ++.Vb 2 ++\& The name of the action which was done. Action names are fixed ++\& and are: ++.Ve ++.Sp ++.Vb 9 ++\& Action: | Name: ++\& \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- ++\& ALERT | "alert" ++\& EXEC | "exec" ++\& MONITOR | "monitor" ++\& RESTART | "restart" ++\& START | "start" ++\& STOP | "stop" ++\& UNMONITOR| "unmonitor" ++.Ve ++.IP "* \fI$DESCRIPTION\fR" 4 ++.IX Item "$DESCRIPTION" ++.Vb 1 ++\& The description of the error condition ++.Ve ++.Sh "Setting a global mail format" ++.IX Subsection "Setting a global mail format" ++It is possible to set a standard mail format with the ++following global set-statement (keywords are in capital): ++.IP "\s-1SET\s0 MAIL-FORMAT {mail\-format}" 4 ++.IX Item "SET MAIL-FORMAT {mail-format}" ++.PP ++Format set with this statement will apply to every alert ++statement that does \fInot\fR have its own specified mail\-format. ++This statement is most useful for setting a default from address ++for messages sent by monit, like so: ++.PP ++.Vb 1 ++\& set mail\-format { from: monit@foo.bar.no } ++.Ve ++.Sh "Setting a error reminder" ++.IX Subsection "Setting a error reminder" ++Monit by default sends just one error notification when the ++service failed and another one when it has recovered. If you want ++to be notified more then once in the case that the service ++remains failed, you can use the reminder option of alert ++statement (keywords are in capital): ++.IP "\s-1ALERT\s0 ... [\s-1WITH\s0] \s-1REMINDER\s0 [\s-1ON\s0] number [\s-1CYCLES\s0]" 4 ++.IX Item "ALERT ... [WITH] REMINDER [ON] number [CYCLES]" ++.PP ++For example if you want to be notified each tenth cycle when the ++service remains failed, you can use: ++.PP ++.Vb 1 ++\& alert foo@bar with reminder on 10 cycles ++.Ve ++.PP ++If you want to be notified on each failed cycle, you can use: ++.PP ++.Vb 1 ++\& alert foo@bar with reminder on 1 cycle ++.Ve ++.Sh "Setting a mail server for alert messages" ++.IX Subsection "Setting a mail server for alert messages" ++The mail server monit should use to send alert messages is ++defined with a global set statement (keywords are in capital and ++optional statements in [brackets]): ++.PP ++.Vb 2 ++\& SET MAILSERVER {host name [PORT port]|ip\-address [PORT port]}+ ++\& [with TIMEOUT X SECONDS] ++.Ve ++.PP ++The port statement allows to use \s-1SMTP\s0 servers other then those ++listening on port 25. If omitted, port 25 is used for the ++connection. ++.PP ++As you can see, it is possible to set several \s-1SMTP\s0 servers. If ++monit cannot connect to the first server in the list it will try ++the second server and so on. Monit has a default 5 seconds ++connection timeout and if the \s-1SMTP\s0 server is slow, monit could ++timeout when connecting or reading from the server. You can use ++the optional timeout statement to explicit set the timeout to a ++higher value if needed. Here is an example for setting several ++mail servers: ++.PP ++.Vb 2 ++\& set mailserver mail.tildeslash.com, mail.foo.bar port 10025, ++\& localhost with timeout 15 seconds ++.Ve ++.PP ++Here monit will first try to connect to the server ++\&\*(L"mail.tildeslash.com\*(R", if this server is down monit will try ++\&\*(L"mail.foo.bar\*(R" on port 10025 and finally \*(L"localhost\*(R". We do also ++set an explicit connect and read timeout; If monit cannot connect ++to the first \s-1SMTP\s0 server in the list within 15 seconds it will ++try the next server and so on. The \fIset mailserver ..\fR statement ++is optional and if not defined monit defaults to use localhost as ++the \s-1SMTP\s0 server. ++.Sh "Event queue" ++.IX Subsection "Event queue" ++Monit provide optionally queueing of event alerts that cannot be ++sent. For example, if no mail-server is available at the moment, ++monit can store events in a queue and try to reprocess them at ++the next cycle. As soon as the mail-server recover, monit will ++post the queued events. The queue is persistent across monit ++restarts and provided that the back-end filesystem is persistent ++too, across system restart as well. ++.PP ++By default, the queue is disabled and if the alert handler fails, ++monit will simply drop the alert message. To enable the event ++queue, add the following statement to the monit control file: ++.PP ++.Vb 1 ++\& SET EVENTQUEUE BASEDIR <path> [SLOTS <number>] ++.Ve ++.PP ++The <path> is the path to the directory where events will be ++stored. Optionally if you want to limit the queue size (maximum ++events count), use the slots option. If the slots option is not ++used, monit will store as many events as the backend filesystem ++allows. ++.PP ++Example: ++.PP ++.Vb 3 ++\& set eventqueue ++\& basedir /var/monit ++\& slots 5000 ++.Ve ++.PP ++The events are stored in binary format, one file per event. The ++file size is ca. 130 bytes or a bit more (depending on the ++message length). The file name is composed of the unix timestamp, ++underscore and the service name, for example: ++.PP ++.Vb 1 ++\& /var/monit/1131269471_apache ++.Ve ++.PP ++If you are running more then one monit instance on the same ++machine, you \fBmust\fR use separated event queue directories to ++avoid sending wrong alerts to the wrong addresses. ++.PP ++If you want to purge the queue by hand (remove queued ++event\-files), monit should be stopped before the removal. ++.SH "SERVICE TIMEOUT" ++.IX Header "SERVICE TIMEOUT" ++\&\fBmonit\fR provides a service timeout mechanism for situations ++where a service simply refuses to start or respond over a longer ++period. In cases like this, and particularly if monit's poll-cycle ++is low, monit will simply increase the machine load by trying to ++restart the service. ++.PP ++The timeout mechanism monit provides is based on two variables, ++i.e. the number the service has been started and the number of ++poll\-cycles. For example, if a service had \fIx\fR restarts within ++\&\fIy\fR poll-cycles (where \fIx\fR <= \fIy\fR) then monit will timeout and ++not (re)start the service on the next cycle. If a timeout occurs ++monit will send you an alert message if you have register ++interest for this event. ++.PP ++The syntax for the timeout statement is as follows (keywords ++are in capital): ++.IP "\s-1IF\s0 \s-1NUMBER\s0 \s-1RESTART\s0 \s-1NUMBER\s0 \s-1CYCLE\s0(S) \s-1THEN\s0 \s-1TIMEOUT\s0" 4 ++.IX Item "IF NUMBER RESTART NUMBER CYCLE(S) THEN TIMEOUT" ++.PP ++Where the first number is the number of service restarts and the ++second, the number of poll\-cycles. If the number of cycles was ++reached without a timeout, the service start-counter is reset to ++zero. This provides some granularity to catch exceptional cases ++and do a service timeout, but let occasional service start and ++restarts happen without having an accumulated timeout. ++.PP ++Here is an example where monit will timeout (not check the ++service) if the service was restarted 2 times within 3 cycles: ++.PP ++.Vb 1 ++\& if 2 restarts within 3 cycles then timeout ++.Ve ++.PP ++To have monit check the service again after a timeout, run 'monit ++monitor service' from the command line. This will remove the ++timeout lock in the daemon and make the daemon start and check ++the service again. ++.SH "SERVICE TESTS" ++.IX Header "SERVICE TESTS" ++Monit provides several tests you may utilize in a service entry ++to test a service. Basically here are two classes of tests: ++variable and constant object tests. ++.PP ++Constant object tests are related to failed/passed state. In the ++case of error, monit will watch whether the failed parameter will ++recover \- in such case it will handle recovery related ++action. General format: ++.IP "\s-1IF\s0 <\s-1TEST\s0> [[<X>] [\s-1TIMES\s0 \s-1WITHIN\s0] <Y> \s-1CYCLES\s0] \s-1THEN\s0 \s-1ACTION\s0 [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[<X>] [\s-1TIMES\s0 \s-1WITHIN\s0] <Y> \s-1CYCLES\s0] \s-1THEN\s0 \s-1ACTION\s0]" 4 ++.IX Item "IF <TEST> [[<X>] [TIMES WITHIN] <Y> CYCLES] THEN ACTION [ELSE IF PASSED [[<X>] [TIMES WITHIN] <Y> CYCLES] THEN ACTION]" ++.PP ++For constant object tests if the <\s-1TEST\s0> should validate to true, ++then the selected action is executed each cycle the condition ++remains true. The value for comparison is constant. Recovery ++action is evaluated only once (on failed\->passed state change ++only). The '\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0' part is optional \- if omitted, ++monit will do alert action on recovery by default. The alert is ++delivered only once on each state change unless overridden by ++\&'reminder' alert option. ++.PP ++Variable object tests begins with '\s-1IF\s0 \s-1CHANGED\s0' statement and ++serves for monitoring of object, which property can change legally ++\&\- monit watches whether the value will change again. You can use ++it just for alert or to involve some automatic action, as for ++example to reload monitored process after its configuration file ++was changed. Variable tests are supported for 'checksum', ++\&'size', 'pid, 'ppid' and 'timestamp' tests only, if you consider ++that other tests can be useful in variable form too, please let ++us know. ++.IP "\s-1IF\s0 \s-1CHANGED\s0 <\s-1TEST\s0> [[<X>] [\s-1TIMES\s0 \s-1WITHIN\s0] <Y> \s-1CYCLES\s0] \s-1THEN\s0 \s-1ACTION\s0" 4 ++.IX Item "IF CHANGED <TEST> [[<X>] [TIMES WITHIN] <Y> CYCLES] THEN ACTION" ++.PP ++For variable object tests if the <\s-1TEST\s0> should validate to true, ++then the selected action is executed once and monit will watch ++for another change. The value for comparison is a variable where ++the last result becomes the actual value, which is compared in ++future cycles. The alert is delivered each time the condition ++becomes true. ++.PP ++You can restrict the event ratio needed to change the state: ++.IP "... [[<X>] [\s-1TIMES\s0 \s-1WITHIN\s0] <Y> \s-1CYCLES\s0] ..." 4 ++.IX Item "... [[<X>] [TIMES WITHIN] <Y> CYCLES] ..." ++.PP ++This part is optional and is supported by all testing rules. ++It defines how many event occurrences during how many cycles ++are needed to trigger the following action. You can use it ++in several ways \- the core syntax is: ++.PP ++.Vb 1 ++\& [<X>] <Y> CYCLES ++.Ve ++.PP ++It is possible to use filling words which give the rule better ++first-sight sense. You can use any filling words such as: \s-1FOR\s0, ++\&\s-1TIMES\s0, \s-1WITHIN\s0, thus for example: ++.PP ++.Vb 1 ++\& if failed port 80 for 3 times within 5 cycles then alert ++.Ve ++.PP ++or ++.PP ++.Vb 1 ++\& if failed port 80 for 10 cycles then unmonitor ++.Ve ++.PP ++When you don't specify the <X>, it equals to <Y> by default, ++thus the rule applies when <Y> consecutive cycles of inverse ++event occurred (relatively to the current service state). ++.PP ++When you omit it at all, monit will by default change state ++on first inverse event, which is equivalent to this notation: ++.PP ++.Vb 1 ++\& 1 times within 1 cycles ++.Ve ++.PP ++It is possible to use this option for failed, passed/recovered ++or changed rules. More complex examples: ++.PP ++.Vb 7 ++\& check device rootfs with path /dev/hda1 ++\& if space usage > 80% 5 times within 15 cycles ++\& then alert ++\& else if passed for 10 cycles then alert ++\& if space usage > 90% for 5 cycles then ++\& exec '/try/to/free/the/space' ++\& if space usage > 99% then exec '/stop/processess' ++.Ve ++.PP ++Note that the maximal cycles count which can be used in the rule ++is limited by the size of 'long long' data type on your platform. ++This provides 64 cycles on usual platforms currently. In the case ++that you use unsupported value, the configuration parser will ++tell you the limits during monit startup. ++.PP ++You must select an action to be executed from this list: ++.IP "\(bu" 4 ++\&\fB\s-1ALERT\s0\fR sends the user an alert event on each state change (for ++constant object tests) or on each change (for variable object ++tests). ++.IP "\(bu" 4 ++\&\fB\s-1RESTART\s0\fR restarts the service \fIand\fR sends an alert. Restart is ++conducted by first calling the service's registered stop method ++and then the service's start method. ++.IP "\(bu" 4 ++\&\fB\s-1START\s0\fR starts the service by calling the service's registered ++start method \fIand\fR send an alert. ++.IP "\(bu" 4 ++\&\fB\s-1STOP\s0\fR stops the service by calling the service's registered ++stop method \fIand\fR send an alert. If monit stops a service it ++will not be checked by monit anymore nor restarted again ++later. To reactivate monitoring of the service again you must ++explicitly enable monitoring from the web interface or from the ++console, e.g. 'monit monitor apache'. ++.IP "\(bu" 4 ++\&\fB\s-1EXEC\s0\fR may be used to execute an arbitrary program \fIand\fR send ++an alert. If you choose this action you must state the program to ++be executed and if the program require arguments you must enclose ++the program and its arguments in a quoted string. You may ++optionally specify the uid and gid the executed program should ++switch to upon start. For instance: ++.Sp ++.Vb 2 ++\& exec "/usr/local/tomcat/bin/startup.sh" ++\& as uid nobody and gid nobody ++.Ve ++.Sp ++This may be useful if the program to be started cannot change to ++a lesser privileged user and group. This is typically needed for ++Java Servers. Remember, if monit is run by the superuser, then ++all programs executed by monit will be started with superuser ++privileges unless the uid and gid extension was used. ++.IP "\(bu" 4 ++\&\fB\s-1MONITOR\s0\fR will enable monitoring of the service \fIand\fR send ++an alert. ++.IP "\(bu" 4 ++\&\fB\s-1UNMONITOR\s0\fR will disable monitoring of the service \fIand\fR send ++an alert. The service will not be checked by monit anymore nor ++restarted again later. To reactivate monitoring of the service ++you must explicitly enable monitoring from monit's web interface ++or from the console using the monitor argument. ++.Sh "\s-1RESOURCE\s0 \s-1TESTING\s0" ++.IX Subsection "RESOURCE TESTING" ++Monit can examine how much system resources a services are ++using. This test may only be used within a system or process ++service entry in the monit control file. ++.PP ++Depending on the system or process characteristics, services ++can be stopped or restarted and alerts can be generated. Thus ++it is possible to utilize systems which are idle and to spare ++system under high load. ++.PP ++The full syntax for the resource-statements used for resource ++testing is as follows (keywords are in capital and optional ++statements in [brackets]), ++.IP "\s-1IF\s0 resource operator value [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 ++.IX Item "IF resource operator value [[<X>] <Y> CYCLES] THEN action [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]" ++.PP ++\&\fIresource\fR is a choice of \*(L"\s-1CPU\s0\*(R", \*(L"\s-1CPU\s0([user|system|wait])\*(R", ++\&\*(L"\s-1MEMORY\s0\*(R", \*(L"\s-1CHILDREN\s0\*(R", \*(L"\s-1TOTALMEMORY\s0\*(R", \*(L"\s-1LOADAVG\s0([1min|5min|15min])\*(R". ++Some resources can be used inside of system service container, ++some in process service container and some in both: ++.PP ++System only resource tests: ++.PP ++\&\s-1CPU\s0([user|system|wait]) is the percent of time that the system ++spend in user or system/kernel space. Some systems such as linux ++2.6 supports 'wait' indicator as well. ++.PP ++Process only resource tests: ++.PP ++\&\s-1CPU\s0 is the \s-1CPU\s0 usage of the process and its children in ++parts of hundred (percent). ++.PP ++\&\s-1CHILDREN\s0 is the number of child processes of the process. ++.PP ++\&\s-1TOTALMEMORY\s0 is the memory usage of the process and its child ++processes in either percent or as an amount (Byte, kB, \s-1MB\s0, \s-1GB\s0). ++.PP ++System and process resource tests: ++.PP ++\&\s-1MEMORY\s0 is the memory usage of the system or in the process context ++of the process without its child processes in either percent ++(of the systems total) or as an amount (Byte, kB, \s-1MB\s0, \s-1GB\s0). ++.PP ++\&\s-1LOADAVG\s0([1min|5min|15min]) refers to the system's load average. ++The load average is the number of processes in the system run ++queue, averaged over the specified time period. ++.PP ++\&\fIoperator\fR is a choice of \*(L"<\*(R", \*(L">\*(R", \*(L"!=\*(R", \*(L"==\*(R" in C notation, ++\&\*(L"gt\*(R", \*(L"lt\*(R", \*(L"eq\*(R", \*(L"ne\*(R" in shell sh notation and \*(L"greater\*(R", ++\&\*(L"less\*(R", \*(L"equal\*(R", \*(L"notequal\*(R" in human readable form (if not ++specified, default is \s-1EQUAL\s0). ++.PP ++\&\fIvalue\fR is either an integer or a real number (except for ++\&\s-1CHILDREN\s0). For \s-1CPU\s0, \s-1MEMORY\s0 and \s-1TOTALMEMORY\s0 you need to specify a ++\&\fIunit\fR. This could be \*(L"%\*(R" or if applicable \*(L"B\*(R" (Byte), \*(L"kB\*(R" ++(1024 Byte), \*(L"\s-1MB\s0\*(R" (1024 KiloByte) or \*(L"\s-1GB\s0\*(R" (1024 MegaByte). ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.PP ++To calculate the cycles, a counter is raised whenever the ++expression above is true and it is lowered whenever it is false ++(but not below 0). All counters are reset in case of a restart. ++.PP ++The following is an example to check that the \s-1CPU\s0 usage of a ++service is not going beyond 50% during five poll cycles. If it ++does, monit will restart the service: ++.PP ++.Vb 1 ++\& if cpu is greater than 50% for 5 cycles then restart ++.Ve ++.PP ++See also the example section below. ++.Sh "\s-1FILE\s0 \s-1CHECKSUM\s0 \s-1TESTING\s0" ++.IX Subsection "FILE CHECKSUM TESTING" ++The checksum statement may only be used in a file service ++entry. If specified in the control file, monit will compute ++a md5 or sha1 checksum for a file. ++.PP ++The checksum test in constant form is used to verify that a ++file does not change. Syntax (keywords are in capital): ++.IP "\s-1IF\s0 \s-1FAILED\s0 [MD5|SHA1] \s-1CHECKSUM\s0 [\s-1EXPECT\s0 checksum] [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 ++.IX Item "IF FAILED [MD5|SHA1] CHECKSUM [EXPECT checksum] [[<X>] <Y> CYCLES] THEN action [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]" ++.PP ++The checksum test in variable form is used to watch for ++file changes. Syntax (keywords are in capital): ++.IP "\s-1IF\s0 \s-1CHANGED\s0 [MD5|SHA1] \s-1CHECKSUM\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action" 4 ++.IX Item "IF CHANGED [MD5|SHA1] CHECKSUM [[<X>] <Y> CYCLES] THEN action" ++.PP ++The choice of \s-1MD5\s0 or \s-1SHA1\s0 is optional. \s-1MD5\s0 features a 256 bit ++and \s-1SHA1\s0 a 320 bit checksum. If this option is omitted monit ++tries to guess the method from the \s-1EXPECT\s0 string or uses \s-1MD5\s0 as ++default. ++.PP ++\&\fIexpect\fR is optional and if used it specifies a md5 or sha1 ++string monit should expect when testing a file's checksum. If ++\&\fIexpect\fR is used, monit will not compute an initial checksum for ++the file, but instead use the string you submit. For example: ++.PP ++.Vb 3 ++\& if failed checksum and ++\& expect the sum 8f7f419955cefa0b33a2ba316cba3659 ++\& then alert ++.Ve ++.PP ++You can, for example, use the \s-1GNU\s0 utility \fI\fImd5sum\fI\|(1)\fR or ++\&\fI\fIsha1sum\fI\|(1)\fR to create a checksum string for a file and ++use this string in the expect\-statement. ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.PP ++The checksum statement in variable form may be used to check a ++file for changes and if changed, do a specified action. For ++instance to reload a server if its configuration file was ++changed. The following illustrate this for the apache web server: ++.PP ++.Vb 3 ++\& check file httpd.conf path /usr/local/apache/conf/httpd.conf ++\& if changed sha1 checksum ++\& then exec "/usr/local/apache/bin/apachectl graceful" ++.Ve ++.PP ++If you plan to use the checksum statement for security reasons, ++(a very good idea, by the way) and to monitor a file or files ++which should not change, then please use constant form and also ++read the \s-1DEPENDENCY\s0 \s-1TREE\s0 section below to see a detailed example ++on how to do this properly. ++.PP ++Monit can also test the checksum for files on a remote host via ++the \s-1HTTP\s0 protocol. See the \s-1CONNECTION\s0 \s-1TESTING\s0 section below. ++.Sh "\s-1TIMESTAMP\s0 \s-1TESTING\s0" ++.IX Subsection "TIMESTAMP TESTING" ++The timestamp statement may only be used in a file, fifo or directory ++service entry. ++.PP ++The timestamp test in constant form is used to verify various ++timestamp conditions. Syntax (keywords are in capital): ++.IP "\s-1IF\s0 \s-1TIMESTAMP\s0 [[operator] value [unit]] [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 ++.IX Item "IF TIMESTAMP [[operator] value [unit]] [[<X>] <Y> CYCLES] THEN action [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]" ++.PP ++The timestamp statement in variable form is simply to test an ++existing file or directory for timestamp changes and if changed, ++execute an action. Syntax (keywords are in capital): ++.IP "\s-1IF\s0 \s-1CHANGED\s0 \s-1TIMESTAMP\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action" 4 ++.IX Item "IF CHANGED TIMESTAMP [[<X>] <Y> CYCLES] THEN action" ++.PP ++\&\fIoperator\fR is a choice of \*(L"<\*(R", \*(L">\*(R", \*(L"!=\*(R", \*(L"==\*(R" in C notation, ++\&\*(L"\s-1GT\s0\*(R", \*(L"\s-1LT\s0\*(R", \*(L"\s-1EQ\s0\*(R", \*(L"\s-1NE\s0\*(R" in shell sh notation and \*(L"\s-1GREATER\s0\*(R", ++\&\*(L"\s-1LESS\s0\*(R", \*(L"\s-1EQUAL\s0\*(R", \*(L"\s-1NOTEQUAL\s0\*(R" in human readable form (if not ++specified, default is \s-1EQUAL\s0). ++.PP ++\&\fIvalue\fR is a time watermark. ++.PP ++\&\fIunit\fR is either \*(L"\s-1SECOND\s0\*(R", \*(L"\s-1MINUTE\s0\*(R", \*(L"\s-1HOUR\s0\*(R" or \*(L"\s-1DAY\s0\*(R" (it is also ++possible to use \*(L"\s-1SECONDS\s0\*(R", \*(L"\s-1MINUTES\s0\*(R", \*(L"\s-1HOURS\s0\*(R", or \*(L"\s-1DAYS\s0\*(R"). ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.PP ++The variable timestamp statement is useful for checking a file ++for changes and then execute an action. This version was written ++particularly with configuration files in mind. For instance, if ++you monitor the apache web server you can use this statement to ++reload apache if the \fIhttpd.conf\fR (apache's configuration file) ++was changed. Like so: ++.PP ++.Vb 3 ++\& check file httpd.conf with path /usr/local/apache/conf/httpd.conf ++\& if changed timestamp ++\& then exec "/usr/local/apache/bin/apachectl graceful" ++.Ve ++.PP ++The constant timestamp version is useful for monitoring systems ++able to report its state by changing the timestamp of certain ++state files. For instance the \fIiPlanet Messaging server stored ++process\fR system updates the timestamp of: ++.PP ++.Vb 3 ++\& o stored.ckp ++\& o stored.lcu ++\& o stored.per ++.Ve ++.PP ++If a task should fail, the system keeps the timestamp. To report ++stored problems you can use the following statements: ++.PP ++.Vb 2 ++\& check file stored.ckp with path /msg\-foo/config/stored.ckp ++\& if timestamp > 1 minute then alert ++.Ve ++.PP ++.Vb 2 ++\& check file stored.lcu with path /msg\-foo/config/stored.lcu ++\& if timestamp > 5 minutes then alert ++.Ve ++.PP ++.Vb 2 ++\& check file stored.per with path /msg\-foo/config/stored.per ++\& if timestamp > 1 hour then alert ++.Ve ++.PP ++As mentioned above, you can also use the timestamp statement for ++monitoring directories for changes. If files are added or removed ++from a directory, its timestamp is changed: ++.PP ++.Vb 2 ++\& check directory mydir path /foo/directory ++\& if timestamp > 1 hour then alert ++.Ve ++.PP ++or ++.PP ++.Vb 2 ++\& check directory myotherdir path /foo/secure/directory ++\& if timestamp < 1 hour then alert ++.Ve ++.PP ++The following example is a hack for restarting a process after a ++certain time. Sometimes this is a necessary workaround for some ++third-party applications, until the vendor fix a problem: ++.PP ++.Vb 3 ++\& check file server.pid path /var/run/server.pid ++\& if timestamp > 7 days ++\& then exec "/usr/local/server/restart\-server" ++.Ve ++.Sh "\s-1FILE\s0 \s-1SIZE\s0 \s-1TESTING\s0" ++.IX Subsection "FILE SIZE TESTING" ++The size statement may only be used in a file service entry. ++If specified in the control file, monit will compute a size ++for a file. ++.PP ++The size test in constant form is used to verify various ++size conditions. Syntax (keywords are in capital): ++.IP "\s-1IF\s0 \s-1SIZE\s0 [[operator] value [unit]] [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 ++.IX Item "IF SIZE [[operator] value [unit]] [[<X>] <Y> CYCLES] THEN action [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]" ++.PP ++The size statement in variable form is simply to test an existing ++file for size changes and if changed, execute an action. Syntax ++(keywords are in capital): ++.IP "\s-1IF\s0 \s-1CHANGED\s0 \s-1SIZE\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action" 4 ++.IX Item "IF CHANGED SIZE [[<X>] <Y> CYCLES] THEN action" ++.PP ++\&\fIoperator\fR is a choice of \*(L"<\*(R", \*(L">\*(R", \*(L"!=\*(R", \*(L"==\*(R" in C notation, ++\&\*(L"\s-1GT\s0\*(R", \*(L"\s-1LT\s0\*(R", \*(L"\s-1EQ\s0\*(R", \*(L"\s-1NE\s0\*(R" in shell sh notation and \*(L"\s-1GREATER\s0\*(R", ++\&\*(L"\s-1LESS\s0\*(R", \*(L"\s-1EQUAL\s0\*(R", \*(L"\s-1NOTEQUAL\s0\*(R" in human readable form (if not ++specified, default is \s-1EQUAL\s0). ++.PP ++\&\fIvalue\fR is a size watermark. ++.PP ++\&\fIunit\fR is a choice of \*(L"B\*(R",\*(L"\s-1KB\s0\*(R",\*(L"\s-1MB\s0\*(R",\*(L"\s-1GB\s0\*(R" or long alternatives ++\&\*(L"byte\*(R", \*(L"kilobyte\*(R", \*(L"megabyte\*(R", \*(L"gigabyte\*(R". If it is not ++specified, \*(L"byte\*(R" unit is assumed by default. ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.PP ++The variable size test form is useful for checking a file for ++changes and send an alert or execute an action. Monit will ++register the size of the file at startup and monitor the file for ++changes. As soon as the value changed, monit will do specified ++action, reset the registered value to new result and continue to ++monitor, whether the size changed again. ++.PP ++One example of use for this statement is to conduct security ++checks, for instance: ++.PP ++.Vb 2 ++\& check file su with path /bin/su ++\& if changed size then exec "/sbin/ifconfig eth0 down" ++.Ve ++.PP ++which will \*(L"cut the cable\*(R" and stop a possible intruder from ++compromising the system further. This test is just one of many ++you may use to increase the security awareness on a system. If ++you plan to use monit for security reasons we recommend that you ++use this test in combination with other supported tests like ++checksum, timestamp, and so on. ++.PP ++The constant size test form may be useful in similar or different ++contexts. It can, for instance, be used to test if a certain file ++size was exceeded and then alert you or monit may execute a ++certain action specified by you. An example is to use this ++statement to rotate log files after they have reached a certain ++size or to check that a database file does not grow beyond a ++specified threshold. ++.PP ++To rotate a log file: ++.PP ++.Vb 3 ++\& check file myapp.log with path /var/log/myapp.log ++\& if size > 50 MB then ++\& exec "/usr/local/bin/rotate /var/log/myapp.log myapp" ++.Ve ++.PP ++where /usr/local/bin/rotate may be a simple script, such as: ++.PP ++.Vb 3 ++\& #/bin/bash ++\& /bin/mv $1 $1.`date +%y\-%m\-%d` ++\& /usr/bin/pkill \-HUP $2 ++.Ve ++.PP ++Or you may use this statement to trigger the \fIlogrotate\fR\|(8) ++program, to do an \*(L"emergency\*(R" rotate. Or to send an alert if a ++file becomes a known bottleneck if it grows behind a certain size ++because of limits in a database engine: ++.PP ++.Vb 2 ++\& check file mydb with path /data/mydatabase.db ++\& if size > 1 GB then alert ++.Ve ++.PP ++This is a more restrictive form of the first example where the ++size is explicitly defined (note that the real su size is system ++dependent): ++.PP ++.Vb 2 ++\& check file su with path /bin/su ++\& if size != 95564 then exec "/sbin/ifconfig eth0 down" ++.Ve ++.Sh "\s-1FILE\s0 \s-1CONTENT\s0 \s-1TESTING\s0" ++.IX Subsection "FILE CONTENT TESTING" ++The match statement allows you to test the content of a text ++file by using regular expressions. This is a great feature if ++you need to periodically test files, such as log files, for ++certain patterns. If a pattern match, monit defaults to ++raise an alert, other actions are also possible. ++.PP ++The syntax (keywords in capital) for using this function is: ++.IP "\s-1IF\s0 [\s-1NOT\s0] \s-1MATCH\s0 {regex|path} [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action" 4 ++.IX Item "IF [NOT] MATCH {regex|path} [[<X>] <Y> CYCLES] THEN action" ++.PP ++\&\fIregex\fR is a string containing the extended regular expression. ++See also \fIregex\fR\|(7). ++.PP ++\&\fIpath\fR is an absolute path to a file containing extended ++regular expression on every line. See also \fIregex\fR\|(7). ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.PP ++You can use the \fI\s-1NOT\s0\fR statement to invert a match. ++.PP ++The content is only being checked every cycle. If content is ++being added and removed between two checks they are unnoticed. ++.PP ++On startup the read position is set to the end of the file ++and monit continue to scan to the end of file on each cycle. ++But if the file size should decrease or inode change the read ++position is set to the start of the file. ++.PP ++Only lines ending with a newline character are inspected. Thus, ++lines are being ignored until they have been completed with this ++character. Also note that only the first 511 characters of a ++line are inspected. ++.IP "\s-1IGNORE\s0 [\s-1NOT\s0] \s-1MATCH\s0 {regex|path}" 4 ++.IX Item "IGNORE [NOT] MATCH {regex|path}" ++.PP ++Lines matching an \fI\s-1IGNORE\s0\fR are not inspected during later ++evaluations. \fI\s-1IGNORE\s0 \s-1MATCH\s0\fR has always precedence over ++\&\fI\s-1IF\s0 \s-1MATCH\s0\fR. ++.PP ++All \fI\s-1IGNORE\s0 \s-1MATCH\s0\fR statements are evaluated first, in the ++order of their appearance. Thereafter, all the \fI\s-1IF\s0 \s-1MATCH\s0\fR ++statements are evaluated. ++.PP ++A real life example might look like this: ++.PP ++.Vb 7 ++\& check file syslog with path /var/log/syslog ++\& ignore match ++\& "^\ew{3} [ :0\-9]{11} [._[:alnum:]\-]+ monit\e[[0\-9]+\e]:" ++\& ignore match /etc/monit/ignore.regex ++\& if match ++\& "^\ew{3} [ :0\-9]{11} [._[:alnum:]\-]+ mrcoffee\e[[0\-9]+\e]:" ++\& if match /etc/monit/active.regex then alert ++.Ve ++.Sh "\s-1FILESYSTEM\s0 \s-1FLAGS\s0 \s-1TESTING\s0" ++.IX Subsection "FILESYSTEM FLAGS TESTING" ++monit tests the filesystem flags of devices for change. This ++test is implicit and monit will send alert in the case of ++failure by default. ++.PP ++You may override the default action using below rule (it may only ++be used within a device service entry in the monit control file). ++.PP ++This test is useful for detecting changes of the filesystem flags ++such as when the filesystem became read-only based on disk errors ++or the mount flags were changed (such as nosuid). Each platform ++provides different flags set. \s-1POSIX\s0 defined the \s-1RDONLY\s0 and \s-1NOSUID\s0 ++flags which should work on all platforms. Some platforms (such as ++FreeBSD) present another flags in addition. ++.PP ++The syntax for the fsflags statement is: ++.IP "\s-1IF\s0 \s-1CHANGED\s0 \s-1FSFLAGS\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action" 4 ++.IX Item "IF CHANGED FSFLAGS [[<X>] <Y> CYCLES] THEN action" ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.PP ++Example: ++.PP ++.Vb 3 ++\& check device rootfs with path / ++\& if changed fsflags then exec "/my/script" ++\& alert root@localhost ++.Ve ++.Sh "\s-1SPACE\s0 \s-1TESTING\s0" ++.IX Subsection "SPACE TESTING" ++Monit can test devices/file systems and check for space ++usage. This test may only be used within a device service entry ++in the monit control file. ++.PP ++Monit will check a device's total space usage. If you only want ++to check available space for non\-superuser, you must set the ++watermark appropriately (i.e. total space minus reserved blocks ++for the superuser). ++.PP ++You can obtain (and set) the superuser's reserved blocks size, ++for example by using the tune2fs utility on Linux. On Linux 5% of ++available blocks are reserved for the superuser by default. To ++list the reserved blocks for the superuser: ++.PP ++.Vb 4 ++\& [root@berry monit]# tune2fs \-l /dev/hda1| grep "Reserved block" ++\& Reserved block count: 319994 ++\& Reserved blocks uid: 0 (user root) ++\& Reserved blocks gid: 0 (group root) ++.Ve ++.PP ++On solaris 10% of the blocks are reserved. You can also use ++tunefs on solaris to change values on a live filesystem. ++.PP ++The full syntax for the space statement is: ++.IP "\s-1IF\s0 \s-1SPACE\s0 operator value unit [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 ++.IX Item "IF SPACE operator value unit [[<X>] <Y> CYCLES] THEN action [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]" ++.PP ++\&\fIoperator\fR is a choice of \*(L"<\*(R",\*(L">\*(R",\*(L"!=\*(R",\*(L"==\*(R" in c notation, \*(L"gt\*(R", ++\&\*(L"lt\*(R", \*(L"eq\*(R", \*(L"ne\*(R" in shell sh notation and \*(L"greater\*(R", \*(L"less\*(R", ++\&\*(L"equal\*(R", \*(L"notequal\*(R" in human readable form (if not specified, ++default is \s-1EQUAL\s0). ++.PP ++\&\fIunit\fR is a choice of \*(L"B\*(R",\*(L"\s-1KB\s0\*(R",\*(L"\s-1MB\s0\*(R",\*(L"\s-1GB\s0\*(R", \*(L"%\*(R" or long ++alternatives \*(L"byte\*(R", \*(L"kilobyte\*(R", \*(L"megabyte\*(R", \*(L"gigabyte\*(R", ++\&\*(L"percent\*(R". ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.Sh "\s-1INODE\s0 \s-1TESTING\s0" ++.IX Subsection "INODE TESTING" ++If supported by the file\-system, you can use monit to test for ++inodes usage. This test may only be used within a device service ++entry in the monit control file. ++.PP ++If the device becomes unavailable, monit will call the entry's ++registered start method, if it is defined and if monit is running ++in active mode. If monit runs in passive mode or the start ++methods is not defined, monit will just send an error alert. ++.PP ++The syntax for the inode statement is: ++.IP "\s-1IF\s0 \s-1INODE\s0(S) operator value [unit] [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 ++.IX Item "IF INODE(S) operator value [unit] [[<X>] <Y> CYCLES] THEN action [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]" ++.PP ++\&\fIoperator\fR is a choice of \*(L"<\*(R",\*(L">\*(R",\*(L"!=\*(R",\*(L"==\*(R" in c notation, \*(L"gt\*(R", ++\&\*(L"lt\*(R", \*(L"eq\*(R", \*(L"ne\*(R" in shell sh notation and \*(L"greater\*(R", \*(L"less\*(R", ++\&\*(L"equal\*(R", \*(L"notequal\*(R" in human readable form (if not specified, ++default is \s-1EQUAL\s0). ++.PP ++\&\fIunit\fR is optional. If not specified, the value is an absolute ++count of inodes. You can use the \*(L"%\*(R" character or the longer ++alternative \*(L"percent\*(R" as a unit. ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.Sh "\s-1PERMISSION\s0 \s-1TESTING\s0" ++.IX Subsection "PERMISSION TESTING" ++Monit can monitor the permissions. This test may only be used ++within a file, fifo, directory or device service entry in the ++monit control file. ++.PP ++The syntax for the permission statement is: ++.IP "\s-1IF\s0 \s-1FAILED\s0 \s-1PERM\s0(\s-1ISSION\s0) octalnumber [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 ++.IX Item "IF FAILED PERM(ISSION) octalnumber [[<X>] <Y> CYCLES] THEN action [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]" ++.PP ++\&\fIoctalnumber\fR defines permissions for a file, a directory or a ++device. ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.PP ++The web interface will show a permission warning if the test ++failed. ++.PP ++We recommend that you use the \s-1UNMONITOR\s0 action in a permission ++statement. The rationale for this feature is security and that ++monit does not start a possible cracked program or ++script. Example: ++.PP ++.Vb 3 ++\& check file monit.bin with path "/usr/local/bin/monit" ++\& if failed permission 0555 then unmonitor ++\& alert foo@bar ++.Ve ++.PP ++If the test fails, monit will simply send an alert and stop ++monitoring the file and propagate an unmonitor action upward in ++a depend tree. ++.Sh "\s-1UID\s0 \s-1TESTING\s0" ++.IX Subsection "UID TESTING" ++monit can monitor the owner user id (uid). This test may only be ++used within a file, fifo, directory or device service entry in ++the monit control file. ++.PP ++The syntax for the uid statement is: ++.IP "\s-1IF\s0 \s-1FAILED\s0 \s-1UID\s0 user [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 ++.IX Item "IF FAILED UID user [[<X>] <Y> CYCLES] THEN action [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]" ++.PP ++\&\fIuser\fR defines a user id either in numeric or in string form. ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.PP ++The web interface will show a uid warning if the test should ++fail. ++.PP ++We recommend that you use the \s-1UNMONITOR\s0 action in a uid ++statement. The rationale for this feature is security and that ++monit does not start a possible cracked program or ++script. Example: ++.PP ++.Vb 3 ++\& check file passwd with path /etc/passwd ++\& if failed uid root then unmonitor ++\& alert root@localhost ++.Ve ++.PP ++If the test fails, monit will simply send an alert and stop ++monitoring the file and propagate an unmonitor action upward in ++a depend tree. ++.Sh "\s-1GID\s0 \s-1TESTING\s0" ++.IX Subsection "GID TESTING" ++monit can monitor the owner group id (gid). This test may only ++be used within a file, fifo, directory or device service entry ++in the monit control file. ++.PP ++The syntax for the gid statement is: ++.IP "\s-1IF\s0 \s-1FAILED\s0 \s-1GID\s0 user [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 ++.IX Item "IF FAILED GID user [[<X>] <Y> CYCLES] THEN action [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]" ++.PP ++\&\fIuser\fR defines a group id either in numeric or in string form. ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.PP ++The web interface will show a gid warning if the test should ++fail. ++.PP ++We recommend that you use the \s-1UNMONITOR\s0 action in a gid ++statement. The rationale for this feature is security and that ++monit does not start a possible cracked program or ++script. Example: ++.PP ++.Vb 3 ++\& check file shadow with path /etc/shadow ++\& if failed gid root then unmonitor ++\& alert root@localhost ++.Ve ++.PP ++If the test fails, monit will simply send an alert and stop ++monitoring the file and propagate an unmonitor action upward in ++a depend tree. ++.Sh "\s-1PID\s0 \s-1TESTING\s0" ++.IX Subsection "PID TESTING" ++monit tests the process id (pid) of processes for change. This ++test is implicit and monit will send alert in the case of failure ++by default. ++.PP ++You may override the default action using below rule (it may only ++be used within a process service entry in the monit control ++file). ++.PP ++The syntax for the pid statement is: ++.IP "\s-1IF\s0 \s-1CHANGED\s0 \s-1PID\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action" 4 ++.IX Item "IF CHANGED PID [[<X>] <Y> CYCLES] THEN action" ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.PP ++This test is useful to detect possible process restarts which ++has occurred in the timeframe between two monit testing cycles. ++In the case that the restart was fast and the process provides ++expected service (i.e. all tests passed) you will be notified ++that the process was replaced. ++.PP ++For example sshd daemon can restart very quickly, thus if someone ++changes its configuration and do sshd restart outside of monit ++control, you will be notified that the process was replaced by ++new instance (or you can optionaly do some other action such as ++preventively stop sshd). ++.PP ++Another example is MySQL Cluster which has its own watchdog with ++process restart ability. You can use monit for redundant ++monitoring. Monit will just send alert in the case that the MySQL ++cluster restarted the node quickly. ++.PP ++Example: ++.PP ++.Vb 3 ++\& check process sshd with pidfile /var/run/sshd.pid ++\& if changed pid then exec "/my/script" ++\& alert root@localhost ++.Ve ++.Sh "\s-1PPID\s0 \s-1TESTING\s0" ++.IX Subsection "PPID TESTING" ++monit tests the process parent id (ppid) of processes for change. ++This test is implicit and monit will send alert in the case of ++failure by default. ++.PP ++You may override the default action using below rule (it may only ++be used within a process service entry in the monit control file). ++.PP ++The syntax for the ppid statement is: ++.IP "\s-1IF\s0 \s-1CHANGED\s0 \s-1PPID\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action" 4 ++.IX Item "IF CHANGED PPID [[<X>] <Y> CYCLES] THEN action" ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.PP ++This test is useful for detecting changes of a process parent. ++.PP ++Example: ++.PP ++.Vb 3 ++\& check process myproc with pidfile /var/run/myproc.pid ++\& if changed ppid then exec "/my/script" ++\& alert root@localhost ++.Ve ++.Sh "\s-1CONNECTION\s0 \s-1TESTING\s0" ++.IX Subsection "CONNECTION TESTING" ++Monit is able to perform connection testing via networked ports ++or via Unix sockets. A connection test may only be used within a ++process or within a host service entry in the monit control file. ++.PP ++If a service listens on one or more sockets, monit can connect to ++the port (using either tcp or udp) and verify that the service ++will accept a connection and that it is possible to write and ++read from the socket. If a connection is not accepted or if there ++is a problem with socket read/write, monit will assume that ++something is wrong and execute a specified action. If monit is ++compiled with openssl, then ssl based network services can also ++be tested. ++.PP ++The full syntax for the statement used for connection testing is ++as follows (keywords are in capital and optional statements in ++[brackets]), ++.IP "\s-1IF\s0 \s-1FAILED\s0 [host] port [type] [protocol|{send/expect}+] [timeout] [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 ++.IX Item "IF FAILED [host] port [type] [protocol|{send/expect}+] [timeout] [[<X>] <Y> CYCLES] THEN action [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]" ++.PP ++or for Unix sockets, ++.IP "\s-1IF\s0 \s-1FAILED\s0 [unixsocket] [type] [protocol|{send/expect}+] [timeout] [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action [\s-1ELSE\s0 \s-1IF\s0 \s-1PASSED\s0 [[<X>] <Y> \s-1CYCLES\s0] \s-1THEN\s0 action]" 4 ++.IX Item "IF FAILED [unixsocket] [type] [protocol|{send/expect}+] [timeout] [[<X>] <Y> CYCLES] THEN action [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action]" ++.PP ++\&\fBhost:HOST hostname\fR. Optionally specify the host to connect to. ++If the host is not given then localhost is assumed if this test ++is used inside a process entry. If this test was used inside a ++remote host entry then the entry's remote host is assumed. ++Although \fIhost\fR is intended for testing name based virtual host ++in a \s-1HTTP\s0 server running on local or remote host, it does allow ++the connection statement to be used to test a server running on ++another machine. This may be useful; For instance if you use ++Apache httpd as a front-end and an application-server as the ++back-end running on another machine, this statement may be used ++to test that the back-end server is running and if not raise an ++alert. ++.PP ++\&\fBport:PORT number\fR. The port number to connect to ++.PP ++\&\fBunixsocket:UNIXSOCKET \s-1PATH\s0\fR. Specifies the path to a Unix ++socket. Servers based on Unix sockets, always runs on the local ++machine and does not use a port. ++.PP ++\&\fBtype:TYPE {TCP|UDP|TCPSSL}\fR. Optionally specify the socket type ++monit should use when trying to connect to the port. The ++different socket types are; \s-1TCP\s0, \s-1UDP\s0 or \s-1TCPSSL\s0, where \s-1TCP\s0 is a ++regular stream based socket, \s-1UDP\s0 is a datagram socket and \s-1TCPSSL\s0 ++specify that monit should use a \s-1TCP\s0 socket with \s-1SSL\s0 when ++connecting to a port. The default socket type is \s-1TCP\s0. If \s-1TCPSSL\s0 ++is used you may optionally specify the \s-1SSL/TLS\s0 protocol to be ++used and the md5 sum of the server's certificate. The \s-1TCPSSL\s0 ++options are: ++.PP ++.Vb 1 ++\& TCPSSL [SSLAUTO|SSLV2|SSLV3|TLSV1] [CERTMD5 md5sum] ++.Ve ++.PP ++\&\fBproto(col):PROTO {protocols}\fR. Optionally specify the protocol ++monit should speak when a connection is established. At the ++moment monit knows how to speak: ++ \fIAPACHE-STATUS\fR ++ \fI\s-1DNS\s0\fR ++ \fI\s-1DWP\s0\fR ++ \fI\s-1FTP\s0\fR ++ \fI\s-1HTTP\s0\fR ++ \fI\s-1IMAP\s0\fR ++ \fI\s-1CLAMAV\s0\fR ++ \fI\s-1LDAP2\s0\fR ++ \fI\s-1LDAP3\s0\fR ++ \fI\s-1MYSQL\s0\fR ++ \fI\s-1NNTP\s0\fR ++ \fI\s-1NTP3\s0\fR ++ \fI\s-1POP\s0\fR ++ \fIPOSTFIX-POLICY\fR ++ \fI\s-1RDATE\s0\fR ++ \fI\s-1RSYNC\s0\fR ++ \fI\s-1SMTP\s0\fR ++ \fI\s-1SSH\s0\fR ++ \fI\s-1TNS\s0\fR ++ \fI\s-1PGSQL\s0\fR ++If you have compiled monit with ssl support, monit can also speak ++the \s-1SSL\s0 variants such as: ++ \fI\s-1HTTPS\s0\fR ++ \fI\s-1FTPS\s0\fR ++ \fI\s-1POPS\s0\fR ++ \fI\s-1IMAPS\s0\fR ++To use the \s-1SSL\s0 protocol support you need to define the socket as ++\&\s-1SSL\s0 and use the general protocol name (for example in the case of ++\&\s-1HTTPS\s0) : ++ \s-1TYPE\s0 \s-1TCPSSL\s0 \s-1PROTOCOL\s0 \s-1HTTP\s0 ++If the server's protocol is not found in this list, simply do not ++specify the protocol and monit will utilize a default test, ++including testing if it is possible to read and write to the ++port. This default test is in most cases more than good enough to ++deduce if the server behind the port is up or not. ++.PP ++The protocol statement is: ++.PP ++.Vb 1 ++\& [PROTO(COL) {name} [REQUEST {"/path"} [with CHECKSUM checksum]] ++.Ve ++.PP ++As you can see, you may specify a request after the protocol, at ++the moment only the \s-1HTTP\s0 protocol supports the request option. ++See also below for an example. ++.PP ++In addition to the standard protocols, the \fIAPACHE-STATUS\fR ++protocol is a test of a specific server type, rather than a ++generic protocol. Server performance is examined using the status ++page generated by Apache's mod_status, which is expected to be at ++its default address of http://www.example.com/server\-status. ++Currently the \fIAPACHE-STATUS\fR protocol examines the percentage ++of Apache child processes which are ++.PP ++.Vb 10 ++\& o logging (loglimit) ++\& o closing connections (closelimit) ++\& o performing DNS lookups (dnslimit) ++\& o in keepalive with a client (keepalivelimit) ++\& o replying to a client (replylimit) ++\& o receiving a request (requestlimit) ++\& o initialising (startlimit) ++\& o waiting for incoming connections (waitlimit) ++\& o gracefully closing down (gracefullimit) ++\& o performing cleanup procedures (cleanuplimit) ++.Ve ++.PP ++Each of these quantities can be compared against a value relative ++to the total number of active Apache child processes. If the ++comparison expression is true the chosen action is performed. ++.PP ++The apache-status protocol statement is formally defined as ++(keywords in uppercase): ++.PP ++.Vb 1 ++\& PROTO(COL) {limit} OP PERCENT [OR {limit} OP PERCENT]* ++.Ve ++.PP ++where {limit} is one or more of: loglimit, closelimit, dnslimit, ++keepalivelimit, replylimit, requestlimit, startlimit, waitlimit ++gracefullimit or cleanuplimit. The operator \s-1OP\s0 is one of: ++[<|=|>]. ++.PP ++You can combine all of these test into one expression or you can ++choose to test a certain limit. If you combine the limits you ++must or' them together using the \s-1OR\s0 keyword. ++.PP ++Here's an example were we test for a loglimit more than 10 ++percent, a dnslimit over 25 percent and a wait limit less than 20 ++percent of processes. See also more examples below in the example ++section. ++.PP ++.Vb 5 ++\& protocol apache\-status ++\& loglimit > 10% or ++\& dnslimit > 50% or ++\& waitlimit < 20% ++\& then alert ++.Ve ++.PP ++Obviously, do not use this test unless the httpd server you are ++testing is Apache Httpd and mod_status is activated on the ++server. ++.PP ++\&\fBsend/expect: {SEND|EXPECT} \*(L"string\*(R" ...\fR. If monit does not ++support the protocol spoken by the server, you can write your own ++protocol-test using \fIsend\fR and \fIexpect\fR strings. The \fI\s-1SEND\s0\fR ++statement sends a string to the server port and the \fI\s-1EXPECT\s0\fR ++statement compares a string read from the server with the string ++given in the expect statement. If your system supports \s-1POSIX\s0 ++regular expressions, you can use regular expressions in the ++expect string, see \fIregex\fR\|(7) to learn more about the types of ++regular expressions you can use in an expect string. Otherwise ++the string is used as it is. The send/expect statement is: ++.PP ++.Vb 1 ++\& [{SEND|EXPECT} "string"]+ ++.Ve ++.PP ++Note that monit will send a string as it is, and you \fBmust\fR ++remember to include \s-1CR\s0 and \s-1LF\s0 in the string sent to the server if ++the protocol expect such characters to terminate a string (most ++text based protocols used over Internet does). Likewise monit ++will read up to 256 bytes from the server and use this string ++when comparing the expect string. If the server sends strings ++terminated by \s-1CRLF\s0, (i.e. \*(L"\er\en\*(R") you \fImay\fR remember to add the ++same terminating characters to the string you expect from the ++server. ++.PP ++You can use non-printable characters in a send string if ++needed. Use the hex notation, \e0xHEXHEX to send any char in the ++range \e0x00\-\e0xFF, that is, 0\-255 in decimal. This may be useful ++when testing some network protocols, particularly those over ++\&\s-1UDP\s0. An example, to test a quake 3 server you can use the ++following, ++.PP ++.Vb 2 ++\& send "\e0xFF\e0xFF\e0xFF\e0xFFgetstatus" ++\& expect "sv_floodProtect|sv_maxPing" ++.Ve ++.PP ++Finally, send/expect can be used with any socket type, such as ++\&\s-1TCP\s0 sockets, \s-1UNIX\s0 sockets and \s-1UDP\s0 sockets. ++.PP ++\&\fBtimeout:with \s-1TIMEOUT\s0 x \s-1SECONDS\s0\fR. Optionally specifies the ++connect and read timeout for the connection. If monit cannot ++connect to the server within this time it will assume that the ++connection failed and execute the specified action. The default ++connect timeout is 5 seconds. ++.PP ++\&\fIaction\fR is a choice of \*(L"\s-1ALERT\s0\*(R", \*(L"\s-1RESTART\s0\*(R", \*(L"\s-1START\s0\*(R", \*(L"\s-1STOP\s0\*(R", ++\&\*(L"\s-1EXEC\s0\*(R", \*(L"\s-1MONITOR\s0\*(R" or \*(L"\s-1UNMONITOR\s0\*(R". ++.PP ++Connection testing using the \s-1URL\s0 notation ++.IX Subsection "Connection testing using the URL notation" ++.PP ++You can test a \s-1HTTP\s0 server using the compact \s-1URL\s0 syntax. This ++test also allow you to use \s-1POSIX\s0 regular expressions to test the ++content returned by the \s-1HTTP\s0 server. ++.PP ++The full syntax for the \s-1URL\s0 statement is as follows (keywords are ++in capital and optional statements in [brackets]): ++.PP ++.Vb 5 ++\& IF FAILED URL ULR\-spec ++\& [CONTENT {==|!=} "regular\-expression"] ++\& [TIMEOUT number SECONDS] [[<X>] <Y> CYCLES] ++\& THEN action ++\& [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action] ++.Ve ++.PP ++Where URL-spec is an \s-1URL\s0 on the standard form as specified in \s-1RFC\s0 ++2396: ++.PP ++.Vb 1 ++\& <protocol>://<authority><path>?<query> ++.Ve ++.PP ++Here is an example on an \s-1URL\s0 where all components are used: ++.PP ++.Vb 1 ++\& http://user:password@www.foo.bar:8080/document/?querystring#ref ++.Ve ++.PP ++If a username and password is included in the \s-1URL\s0 monit will ++attempt to login at the server using \fBBasic Authentication\fR. ++.PP ++Testing the content returned by the server is optional. If used, ++you can test if the content \fBmatch\fR or does \fBnot match\fR a ++regular expression. Here's an example on how the \s-1URL\s0 statement ++can be used in a \fIcheck service\fR: ++.PP ++.Vb 5 ++\& check host FOO with address www.foo.bar ++\& if failed url ++\& http://user:password@www.foo.bar:8080/?querystring ++\& and content == 'action="j_security_check"' ++\& then ... ++.Ve ++.PP ++Monit will look at the content-length header returned by the ++server and download this amount before testing the content. That ++is, if the content-length is more than 1Mb or this header is not ++set by the server monit will default to download up to 1 Mb and ++not more. ++.PP ++Only the http(s) protocol is supported in an \s-1URL\s0 statement. If ++the protocol is \fBhttps\fR monit will use \s-1SSL\s0 when connecting to ++the server. ++.PP ++Remote host ping test ++.IX Subsection "Remote host ping test" ++.PP ++In addition monit can perform \s-1ICMP\s0 Echo tests in remote host ++checks. The icmp test may only be used in a check host entry and ++monit must run with super user privileges, that is, the root user ++must run monit. The reason is that the icmp test utilize a raw ++socket to send the icmp packet and only the super user is allowed ++to create a raw socket. ++.PP ++The full syntax for the \s-1ICMP\s0 Echo statement used for ping testing ++is as follows (keywords are in capital and optional statements in ++[brackets]): ++.PP ++.Vb 5 ++\& IF FAILED ICMP TYPE ECHO ++\& [COUNT number] [WITH] [TIMEOUT number SECONDS] ++\& [[<X>] <Y> CYCLES] ++\& THEN action ++\& [ELSE IF PASSED [[<X>] <Y> CYCLES] THEN action] ++.Ve ++.PP ++The rules for action and timeout are the same as those mentioned ++above in the \s-1CONNECTION\s0 \s-1TESTING\s0 section. The count parameter ++specifies how many consecutive echo requests will be send to the ++host in one cycle. In the case that no reply came within timeout ++frame, monit reports error. When at least one reply was received, ++the test will pass. Monit sends by default three echo requests in ++one cycle to prevent the random packet loss from generating false ++alarm (i.e. up to 66% packet loss is tolerated). You can set the ++count option to different value, which can serve as error ratio. ++For example in the case that you require 100% ping success, you ++can set the count to 1 (i.e. just one attempt will be send, when ++the packet was lost, then error will be reported). ++.PP ++An icmp ping test is useful for testing if a host is up, before ++testing ports at the host. If an icmp ping test is used in a ++check host entry, this test is run first and if the ping test ++should fail we assume that the connection to the host is down and ++monit does \fInot\fR continue to test any ports. Here's an example: ++.PP ++.Vb 6 ++\& check host xyzzy with address xyzzy.org ++\& if failed icmp type echo count 5 with timeout 15 seconds ++\& then alert ++\& if failed port 80 proto http then alert ++\& if failed port 443 type TCPSSL proto http then alert ++\& alert foo@bar ++.Ve ++.PP ++In this case, if the icmp test should fail you will get \fIone\fR ++alert and only one alert as long as the host is down, and equally ++important, monit will \fInot\fR test port 80 and port 443. Likewise ++if the icmp ping test should succeed (again) monit will continue ++to test both port 80 and 443. ++.PP ++Keep in mind though that some firewalls can block icmp packages ++and thus render the test useless. ++.PP ++Examples ++.IX Subsection "Examples" ++.PP ++To check a port connection and receive an alert if monit cannot ++connect to the port, use the following statement: ++.PP ++.Vb 1 ++\& if failed port 80 then alert ++.Ve ++.PP ++In this case the machine in question is assumed to be the default ++host. For a process entry it's \fIlocalhost\fR and for a remote host ++entry it's the \fIaddress\fR of the remote host. Monit will conduct ++a tcp connection to the host at port 80 and use tcp by default. ++If you want to connect with udp, you can specify this after the ++port\-statement; ++.PP ++.Vb 1 ++\& if failed port 53 type udp protocol dns then alert ++.Ve ++.PP ++Monit will stop trying to connect to the port after 5 seconds and ++assume that the server behind the port is down. You may increase ++or decrease the connect timeout by explicit add a connection ++timeout. In the following example the timeout is increased to 15 ++seconds and if monit cannot connect to the server within 15 ++seconds the test will fail and an alert message is sent. ++.PP ++.Vb 1 ++\& if failed port 80 with timeout 15 seconds then alert ++.Ve ++.PP ++If a server is listening to a Unix socket the following statement ++can be used: ++.PP ++.Vb 1 ++\& if failed unixsocket /var/run/sophie then alert ++.Ve ++.PP ++A Unix socket is used by some servers for fast (interprocess) ++communication on localhost only. A Unix socket is specified by a ++path and in the example above the path, /var/run/sophie, ++specifies a Unix socket. ++.PP ++If your machine answers for several virtual hosts you can prefix ++the port statement with a host-statement like so: ++.PP ++.Vb 3 ++\& if failed host www.sol.no port 80 then alert ++\& if failed host 80.69.226.133 port 443 then alert ++\& if failed host kvasir.sol.no port 80 then alert ++.Ve ++.PP ++And as mentioned above, if you do not specify a host\-statement, ++\&\fIlocalhost\fR or \fIaddress\fR is assumed. ++.PP ++Monit also knows how to speak some of the more popular Internet ++protocols. So, besides testing for connections, monit can also ++speak with the server in question to verify that the server ++works. For example, the following is used to test a http server: ++.PP ++.Vb 2 ++\& if failed host www.tildeslash.com port 80 proto http ++\& then restart ++.Ve ++.PP ++Some protocols also support a request statement. This statement ++can be used to ask the server for a special document entity. ++.PP ++Currently \fBonly\fR the \fI\s-1HTTP\s0\fR protocol module supports the ++request statement, such as: ++.PP ++.Vb 3 ++\& if failed host www.myhost.com port 80 protocol http ++\& and request "/data/show.php?a=b&c=d" ++\& then restart ++.Ve ++.PP ++The request must contain an \s-1URI\s0 string specifying a document from ++the http server. The string will be \s-1URL\s0 encoded by monit before ++it sends the request to the http server, so it's okay to use \s-1URL\s0 ++unsafe characters in the request. If the request statement isn't ++specified, the default web server page will be requested. ++.PP ++You can also test the checksum for documents returned by a http ++server. You can use either \s-1MD5\s0 sums: ++.PP ++.Vb 4 ++\& if failed port 80 protocol http ++\& and request "/page.html" ++\& with checksum 8f7f419955cefa0b33a2ba316cba3659 ++\& then alert ++.Ve ++.PP ++Or you can use \s-1SHA1\s0 sums: ++.PP ++.Vb 4 ++\& if failed port 80 protocol http ++\& and request "/page.html" ++\& with checksum e428302e260e0832007d82de853aa8edf19cd872 ++\& then alert ++.Ve ++.PP ++monit will compute a checksum (either \s-1MD5\s0 or \s-1SHA1\s0 is used, ++depending on length of the hash) for the document (in the above ++case, /page.html) and compare the computed checksum with the ++expected checksum. If the sums does not match then the if-tests ++action is performed, in this case alert. Note that monit will ++\&\fBnot\fR test the checksum for a document if the server does not ++set the \s-1HTTP\s0 \fIContent-Length\fR header. A \s-1HTTP\s0 server should set ++this header when it server a static document (i.e. a file). A ++server will often use chunked transfer encoding instead when ++serving dynamic content (e.g. a document created by a CGI-script ++or a Servlet), but to test the checksum for dynamic content is ++not very useful. There are no limitation on the document size, ++but keep in mind that monit will use time to download the ++document over the network so it's probably smart not to ask monit ++to compute a checksum for documents larger than 1Mb or so, ++depending on you network connection of course. Tip; If you get a ++checksum error even if the document has the correct sum, the ++reason may be that the download timed out. In this case, explicit ++set a longer timeout than the default 5 seconds. ++.PP ++As mentioned above, if the server protocol is not supported by ++monit you can write your own protocol test using send/expect ++strings. Here we show a protocol test using send/expect for an ++imaginary \*(L"Ali Baba and the Forty Thieves\*(R" protocol: ++.PP ++.Vb 6 ++\& if failed host cave.persia.ir port 4040 ++\& send "Open, Sesame!\er\en" ++\& expect "Please enter the cave\er\en" ++\& send "Shut, Sesame!\er\en" ++\& expect "See you later [A\-Za\-z ]+\er\en" ++\& then restart ++.Ve ++.PP ++The \fI\s-1TCPSSL\s0\fR statement can optionally test the md5 sum of the ++server's certificate. You must state the md5 certificate string ++you expect the server to deliver and upon a connect to the ++server, the server's actual md5 sum certificate string is tested. ++Any other symbol but [A\-Fa\-f0\-9] is being ignored in that sting. ++Thus it is possible to copy and paste the output of e.g. openssl. ++If they do not match, the connection test fails. If the ssl ++version handshake does not work properly you can also force a ++specific ssl version, as we demonstrate in this example: ++.PP ++.Vb 10 ++\& if failed host shop.sol.no port 443 ++\& type TCPSSL SSLV3 # Force monit to use ssl version 3 ++\& # We expect the server to return this md5 certificate sum ++\& # as either 12\-34\-56\-78\-90\-AB\-CD\-EF\-12\-34\-56\-78\-90\-AB\-CD\-EF ++\& # or e.g. 1234567890ABCDEF1234567890ABCDEF ++\& # or e.g. 1234567890abcdef1234567890abcdef ++\& # what ever come in more handy (see text above) ++\& CERTMD5 12\-34\-56\-78\-90\-AB\-CD\-EF\-12\-34\-56\-78\-90\-AB\-CD\-EF ++\& protocol http ++\& then restart ++.Ve ++.PP ++Here's an example where a connection test is used inside a ++process entry: ++.PP ++.Vb 4 ++\& check process apache with pidfile /var/run/apache.pid ++\& start program = "/etc/init.d/httpd start" ++\& stop program = "/etc/init.d/httpd stop" ++\& if failed host www.tildeslash.com port 80 then restart ++.Ve ++.PP ++Here, a connection test is used in a remote host entry: ++.PP ++.Vb 2 ++\& check host up2date with address ftp.redhat.com ++\& if failed port 21 and protocol ftp then alert ++.Ve ++.PP ++Since we did not explicit specify a host in the above test, monit ++will connect to port 21 at ftp.redhat.com. Apropos, the host ++address can be specified as a dotted \s-1IP\s0 address string or as ++hostname in the \s-1DNS\s0. The following is exactly[*] the same test, ++but here an ip address is used instead: ++.PP ++.Vb 2 ++\& check host up2date with address 66.187.232.30 ++\& if failed port 21 and protocol ftp then alert ++.Ve ++.PP ++[*] Well, not quite, since we specify an ip-address directly we ++will bypass any \s-1DNS\s0 round-robin setup, but that's another story. ++.PP ++For more examples, see the example section below. ++.SH "MONIT HTTPD" ++.IX Header "MONIT HTTPD" ++If specified in the control file, monit will start a monit daemon ++with http support. From a Browser you can then start and stop ++services, disable or enable service monitoring as well as view ++the status of each service. Also, if monit logs to its own file, ++you can view the content of this logfile in a Browser. ++.PP ++The control file statement for starting a monit daemon with http ++support is a global set\-statement: ++.IP "set httpd port 2812" 4 ++.IX Item "set httpd port 2812" ++.PP ++And you can use this \s-1URL\s0, \fIhttp://localhost:2812/\fR, to access ++the daemon from a browser. The port number, in this case 2812, ++can be any number that you are allowed to bind to. ++.PP ++If you have compiled monit with openssl, you can also start the ++httpd server with ssl support, using the following expression: ++.PP ++.Vb 3 ++\& set httpd port 2812 ++\& ssl enable ++\& pemfile /etc/certs/monit.pem ++.Ve ++.PP ++And you can use this \s-1URL\s0, \fIhttps://localhost:2812/\fR, to access ++the monit web server over an ssl encrypted connection. ++.PP ++The pemfile, in the example above, holds both the server's ++private key and certificate. This file should be stored in a safe ++place on the filesystem and should have strict permissions, that ++is, no more than 0700. ++.PP ++In addition, if you want to check for client certificates you can ++use the \s-1CLIENTPEMFILE\s0 statement. In this case, a connecting ++client has to provided a certificate known by monit in order to ++connect. This file also needs to have all necessary \s-1CA\s0 ++certificates. A configuration could look like: ++.PP ++.Vb 4 ++\& set httpd port 2812 ++\& ssl enable ++\& pemfile /etc/certs/monit.pem ++\& clientpemfile /etc/certs/monit\-client.pem ++.Ve ++.PP ++By default self signed client certificates are not allowed. If ++you want to use a self signed certificate from a client it has to ++be allowed explicitly with the \s-1ALLOWSELFCERTIFICATION\s0 statement. ++.PP ++For more information on how to use monit with \s-1SSL\s0 and for more ++information about certificates and generating pem files, please ++consult the \s-1README\s0.SSL file accompanying the software. ++.PP ++If you only want the http server to accept connect requests to ++one host addresses you can specify the bind address either as an ++\&\s-1IP\s0 number string or as a hostname. In the following example we ++bind the http server to the loopback device. In other words the ++http server will only be reachable from localhost: ++.PP ++.Vb 1 ++\& set httpd port 2812 and use the address 127.0.0.1 ++.Ve ++.PP ++or ++.PP ++.Vb 1 ++\& set httpd port 2812 and use the address localhost ++.Ve ++.PP ++If you do not use the \s-1ADDRESS\s0 statement the http server will ++accept connections on any/all local addresses. ++.PP ++It is possible to hide monit's httpd server version, which ++usually is available in httpd header responses and in error ++pages. ++.PP ++.Vb 3 ++\& set httpd port 2812 ++\& ... ++\& signature {enable|disable} ++.Ve ++.PP ++Use \fIdisable\fR to hide the server signature \- monit will only ++report its name (e.g. 'monit' instead of for example 'monit ++4.2'). By default the version signature is enabled. It is worth ++to stress that this option provides no security advantage and ++falls into the \*(L"security through obscurity\*(R" category. ++.PP ++If you remove the httpd statement from the config file, monit ++will stop the httpd server on configuration reload. Likewise if ++you change the port number, monit will restart the http server ++using the new specified port number. ++.PP ++The status page displayed by the monit web server is ++automatically refreshed with the same poll time set for the monit ++daemon. ++.PP ++\&\fBNote:\fR ++.PP ++We strongly recommend that you start monit with http support (and ++bind the server to localhost, only, unless you are behind a ++firewall). The built-in web-server is small and does not use much ++resources, and more \fIimportantly\fR, monit can use the http server ++for interprocess communication between a monit client and a monit ++daemon. ++.PP ++For instance, you \fImust\fR start a monit daemon with http support ++if you want to be able to use the following console commands. ++(That is; most of the available console commands). ++.PP ++.Vb 12 ++\& 'monit stop all' ++\& 'monit start all' ++\& 'monit stop service' ++\& 'monit start service' ++\& 'monit restart service' ++\& 'monit monitor service' ++\& 'monit unmonitor service' ++\& 'monit \-g groupname stop all' ++\& 'monit \-g groupname start all' ++\& 'monit \-g groupname restart all' ++\& 'monit \-g groupname monitor all' ++\& 'monit \-g groupname unmonitor all' ++.Ve ++.PP ++If a monit daemon is running in the background we will ask the ++daemon (via the \s-1HTTP\s0 protocol) to execute the above commands. ++That is, the daemon is requested to start and stop the services. ++This ensures that a daemon will not restart a service that you ++requested to stop and that (any) timeout lock will be removed ++from a service when you start it. ++.Sh "Monit \s-1HTTPD\s0 Authentication" ++.IX Subsection "Monit HTTPD Authentication" ++monit supports two types of authentication schema's for ++connecting to the httpd server, (three, if you count \s-1SSL\s0 client ++certificate validation). Both schema's can be used together or by ++itself. You \fBmust\fR choose at least one. ++.PP ++Host and network allow list ++.IX Subsection "Host and network allow list" ++.PP ++The http server maintains an access-control list of hosts and ++networks allowed to connect to the server. You can add as many ++hosts as you want to, but only hosts with a valid domain name or ++its \s-1IP\s0 address are allowed. If you specify a hostname that does ++not resolve, monit will write an error message in the console and ++not start. Networks require a network \s-1IP\s0 and a netmask to be ++accepted. ++.PP ++The http server will query a name server to check any hosts ++connecting to the server. If a host (client) is trying to connect ++to the server, but cannot be found in the access list or cannot ++be resolved, the server will shutdown the connection to the ++client promptly. ++.PP ++Control file example: ++.PP ++.Vb 6 ++\& set httpd port 2812 ++\& allow localhost ++\& allow my.other.work.machine.com ++\& allow 10.1.1.1 ++\& allow 192.168.1.0/255.255.255.0 ++\& allow 10.0.0.0/8 ++.Ve ++.PP ++Clients, not mentioned in the allow list that tries to connect to ++the server are logged with their ip\-address. ++.PP ++Basic Authentication ++.IX Subsection "Basic Authentication" ++.PP ++This authentication schema is \s-1HTTP\s0 specific and described in more ++detail in \s-1RFC\s0 2617. ++.PP ++In short; a server challenge a client (e.g. a Browser) to send ++authentication information (username and password) and if ++accepted, the server will allow the client access to the ++requested document. ++.PP ++The biggest weakness with Basic Authentication is that the ++username and password is sent in clear-text (i.e. base64 encoded) ++over the network. It is therefor recommended that you do not use ++this authentication method unless you run the monit http server ++with \fIssl\fR support. With ssl support it is completely safe to ++use Basic Authentication since \fBall\fR http data, including Basic ++Authentication headers will be encrypted. ++.PP ++monit will use Basic Authentication if an allow statement ++contains a username and a password separated with a single ':' ++character, like so; \fIallow username:password\fR. The username and ++password must be written in clear\-text. ++.PP ++Alternatively you can use files in \*(L"htpasswd\*(R" format (one ++user:passwd entry per line), like so: \fIallow ++[cleartext|crypt|md5] /path [users]\fR. By default cleartext ++passwords are read. In case the passwords are digested it is ++necessary to specify the cryptographic method. In order to select ++the users their names can be added to the allow statement. ++Otherwise all users are added. ++.PP ++Example: ++.PP ++.Vb 3 ++\& set httpd port 2812 ++\& allow hauk:password ++\& allow md5 /etc/httpd/htpasswd john paul ringo george ++.Ve ++.PP ++If you use this method together with a host list, then only ++clients from the listed hosts will be allowed to connect to the ++monit http server and each client will be asked to provide a ++username and a password. ++.PP ++Example: ++.PP ++.Vb 4 ++\& set httpd port 2812 ++\& allow localhost ++\& allow 10.1.1.1 ++\& allow hauk:password ++.Ve ++.PP ++If you only want to use Basic Authentication, then just provide ++allow entries with username and password, like so: ++.PP ++.Vb 3 ++\& set httpd port 2812 ++\& allow hauk:password ++\& allow admin:password ++.Ve ++.PP ++Finally it is possible to define some users as read\-only. A ++read-only user can read the monit web pages but will \fInot\fR get ++access to push-buttons and cannot change a service from the web ++interface. ++.PP ++.Vb 3 ++\& set httpd port 2812 ++\& allow admin:password ++\& allow hauk:password read\-only ++.Ve ++.PP ++A user is set to read-only by using the \fIread-only\fR keyword ++\&\fBafter\fR username:password. In the above example the user \fIhauk\fR ++is defined as a read-only user, while the \fIadmin\fR user has all ++access rights. ++.PP ++\&\s-1NB\s0! a monit client will use the \fIfirst\fR username:password pair ++in an allow list and you should \fBnot\fR define the first user as a ++read-only user. If you do, monit console commands will not work. ++.PP ++If you use Basic Authentication it is a good idea to set the ++access permission for the control file (~/.monitrc) to only ++readable and writable for the user running monit, because the ++password is written in clear\-text. (Use this command, /bin/chmod ++600 ~/.monitrc). In fact, since monit \fBversion 3.0\fR, monit will ++complain and exit if the control file is readable by others. ++.PP ++Clients trying to connect to the server but supply the wrong ++username and/or password are logged with their ip\-address. ++.PP ++If the monit command line interface is being used at least one ++cleartext password is necessary. Otherwise, the monit command ++line interface will not be able to connect to the monit daemon ++server. ++.SH "DEPENDENCIES" ++.IX Header "DEPENDENCIES" ++If specified in the control file, monit can do dependency ++checking before start, stop, monitoring or unmonitoring of ++services. The dependency statement may be used within any service ++entries in the monit control file. ++.PP ++The syntax for the depend statement is simply: ++.IP "\s-1DEPENDS\s0 on service[, service [,...]]" 4 ++.IX Item "DEPENDS on service[, service [,...]]" ++.PP ++Where \fBservice\fR is a service entry name, for instance \fBapache\fR ++or \fBdatafs\fR. ++.PP ++You may add more than one service name of any type or use more ++than one depend statement in an entry. ++.PP ++Services specified in a \fIdepend\fR statement will be checked ++during stop/start/monitor/unmonitor operations. If a service is ++stopped or unmonitored it will stop/unmonitor any services that ++depends on itself. Likewise, if a service is started, it will ++first stop any services that depends on itself and after it is ++started, start all depending services again. If the service is to ++be monitored (enable monitoring), all services which this service ++depends on will be monitored before enabling monitoring of this ++service. ++.PP ++Here is an example where we set up an apache service entry to ++depend on the underlying apache binary. If the binary should ++change an alert is sent and apache is not monitored anymore. The ++rationale is security and that monit should not execute a ++possibly cracked apache binary. ++.PP ++.Vb 7 ++\& (1) check process apache ++\& (2) with pidfile "/usr/local/apache/logs/httpd.pid" ++\& (3) ... ++\& (4) depends on httpd ++\& (5) ++\& (6) check file httpd with path /usr/local/apache/bin/httpd ++\& (7) if failed checksum then unmonitor ++.Ve ++.PP ++The first entry is the process entry for apache shown before ++(abbreviated for clarity). The fourth line sets up a dependency ++between this entry and the service entry named httpd in line 6. A ++depend tree works as follows, if an action is conducted in a ++lower branch it will propagate upward in the tree and for every ++dependent entry execute the same action. In this case, if the ++checksum should fail in line 7 then an unmonitor action is ++executed and the apache binary is not checked anymore. But since ++the apache process entry depends on the httpd entry this entry ++will also execute the unmonitor action. In short, if the checksum ++test for the httpd binary file should fail, both the check file ++httpd entry and the check process apache entry is set in ++un-monitoring mode. ++.PP ++A dependency tree is a general construct and can be used between ++all types of service entries and span many levels and propagate ++any supported action (except the exec action which will not ++propagate upward in a dependency tree for obvious reasons). ++.PP ++Here is another different example. Consider the following common ++server setup: ++.PP ++.Vb 2 ++\& WEB\-SERVER \-> APPLICATION\-SERVER \-> DATABASE \-> FILESYSTEM ++\& (a) (b) (c) (d) ++.Ve ++.PP ++You can set dependencies so that the web-server depends on the ++application server to run before the web-server starts and the ++application server depends on the database server and the ++database depends on the file-system to be mounted before it ++starts. See also the example section below for examples using the ++depend statement. ++.PP ++Here we describe how monit will function with the above ++dependencies: ++.IP "If no servers are running" 4 ++.IX Item "If no servers are running" ++monit will start the servers in the following order: \fId\fR, \fIc\fR, ++\&\fIb\fR, \fIa\fR ++.IP "If all servers are running" 4 ++.IX Item "If all servers are running" ++When you run 'monit stop all' this is the stop order: \fIa\fR, \fIb\fR, ++\&\fIc\fR, \fId\fR. If you run 'monit stop d' then \fIa\fR, \fIb\fR and \fIc\fR ++are also stopped because they depend on \fId\fR and finally \fId\fR is ++stopped. ++.IP "If \fIa\fR does not run" 4 ++.IX Item "If a does not run" ++When monit runs it will start \fIa\fR ++.IP "If \fIb\fR does not run" 4 ++.IX Item "If b does not run" ++When monit runs it will first stop \fIa\fR then start \fIb\fR and ++finally start \fIa\fR again. ++.IP "If \fIc\fR does not run" 4 ++.IX Item "If c does not run" ++When monit runs it will first stop \fIa\fR and \fIb\fR then start \fIc\fR ++and finally start \fIb\fR then \fIa\fR. ++.IP "If \fId\fR does not run" 4 ++.IX Item "If d does not run" ++When monit runs it will first stop \fIa\fR, \fIb\fR and \fIc\fR then start ++\&\fId\fR and finally start \fIc\fR, \fIb\fR then \fIa\fR. ++.IP "If the control file contains a depend loop." 4 ++.IX Item "If the control file contains a depend loop." ++A depend loop is for example; a\->b and b\->a or a\->b\->c\->a. ++.Sp ++When monit starts it will check for such loops and complain and ++exit if a loop was found. It will also exit with a complaint if a ++depend statement was used that does not point to a service in the ++control file. ++.SH "THE RUN CONTROL FILE" ++.IX Header "THE RUN CONTROL FILE" ++The preferred way to set up monit is to write a \fI.monitrc\fR file ++in your home directory. When there is a conflict between the ++command-line arguments and the arguments in this file, the ++command-line arguments take precedence. To protect the security ++of your control file and passwords the control file must have ++permissions \fIno more than 0700\fR (u=xrw,g=,o=); monit will ++complain and exit otherwise. ++.Sh "Run Control Syntax" ++.IX Subsection "Run Control Syntax" ++Comments begin with a '#' and extend through the end of the line. ++Otherwise the file consists of a series of service entries or ++global option statements in a free\-format, token-oriented syntax. ++.PP ++There are three kinds of tokens: grammar keywords, numbers (i.e. ++decimal digit sequences) and strings. Strings can be either ++quoted or unquoted. A quoted string is bounded by double quotes ++and may contain whitespace (and quoted digits are treated as a ++string). An unquoted string is any whitespace-delimited token, ++containing characters and/or numbers. ++.PP ++On a semantic level, the control file consists of two types of ++entries: ++.IP "1. Global set-statements" 4 ++.IX Item "1. Global set-statements" ++A global set-statement starts with the keyword \fIset\fR and the ++item to configure. ++.IP "2. One or more service entry statements." 4 ++.IX Item "2. One or more service entry statements." ++Each service entry consists of the keywords `check', followed by ++the service type. Each entry requires a <unique> descriptive ++name, which may be freely chosen. This name is used by monit ++to refer to the service internally and in all interactions ++with the user. ++.PP ++Currently, six types of check statements are supported: ++.IP "1. \s-1CHECK\s0 \s-1PROCESS\s0 <unique name> \s-1PIDFILE\s0 <path>" 4 ++.IX Item "1. CHECK PROCESS <unique name> PIDFILE <path>" ++<path> is the absolute path to the program's pidfile. If the ++pidfile does not exist or does not contain the pid number of a ++running process, monit will call the entry's start method if ++defined, If monit runs in passive mode or the start methods is ++not defined, monit will just send alerts on errors. ++.IP "2. \s-1CHECK\s0 \s-1FILE\s0 <unique name> \s-1PATH\s0 <path>" 4 ++.IX Item "2. CHECK FILE <unique name> PATH <path>" ++<path> is the absolute path to the file. If the file does not ++exist or disappeared, monit will call the entry's start method if ++defined, if <path> does not point to a regular file type (for ++instance a directory), monit will disable monitoring of this ++entry. If monit runs in passive mode or the start methods is not ++defined, monit will just send alerts on errors. ++.IP "3. \s-1CHECK\s0 \s-1FIFO\s0 <unique name> \s-1PATH\s0 <path>" 4 ++.IX Item "3. CHECK FIFO <unique name> PATH <path>" ++<path> is the absolute path to the fifo. If the fifo does not ++exist or disappeared, monit will call the entry's start method if ++defined, if <path> does not point to a fifo type (for ++instance a directory), monit will disable monitoring of this ++entry. If monit runs in passive mode or the start methods is not ++defined, monit will just send alerts on errors. ++.IP "4. \s-1CHECK\s0 \s-1DEVICE\s0 <unique name> \s-1PATH\s0 <path>" 4 ++.IX Item "4. CHECK DEVICE <unique name> PATH <path>" ++<path> is the path to the device block special file, mount point, ++file or a directory which is part of a filesystem. It is ++recommended to use a block special file directly (for example ++/dev/hda1 on Linux or /dev/dsk/c0t0d0s1 on Solaris, etc.) If you ++use a mount point (for example /data), be careful, because if the ++device is unmounted the test will still be true because the mount ++point exist. ++.Sp ++If the device becomes unavailable, monit will call the entry's ++start method if defined. if <path> does not point to a device, ++monit will disable monitoring of this entry. If monit runs in ++passive mode or the start methods is not defined, monit will just ++send alerts on errors. ++.IP "5. \s-1CHECK\s0 \s-1DIRECTORY\s0 <unique name> \s-1PATH\s0 <path>" 4 ++.IX Item "5. CHECK DIRECTORY <unique name> PATH <path>" ++<path> is the absolute path to the directory. If the directory ++does not exist or disappeared, monit will call the entry's start ++method if defined, if <path> does not point to a directory, monit ++will disable monitoring of this entry. If monit runs in passive ++mode or the start methods is not defined, monit will just send ++alerts on errors. ++.IP "6. \s-1CHECK\s0 \s-1HOST\s0 <unique name> \s-1ADDRESS\s0 <host address>" 4 ++.IX Item "6. CHECK HOST <unique name> ADDRESS <host address>" ++The host address can be specified as a hostname string or as an ++ip-address string on a dotted decimal format. Such as, ++tildeslash.com or \*(L"64.87.72.95\*(R". ++.IP "7. \s-1CHECK\s0 \s-1SYSTEM\s0 <unique name>" 4 ++.IX Item "7. CHECK SYSTEM <unique name>" ++The system name is usualy hostname, but any descriptive name can be ++used. This test allows to check general system resources such as ++\&\s-1CPU\s0 usage (percent of time spent in user, system and wait), total ++memory usage or load average. ++.PP ++You can use noise keywords like 'if', `and', `with(in)', `has', ++`using', 'use', 'on(ly)', `usage' and `program(s)' anywhere in an ++entry to make it resemble English. They're ignored, but can make ++entries much easier to read at a glance. The punctuation ++characters ';' ',' and '=' are also ignored. Keywords are case ++insensitive. ++.PP ++.Vb 1 ++\& Here are the legal global keywords: ++.Ve ++.PP ++.Vb 50 ++\& Keyword Function ++\& \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- ++\& set daemon Set a background poll interval in seconds. ++\& set init Set monit to run from init. monit will not ++\& transform itself into a daemon process. ++\& set logfile Name of a file to dump error\- and status\- ++\& messages to. If syslog is specified as the ++\& file, monit will utilize the syslog daemon ++\& to log messages. This can optionally be ++\& followed by 'facility <facility>' where ++\& facility is 'log_local0' \- 'log_local7' or ++\& 'log_daemon'. If no facility is specified, ++\& LOG_USER is used. ++\& set mailserver The mailserver used for sending alert ++\& notifications. If the mailserver is not ++\& defined, monit will try to use 'localhost' ++\& as the smtp\-server for sending mail. You ++\& can add more mail servers, if monit cannot ++\& connect to the first server it will try the ++\& next server and so on. ++\& set mail\-format Set a global mail format for all alert ++\& messages emitted by monit. ++\& set pidfile Explicit set the location of the monit lock ++\& file. E.g. set pidfile /var/run/xyzmonit.pid. ++\& set statefile Explicit set the location of the file monit ++\& will write state data to. If not set, the ++\& default is $HOME/.monit.state. ++\& set httpd port Activates monit http server at the given ++\& port number. ++\& ssl enable Enables ssl support for the httpd server. ++\& Requires the use of the pemfile statement. ++\& ssl disable Disables ssl support for the httpd server. ++\& It is equal to omitting any ssl statement. ++\& pemfile Set the pemfile to be used with ssl. ++\& clientpemfile Set the pemfile to be used when client ++\& certificates should be checked by monit. ++\& address If specified, the http server will only ++\& accept connect requests to this addresses ++\& This statement is an optional part of the ++\& set httpd statement. ++\& allow Specifies a host or IP address allowed to ++\& connect to the http server. Can also specify ++\& a username and password allowed to connect ++\& to the server. More than one allow statement ++\& are allowed. This statement is also an ++\& optional part of the set httpd statement. ++\& read\-only Set the user defined in username:password ++\& to read only. A read\-only user cannot change ++\& a service from the monit web interface. ++\& include include a file or files matching the globstring ++.Ve ++.PP ++.Vb 1 ++\& Here are the legal service entry keywords: ++.Ve ++.PP ++.Vb 174 ++\& Keyword Function ++\& \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- ++\& check Starts an entry and must be followed by the type ++\& of monitored service {device|directory|file|host ++\& process|system} and a descriptive name for the ++\& service. ++\& pidfile Specify the process pidfile. Every ++\& process must create a pidfile with its ++\& current process id. This statement should only ++\& be used in a process service entry. ++\& path Must be followed by a path to the block ++\& special file for filesystem (device), regular ++\& file, directory or a process's pidfile. ++\& group Specify a groupname for a service entry. ++\& start The program used to start the specified ++\& service. Full path is required. This ++\& statement is optional, but recommended. ++\& stop The program used to stop the specified ++\& service. Full path is required. This ++\& statement is optional, but recommended. ++\& pid and ppid These keywords may be used as standalone ++\& statements in a process service entry to ++\& override the alert action for change of ++\& process pid and ppid. ++\& uid and gid These keywords are either 1) an optional part of ++\& a start, stop or exec statement. They may be ++\& used to specify a user id and a group id the ++\& program (process) should switch to upon start. ++\& This feature can only be used if the superuser ++\& is running monit. 2) uid and gid may also be ++\& used as standalone statements in a file service ++\& entry to test a file's uid and gid attributes. ++\& host The hostname or IP address to test the port ++\& at. This keyword can only be used together ++\& with a port statement or in the check host ++\& statement. ++\& port Specify a TCP/IP service port number which ++\& a process is listening on. This statement ++\& is also optional. If this statement is not ++\& prefixed with a host\-statement, localhost is ++\& used as the hostname to test the port at. ++\& type Specifies the socket type monit should use when ++\& testing a connection to a port. If the type ++\& keyword is omitted, tcp is used. This keyword ++\& must be followed by either tcp, udp or tcpssl. ++\& tcp Specifies that monit should use a TCP ++\& socket type (stream) when testing a port. ++\& tcpssl Specifies that monit should use a TCP socket ++\& type (stream) and the secure socket layer (ssl) ++\& when testing a port connection. ++\& udp Specifies that monit should use a UDP socket ++\& type (datagram) when testing a port. ++\& certmd5 The md5 sum of a certificate a ssl forged ++\& server has to deliver. ++\& proto(col) This keyword specifies the type of service ++\& found at the port. monit knows at the moment ++\& how to speak HTTP, SMTP, FTP, POP, IMAP, MYSQL, ++\& NNTP, SSH, DWP, LDAP2, LDAP3, RDATE, NTP3, DNS, ++\& POSTFIX\-POLICY, APACHE\-STATUS, TNS, PGSQL and ++\& RSYNC. ++\& You're welcome to write new protocol test ++\& modules. If no protocol is specified monit will ++\& use a default test which in most cases are good ++\& enough. ++\& request Specifies a server request and must come ++\& after the protocol keyword mentioned above. ++\& \- for http it can contain an URL and an ++\& optional query string. ++\& \- other protocols does not support this ++\& statement yet ++\& send/expect These keywords specify a generic protocol. ++\& Both require a string whether to be sent or ++\& to be matched against (as extended regex if ++\& supported). Send/expect can not be used ++\& together with the proto(col) statement. ++\& unix(socket) Specifies a Unix socket file and used like ++\& the port statement above to test a Unix ++\& domain network socket connection. ++\& URL Specify an URL string which monit will use for ++\& connection testing. ++\& content Optional sub\-statement for the URL statement. ++\& Specifies that monit should test the content ++\& returned by the server against a regular ++\& expression. ++\& timeout x sec. Define a network port connection timeout. Must ++\& be followed by a number in seconds and the ++\& keyword, seconds. ++\& timeout Define a service timeout. Must be followed by ++\& two digits. The first digit is max number of ++\& restarts for the service. The second digit ++\& is the cycle interval to test restarts. ++\& This statement is optional. ++\& alert Specifies an email address for notification ++\& if a service event occurs. Alert can also ++\& be postfixed, to only send a message for ++\& certain events. See the examples above. More ++\& than one alert statement is allowed in an ++\& entry. This statement is also optional. ++\& noalert Specifies an email address which don't want ++\& to receive alerts. This statement is also ++\& optional. ++\& restart, stop These keywords may be used as actions for ++\& unmonitor, various test statements. The exec statement is ++\& start and special in that it requires a following string ++\& exec specifying the program to be execute. You may ++\& also specify an UID and GID for the exec ++\& statement. The program executed will then run ++\& using the specified user id and group id. ++\& mail\-format Specifies a mail format for an alert message ++\& This statement is an optional part of the ++\& alert statement. ++\& checksum Specify that monit should compute and monitor a ++\& file's md5/sha1 checksum. May only be used in a ++\& check file entry. ++\& expect Specifies a md5/sha1 checksum string monit ++\& should expect when testing the checksum. This ++\& statement is an optional part of the checksum ++\& statement. ++\& timestamp Specifies an expected timestamp for a file ++\& or directory. More than one timestamp statement ++\& are allowed. May only be used in a check file or ++\& check directory entry. ++\& changed Part of a timestamp statement and used as an ++\& operator to simply test for a timestamp change. ++\& every Validate this entry only at every n poll cycle. ++\& Useful in daemon mode when the cycle is short ++\& and a service takes some time to start. ++\& mode Must be followed either by the keyword active, ++\& passive or manual. If active, monit will restart ++\& the service if it is not running (this is the ++\& default behavior). If passive, monit will not ++\& (re)start the service if it is not running \- it ++\& will only monitor and send alerts (resource ++\& related restart and stop options are ignored ++\& in this mode also). If manual, monit will enter ++\& active mode only if a service was started under ++\& monit's control otherwise the service isn't ++\& monitored. ++\& cpu Must be followed by a compare operator, a number ++\& with "%" and an action. This statement is used ++\& to check the cpu usage in percent of a process ++\& with its children over a number of cycles. If ++\& the compare expression matches then the ++\& specified action is executed. ++\& mem The equivalent to the cpu token for memory of a ++\& process (w/o children!). This token must be ++\& followed by a compare operator a number with ++\& unit {B|KB|MB|GB|%|byte|kilobyte|megabyte| ++\& gigabyte|percent} and an action. ++\& loadavg Must be followed by [1min,5min,15min] in (), a ++\& compare operator, a number and an action. This ++\& statement is used to check the system load ++\& average over a number of cycles. If the compare ++\& expression matches then the specified action is ++\& executed. ++\& children This is the number of child processes spawn by a ++\& process. The syntax is the same as above. ++\& totalmem The equivalent of mem, except totalmem is an ++\& aggregation of memory, not only used by a ++\& process but also by all its child ++\& processes. The syntax is the same as above. ++\& space Must be followed by a compare operator, a ++\& number, unit {B|KB|MB|GB|%|byte|kilobyte| ++\& megabyte|gigabyte|percent} and an action. ++\& inode(s) Must be followed by a compare operator, integer ++\& number, optionally by percent sign (if not, the ++\& limit is absolute) and an action. ++\& perm(ission) Must be followed by an octal number describing ++\& the permissions. ++\& size Must be followed by a compare operator, a ++\& number, unit {B|KB|MB|GB|byte|kilobyte| ++\& megabyte|gigabyte} and an action. ++\& depends (on) Must be followed by the name of a service this ++\& service depends on. ++.Ve ++.PP ++Here's the complete list of reserved \fBkeywords\fR used by monit: ++.PP ++\&\fIif\fR, \fIthen\fR, \fIelse\fR, \fIset\fR, \fIdaemon\fR, \fIlogfile\fR, ++\&\fIsyslog\fR, \fIaddress\fR, \fIhttpd\fR, \fIssl\fR, \fIenable\fR, \fIdisable\fR, ++\&\fIpemfile\fR, \fIallow\fR, \fIread-only\fR, \fIcheck\fR, \fIinit\fR, \fIcount\fR, ++\&\fIpidfile\fR, \fIstatefile\fR, \fIgroup\fR, \fIstart\fR, \fIstop\fR, \fIuid\fR, ++\&\fIgid\fR, \fIconnection\fR, \fIport(number)\fR, \fIunix(socket)\fR, \fItype\fR, ++\&\fIproto(col)\fR, \fItcp\fR, \fItcpssl\fR, \fIudp\fR, \fIalert\fR, \fInoalert\fR, ++\&\fImail-format\fR, \fIrestart\fR, \fItimeout\fR, \fIchecksum\fR, \fIresource\fR, ++\&\fIexpect\fR, \fIsend\fR, \fImailserver\fR, \fIevery\fR, \fImode\fR, \fIactive\fR, ++\&\fIpassive\fR, \fImanual\fR, \fIdepends\fR, \fIhost\fR, \fIdefault\fR, \fIhttp\fR, ++\&\fIftp\fR, \fIsmtp\fR, \fIpop\fR, \fIntp3\fR, \fInntp\fR, \fIimap\fR, \fIclamav\fR, ++\&\fIssh\fR, \fIdwp\fR, \fIldap2\fR, \fIldap3\fR, \fItns\fR, \fIrequest\fR, \fIcpu\fR, ++\&\fImem\fR, \fItotalmem\fR, \fIchildren\fR, \fIloadavg\fR, \fItimestamp\fR, ++\&\fIchanged\fR, \fIsecond(s)\fR, \fIminute(s)\fR, \fIhour(s)\fR, \fIday(s)\fR, ++\&\fIspace\fR, \fIinode\fR, \fIpid\fR, \fIppid\fR, \fIperm(ission)\fR, \fIicmp\fR, ++\&\fIprocess\fR, \fIfile\fR, \fIdirectory\fR, \fIdevice\fR, \fIsize\fR, ++\&\fIunmonitor\fR, \fIrdate\fR, \fIrsync\fR, \fIdata\fR, \fIinvalid\fR, \fIexec\fR, ++\&\fInonexist\fR, \fIpolicy\fR, \fIreminder\fR, \fIinstance\fR, \fIeventqueue\fR, ++ \fIbasedir\fR, \fIslot(s)\fR, \fIsystem\fR and \fIfailed\fR ++.PP ++And here is a complete list of \fBnoise keywords\fR ignored by ++monit: ++.PP ++\&\fIis\fR, \fIas\fR, \fIare\fR, \fIon(ly)\fR, \fIwith(in)\fR, \fIand\fR, \fIhas\fR, ++\&\fIusing\fR, \fIuse\fR, \fIthe\fR, \fIsum\fR, \fIprogram(s)\fR, \fIthan\fR, \fIfor\fR, ++\&\fIusage\fR, \fIwas\fR, \fIbut\fR. ++.PP ++\&\fBNote:\fR If the \fIstart\fR or \fIstop\fR programs are shell scripts, ++then the script must begin with \f(CW\*(C`#!\*(C'\fR and the remainder of the ++first line must specify an interpreter for the program. E.g. ++\&\f(CW\*(C`#!/bin/sh\*(C'\fR ++.PP ++It's possible to write scripts directly into the \fIstart\fR and ++\&\fIstop\fR entries by using a string of shell\-commands. Like so: ++.PP ++.Vb 2 ++\& start="/bin/bash \-c 'echo $$ > pidfile; exec program'" ++\& stop="/bin/bash \-c 'kill \-s SIGTERM `cat pidfile`'" ++.Ve ++.Sh "\s-1CONFIGURATION\s0 \s-1EXAMPLES\s0" ++.IX Subsection "CONFIGURATION EXAMPLES" ++The simplest form is just the check statement. In this example we ++check to see if the server is running and log a message if not: ++.PP ++.Vb 1 ++\& check process resin with pidfile /usr/local/resin/srun.pid ++.Ve ++.PP ++To have monit start the server if it's not running, add a start ++statement: ++.PP ++.Vb 2 ++\& check process resin with pidfile /usr/local/resin/srun.pid ++\& start program = "/usr/local/resin/bin/srun.sh start" ++.Ve ++.PP ++Here's a more advanced example for monitoring an apache ++web-server listening on the default port number for \s-1HTTP\s0 and ++\&\s-1HTTPS\s0. In this example monit will restart apache if it's not ++accepting connections at the port numbers. The method monit use ++for a process restart is to first execute the stop\-program, wait ++for the process to stop and then execute the start\-program. (If ++monit was unable to stop or start the service a failed alert ++message will be sent if you have requested alert messages to be ++sent). ++.PP ++.Vb 5 ++\& check process apache with pidfile /var/run/httpd.pid ++\& start program = "/etc/init.d/httpd start" ++\& stop program = "/etc/init.d/httpd stop" ++\& if failed port 80 then restart ++\& if failed port 443 with timeout 15 seconds then restart ++.Ve ++.PP ++This example demonstrate how you can run a program as a specified ++user (uid) and with a specified group (gid). Many daemon programs ++will do the uid and gid switch by them self, but for those ++programs that does not (e.g. Java programs), monit's ability to ++start a program as a certain user can be very useful. In this ++example we start the Tomcat Java Servlet Engine as the standard ++\&\fInobody\fR user and group. Please note that monit will only switch ++uid and gid for a program if the super-user is running monit, ++otherwise monit will simply ignore the request to change uid and ++gid. ++.PP ++.Vb 7 ++\& check process tomcat with pidfile /var/run/tomcat.pid ++\& start program = "/etc/init.d/tomcat start" ++\& as uid nobody and gid nobody ++\& stop program = "/etc/init.d/tomcat stop" ++\& # You can also use id numbers instead and write: ++\& as uid 99 and with gid 99 ++\& if failed port 8080 then alert ++.Ve ++.PP ++In this example we use udp for connection testing to check if the ++name-server is running and also use timeout and alert: ++.PP ++.Vb 5 ++\& check process named with pidfile /var/run/named.pid ++\& start program = "/etc/init.d/named start" ++\& stop program = "/etc/init.d/named stop" ++\& if failed port 53 use type udp protocol dns then restart ++\& if 3 restarts within 5 cycles then timeout ++.Ve ++.PP ++The following example illustrate how to check if the service ++\&'sophie' is answering connections on its Unix domain socket: ++.PP ++.Vb 4 ++\& check process sophie with pidfile /var/run/sophie.pid ++\& start program = "/etc/init.d/sophie start" ++\& stop program = "/etc/init.d/sophie stop" ++\& if failed unix /var/run/sophie then restart ++.Ve ++.PP ++In this example we check an apache web-server running on ++localhost that answers for several IP-based virtual hosts or ++vhosts, hence the host statement before port: ++.PP ++.Vb 7 ++\& check process apache with pidfile /var/run/httpd.pid ++\& start "/etc/init.d/httpd start" ++\& stop "/etc/init.d/httpd stop" ++\& if failed host www.sol.no port 80 then alert ++\& if failed host shop.sol.no port 443 then alert ++\& if failed host chat.sol.no port 80 then alert ++\& if failed host www.tildeslash.com port 80 then alert ++.Ve ++.PP ++To make sure that monit is communicating with a http server a ++protocol test can be added: ++.PP ++.Vb 6 ++\& check process apache with pidfile /var/run/httpd.pid ++\& start "/etc/init.d/httpd start" ++\& stop "/etc/init.d/httpd stop" ++\& if failed host www.sol.no port 80 ++\& protocol HTTP ++\& then alert ++.Ve ++.PP ++This example shows a different way to check a webserver using ++the send/expect mechanism: ++.PP ++.Vb 7 ++\& check process apache with pidfile /var/run/httpd.pid ++\& start "/etc/init.d/httpd start" ++\& stop "/etc/init.d/httpd stop" ++\& if failed host www.sol.no port 80 ++\& send "GET / HTTP/1.0\er\enHost: www.sol.no\er\en\er\en" ++\& expect "HTTP/[0\-9\e.]{3} 200 .*\er\en" ++\& then alert ++.Ve ++.PP ++To make sure that Apache is logging successfully (i.e. no more ++than 60 percent of child servers are logging), use its mod_status ++page at www.sol.no/server\-status with this special protocol test: ++.PP ++.Vb 5 ++\& check process apache with pidfile /var/run/httpd.pid ++\& start "/etc/init.d/httpd start" ++\& stop "/etc/init.d/httpd stop" ++\& if failed host www.sol.no port 80 ++\& protocol apache\-status loglimit > 60% then restart ++.Ve ++.PP ++This configuration can be used to alert you if 25 percent or more ++of Apache child processes are stuck performing \s-1DNS\s0 lookups: ++.PP ++.Vb 5 ++\& check process apache with pidfile /var/run/httpd.pid ++\& start "/etc/init.d/httpd start" ++\& stop "/etc/init.d/httpd stop" ++\& if failed host www.sol.no port 80 ++\& protocol apache\-status dnslimit > 25% then alert ++.Ve ++.PP ++Here we use an icmp ping test to check if a remote host is up and ++if not send an alert: ++.PP ++.Vb 3 ++\& check host www.tildeslash.com with address www.tildeslash.com ++\& if failed icmp type echo count 5 with timeout 15 seconds ++\& then alert ++.Ve ++.PP ++In the following example we ask monit to compute and verify the ++checksum for the underlying apache binary used by the start and ++stop programs. If the the checksum test should fail, monitoring ++will be disabled to prevent possibly starting a compromised ++binary: ++.PP ++.Vb 5 ++\& check process apache with pidfile /var/run/httpd.pid ++\& start program = "/etc/init.d/httpd start" ++\& stop program = "/etc/init.d/httpd stop" ++\& if failed host www.tildeslash.com port 80 then restart ++\& depends on apache_bin ++.Ve ++.PP ++.Vb 2 ++\& check file apache_bin with path /usr/local/apache/bin/httpd ++\& if failed checksum then unmonitor ++.Ve ++.PP ++In this example we ask monit to test the checksum for a document ++on a remote server. If the checksum was changed we send an alert: ++.PP ++.Vb 7 ++\& check host tildeslash with address www.tildeslash.com ++\& if failed port 80 protocol http ++\& and request "/monit/dist/monit\-4.0.tar.gz" ++\& with checksum f9d26b8393736b5dfad837bb13780786 ++\& then alert ++\& alert hauk@tildeslash.com with mail\-format {subject: ++\& Aaaalarm! } ++.Ve ++.PP ++Some servers are slow starters, like for example Java based ++Application Servers. So if we want to keep the poll-cycle low ++(i.e. < 60 seconds) but allow some services to take its time to ++start, the \fBevery\fR statement is handy: ++.PP ++.Vb 5 ++\& check process dynamo with pidfile /etc/dynamo.pid ++\& start program = "/etc/init.d/dynamo start" ++\& stop program = "/etc/init.d/dynamo stop" ++\& if failed port 8840 then alert ++\& every 2 cycles ++.Ve ++.PP ++Here is an example where we group together two database entries ++so you can manage them together, e.g.; 'monit \-g database start ++all'. The mode statement is also illustrated in the first entry ++and have the effect that monit will not try to (re)start this ++service if it is not running: ++.PP ++.Vb 5 ++\& check process sybase with pidfile /var/run/sybase.pid ++\& start = "/etc/init.d/sybase start" ++\& stop = "/etc/init.d/sybase stop" ++\& mode passive ++\& group database ++.Ve ++.PP ++.Vb 6 ++\& check process oracle with pidfile /var/run/oracle.pid ++\& start program = "/etc/init.d/oracle start" ++\& stop program = "/etc/init.d/oracle stop" ++\& mode active # Not necessary really, since it's the default ++\& if failed port 9001 then restart ++\& group database ++.Ve ++.PP ++Here is an example to show the usage of the resource checks. It ++will send an alert when the \s-1CPU\s0 usage of the http daemon and its ++child processes raises beyond 60% for over two cycles. Apache is ++restarted if the \s-1CPU\s0 usage is over 80% for five cycles or the ++memory usage over 100Mb for five cycles or if the machines load ++average is more than 10 for 8 cycles: ++.PP ++.Vb 7 ++\& check process apache with pidfile /var/run/httpd.pid ++\& start program = "/etc/init.d/httpd start" ++\& stop program = "/etc/init.d/httpd stop" ++\& if cpu > 60% for 2 cycles then alert ++\& if cpu > 80% for 5 cycles then restart ++\& if mem > 100 MB for 5 cycles then stop ++\& if loadavg(5min) greater than 10.0 for 8 cycles then stop ++.Ve ++.PP ++This examples demonstrate the timestamp statement with exec and ++how you may restart apache if its configuration file was ++changed. ++.PP ++.Vb 3 ++\& check file httpd.conf with path /etc/httpd/httpd.conf ++\& if changed timestamp ++\& then exec "/etc/init.d/httpd graceful" ++.Ve ++.PP ++In this example we demonstrate usage of the extended alert ++statement and a file check dependency: ++.PP ++.Vb 15 ++\& check process apache with pidfile /var/run/httpd.pid ++\& start = "/etc/init.d/httpd start" ++\& stop = "/etc/init.d/httpd stop" ++\& if failed host www.tildeslash.com port 80 then restart ++\& alert admin@bar on {nonexist, timeout} ++\& with mail\-format { ++\& from: bofh@$HOST ++\& subject: apache $EVENT \- $ACTION ++\& message: This event occurred on $HOST at $DATE. ++\& Your faithful employee, ++\& monit ++\& } ++\& if 3 restarts within 5 cycles then timeout ++\& depend httpd_bin ++\& group apache ++.Ve ++.PP ++.Vb 12 ++\& check file httpd_bin with path /usr/local/apache/bin/httpd ++\& if failed checksum ++\& and expect 8f7f419955cefa0b33a2ba316cba3659 ++\& then unmonitor ++\& if failed permission 755 then unmonitor ++\& if failed uid root then unmonitor ++\& if failed gid root then unmonitor ++\& if changed timestamp then alert ++\& alert security@bar on {checksum, timestamp, ++\& permission, uid, gid} ++\& with mail\-format {subject: Alaaarrm! on $HOST} ++\& group apache ++.Ve ++.PP ++In this example, we demonstrate usage of the depend statement. In ++this case, we want to start oracle and apache. However, we've set ++up apache to use oracle as a back end, and if oracle is ++restarted, apache must be restarted as well. ++.PP ++.Vb 4 ++\& check process apache with pidfile /var/run/httpd.pid ++\& start = "/etc/init.d/httpd start" ++\& stop = "/etc/init.d/httpd stop" ++\& depends on oracle ++.Ve ++.PP ++.Vb 4 ++\& check process oracle with pidfile /var/run/oracle.pid ++\& start = "/etc/init.d/oracle start" ++\& stop = "/etc/init.d/oracle stop" ++\& if failed port 9001 then restart ++.Ve ++.PP ++Next, we have 2 services, oracle-import and oracle-export that ++need to be restarted if oracle is restarted, but are independent ++of each other. ++.PP ++.Vb 4 ++\& check process oracle with pidfile /var/run/oracle.pid ++\& start = "/etc/init.d/oracle start" ++\& stop = "/etc/init.d/oracle stop" ++\& if failed port 9001 then restart ++.Ve ++.PP ++.Vb 5 ++\& check process oracle\-import ++\& with pidfile /var/run/oracle\-import.pid ++\& start = "/etc/init.d/oracle\-import start" ++\& stop = "/etc/init.d/oracle\-import stop" ++\& depends on oracle ++.Ve ++.PP ++.Vb 5 ++\& check process oracle\-export ++\& with pidfile /var/run/oracle\-export.pid ++\& start = "/etc/init.d/oracle\-export start" ++\& stop = "/etc/init.d/oracle\-export stop" ++\& depends on oracle ++.Ve ++.PP ++Finally an example with all statements: ++.PP ++.Vb 23 ++\& check process apache with pidfile /var/run/httpd.pid ++\& start program = "/etc/init.d/httpd start" ++\& stop program = "/etc/init.d/httpd stop" ++\& if 3 restarts within 5 cycles then timeout ++\& if failed host www.sol.no port 80 protocol http ++\& and use the request "/login.cgi" ++\& then alert ++\& if failed host shop.sol.no port 443 type tcpssl ++\& protocol http and with timeout 15 seconds ++\& then restart ++\& if cpu is greater than 60% for 2 cycles then alert ++\& if cpu > 80% for 5 cycles then restart ++\& if totalmem > 100 MB then stop ++\& if children > 200 then alert ++\& alert bofh@bar with mail\-format {from: monit@foo.bar.no} ++\& every 2 cycles ++\& mode active ++\& depends on weblogic ++\& depends on httpd.pid ++\& depends on httpd.conf ++\& depends on httpd_bin ++\& depends on datafs ++\& group server ++.Ve ++.PP ++.Vb 6 ++\& check file httpd.pid with path /usr/local/apache/logs/httpd.pid ++\& group server ++\& if timestamp > 7 days then restart ++\& every 2 cycles ++\& alert bofh@bar with mail\-format {from: monit@foo.bar.no} ++\& depends on datafs ++.Ve ++.PP ++.Vb 7 ++\& check file httpd.conf with path /etc/httpd/httpd.conf ++\& group server ++\& if timestamp was changed ++\& then exec "/usr/local/apache/bin/apachectl graceful" ++\& every 2 cycles ++\& alert bofh@bar with mail\-format {from: monit@foo.bar.no} ++\& depends on datafs ++.Ve ++.PP ++.Vb 13 ++\& check file httpd_bin with path /usr/local/apache/bin/httpd ++\& group server ++\& if failed checksum and expect the sum ++\& 8f7f419955cefa0b33a2ba316cba3659 then unmonitor ++\& if failed permission 755 then unmonitor ++\& if failed uid root then unmonitor ++\& if failed gid root then unmonitor ++\& if changed size then alert ++\& if changed timestamp then alert ++\& every 2 cycles ++\& alert bofh@bar with mail\-format {from: monit@foo.bar.no} ++\& alert foo@bar on { checksum, size, timestamp, uid, gid } ++\& depends on datafs ++.Ve ++.PP ++.Vb 12 ++\& check device datafs with path /dev/sdb1 ++\& group server ++\& start program = "/bin/mount /data" ++\& stop program = "/bin/umount /data" ++\& if failed permission 660 then unmonitor ++\& if failed uid root then unmonitor ++\& if failed gid disk then unmonitor ++\& if space usage > 80 % then alert ++\& if space usage > 94 % then stop ++\& if inode usage > 80 % then alert ++\& if inode usage > 94 % then stop ++\& alert root@localhost ++.Ve ++.PP ++.Vb 7 ++\& check host ftp.redhat.com with address ftp.redhat.com ++\& if failed icmp type echo with timeout 15 seconds ++\& then alert ++\& if failed port 21 protocol ftp ++\& then exec "/usr/X11R6/bin/xmessage \-display ++\& :0 ftp connection failed" ++\& alert foo@bar.com ++.Ve ++.PP ++.Vb 7 ++\& check host www.gnu.org with address www.gnu.org ++\& if failed port 80 protocol http ++\& and request "/pub/gnu/bash/bash\-2.05b.tar.gz" ++\& with checksum 8f7f419955cefa0b33a2ba316cba3659 ++\& then alert ++\& alert rms@gnu.org with mail\-format { ++\& subject: The gnu server may be hacked again! } ++.Ve ++.PP ++Note; only the \fBcheck type\fR, \fBpidfile/path/address\fR statements ++are mandatory, the other statements are optional and the order of ++the optional statements is not important. ++.SH "MONIT WITH HEARTBEAT" ++.IX Header "MONIT WITH HEARTBEAT" ++You can download \fIheartbeat\fR from ++http://www.linux\-ha.org/download/. It might be useful to have a ++look at The Heartbeat Getting Started Guide at: ++http://www.linux\-ha.org/GettingStarted.html ++.PP ++\&\fBStarting up a Node\fR ++.PP ++This is the normal start sequence for a cluster\-node. With this ++sequence, there should be no error\-case, which is not handled ++either by heartbeat or by monit. For example, if monit dies, ++initd restarts it. If heartbeat dies, monit restarts it. If the ++node dies, the heartbeat instance on the other node detects it ++and restart the services there. ++.IP "1. initd starts monit with group local" 4 ++.IX Item "1. initd starts monit with group local" ++.PD 0 ++.IP "2. monit starts heartbeat in local group" 4 ++.IX Item "2. monit starts heartbeat in local group" ++.IP "3. heartbeat requests monit to start the node group" 4 ++.IX Item "3. heartbeat requests monit to start the node group" ++.IP "4. monit starts the node group" 4 ++.IX Item "4. monit starts the node group" ++.PD ++.PP ++\&\fBMonit: \f(BI/etc/monitrc\fB\fR ++.PP ++This example describes a cluster with 2 nodes. Services running ++on Node 1 are in the group \fInode1\fR and Node 2 services are in ++the \fInode2\fR group. ++.PP ++The local group entries are mode \fIactive\fR, the node group ++entries are mode \fImanual\fR and controlled by heartbeat. ++.PP ++.Vb 3 ++\& # ++\& # local services on both hosts ++\& # ++.Ve ++.PP ++.Vb 6 ++\& check process heartbeat with pidfile /var/run/heartbeat.pid ++\& start program = "/etc/init.d/heartbeat start" ++\& stop program = "/etc/init.d/heartbeat start" ++\& mode active ++\& alert foo@bar ++\& group local ++.Ve ++.PP ++.Vb 6 ++\& check process postfix with pidfile /var/run/postfix/master.pid ++\& start program = "/etc/init.d/postfix start" ++\& stop program = "/etc/init.d/postfix stop" ++\& mode active ++\& alert foo@bar ++\& group local ++.Ve ++.PP ++.Vb 3 ++\& # ++\& # node1 services ++\& # ++.Ve ++.PP ++.Vb 7 ++\& check process apache with pidfile /var/apache/logs/httpd.pid ++\& start program = "/etc/init.d/apache start" ++\& stop program = "/etc/init.d/apache stop" ++\& depends named ++\& alert foo@bar ++\& mode manual ++\& group node1 ++.Ve ++.PP ++.Vb 6 ++\& check process named with pidfile /var/tmp/named.pid ++\& start program = "/etc/init.d/named start" ++\& stop program = "/etc/init.d/named stop" ++\& alert foo@bar ++\& mode manual ++\& group node1 ++.Ve ++.PP ++.Vb 3 ++\& # ++\& # node2 services ++\& # ++.Ve ++.PP ++.Vb 6 ++\& check process named\-slave with pidfile /var/tmp/named\-slave.pid ++\& start program = "/etc/init.d/named\-slave start" ++\& stop program = "/etc/init.d/named\-slave stop" ++\& mode manual ++\& alert foo@bar ++\& group node2 ++.Ve ++.PP ++.Vb 7 ++\& check process squid with pidfile /var/squid/logs/squid.pid ++\& start program = "/etc/init.d/squid start" ++\& stop program = "/etc/init.d/squid stop" ++\& depends named\-slave ++\& alert foo@bar ++\& mode manual ++\& group node2 ++.Ve ++.PP ++\&\fBinitd: \f(BI/etc/inittab\fB\fR ++.PP ++Monit is started on both nodes with initd. You will need to add ++an entry in \fI/etc/inittab\fR to start monit with the same local ++group heartbeat is member of. ++.PP ++.Vb 2 ++\& #/etc/inittab ++\& mo:2345:respawn:/usr/local/bin/monit \-d 10 \-c /etc/monitrc \-g local ++.Ve ++.PP ++\&\fBheartbeat: \f(BI/etc/ha.d/haresources\fB\fR ++.PP ++When heartbeat starts, heartbeat looks up the node entry and ++start the script \fI/etc/init.d/monit\-node1\fR or ++\&\fI/etc/init.d/monit\-node2\fR. The script calls monit to start the ++specific group per node. ++.PP ++.Vb 3 ++\& # /etc/ha.d/haresources ++\& node1 IPaddr::172.16.100.1 monit\-node1 ++\& node2 IPaddr::172.16.100.2 monit\-node2 ++.Ve ++.PP ++\&\fB\f(BI/etc/init.d/monit\-node1\fB\fR ++.PP ++.Vb 11 ++\& #!/bin/bash ++\& # ++\& # sample script for starting/stopping all services on node1 ++\& # ++\& prog="/usr/local/bin/monit \-g node1" ++\& start() ++\& { ++\& echo \-n $"Starting $prog:" ++\& $prog start all ++\& echo ++\& } ++.Ve ++.PP ++.Vb 6 ++\& stop() ++\& { ++\& echo \-n $"Stopping $prog:" ++\& $prog stop all ++\& echo ++\& } ++.Ve ++.PP ++.Vb 10 ++\& case "$1" in ++\& start) ++\& start;; ++\& stop) ++\& stop;; ++\& *) ++\& echo $"Usage: $0 {start|stop}" ++\& RETVAL=1 ++\& esac ++\& exit $RETVAL ++.Ve ++.Sh "Handling state" ++.IX Subsection "Handling state" ++As mentioned elsewhere, monit save its state to a state file. If ++the monit process should die, upon restart monit will read its ++last known state from this file. This can be a problem if monit ++is used in a cluster, as illustrate in this scenario: ++.IP "1" 4 ++.IX Item "1" ++The active node fails, the second takes over ++.IP "2" 4 ++.IX Item "2" ++After a reboot, the failed node comes back, monit read its state ++file and start all the services (even manual ones) as they were ++running before the failure. This is a problem because services ++will now run on both nodes. ++.PP ++The solution to this problem is to remove the monit.state file in ++a rc-script called at boot time and before monit is started. ++.SH "FILES" ++.IX Header "FILES" ++\&\fI~/.monitrc\fR ++ Default run control file ++.PP ++\&\fI/etc/monitrc\fR ++ If the control file is not found in the default ++ location and /etc contains a \fImonitrc\fR file, this ++ file will be used instead. ++.PP ++\&\fI./monitrc\fR ++ If the control file is not found in either of the ++ previous two locations, and the current working ++ directory contains a \fImonitrc\fR file, this file is ++ used instead. ++.PP ++\&\fI~/.monitrc.pid\fR ++ Lock file to help prevent concurrent runs (non\-root ++ mode). ++.PP ++\&\fI/var/run/monit.pid\fR ++ Lock file to help prevent concurrent runs (root mode, ++ Linux systems). ++.PP ++\&\fI/etc/monit.pid\fR ++ Lock file to help prevent concurrent runs (root mode, ++ systems without /var/run). ++.PP ++\&\fI~/.monit.state\fR ++ monit save its state to this file and utilize ++ information found in this file to recover from ++ a crash. This is a binary file and its content is ++ only of interest to monit. You may set the location ++ of this file in the monit control file or by using ++ the \-s switch when monit is started. ++.SH "ENVIRONMENT" ++.IX Header "ENVIRONMENT" ++No environment variables are used by monit. However, when monit ++execute a script or a program monit will set several environment ++variables which can be utilized by the executable. The following ++and \fIonly\fR the following environment variables are available: ++.IP "\s-1MONIT_EVENT\s0" 4 ++.IX Item "MONIT_EVENT" ++The event that occurred on the service ++.IP "\s-1MONIT_SERVICE\s0" 4 ++.IX Item "MONIT_SERVICE" ++The name of the service (from monitrc) on which the event ++occurred. ++.IP "\s-1MONIT_DATE\s0" 4 ++.IX Item "MONIT_DATE" ++The time and date (rfc 822 style) the event occurred ++.IP "\s-1MONIT_HOST\s0" 4 ++.IX Item "MONIT_HOST" ++The host the event occurred on ++.PP ++The following environment variables are only available for ++process service entries: ++.IP "\s-1MONIT_PROCESS_PID\s0" 4 ++.IX Item "MONIT_PROCESS_PID" ++The process pid. This may be 0 if the process was (re)started, ++.IP "\s-1MONIT_PROCESS_MEMORY\s0" 4 ++.IX Item "MONIT_PROCESS_MEMORY" ++Process memory. This may be 0 if the process was (re)started, ++.IP "\s-1MONIT_PROCESS_CHILDREN\s0" 4 ++.IX Item "MONIT_PROCESS_CHILDREN" ++Process children. This may be 0 if the process was (re)started, ++.IP "\s-1MONIT_PROCESS_CPU_PERCENT\s0" 4 ++.IX Item "MONIT_PROCESS_CPU_PERCENT" ++Process cpu%. This may be 0 if the process was (re)started, ++.PP ++In addition the following spartan \s-1PATH\s0 environment variable is ++available: ++.IP "PATH=/bin:/usr/bin:/sbin:/usr/sbin" 4 ++.IX Item "PATH=/bin:/usr/bin:/sbin:/usr/sbin" ++.PP ++Scripts or programs that depends on other environment variables ++or on a more verbose \s-1PATH\s0 must provide means to set these ++variables by them self. ++.SH "SIGNALS" ++.IX Header "SIGNALS" ++If a monit daemon is running, \s-1SIGUSR1\s0 wakes it up from its sleep ++phase and forces a poll of all services. \s-1SIGTERM\s0 and \s-1SIGINT\s0 will ++gracefully terminate a monit daemon. The \s-1SIGTERM\s0 signal is sent ++to a monit daemon if monit is started with the \fIquit\fR action ++argument. ++.PP ++Sending a \s-1SIGHUP\s0 signal to a running monit daemon will force ++the daemon to reinitialize itself, specifically it will reread ++configuration, close and reopen log files. ++.PP ++Running monit in foreground while a background monit daemon is ++running will wake up the daemon. ++.SH "NOTES" ++.IX Header "NOTES" ++This is a very silent program. Use the \-v switch if you want to ++see what monit is doing, and tail \-f the logfile. Optionally for ++testing purposes; you can start monit with the \-Iv switch. Monit ++will then print debug information to the console, to stop monit ++in this mode, simply press CTRL^C (i.e. \s-1SIGINT\s0) in the same ++console. ++.PP ++The syntax (and parser) of the control file is inspired by Eric ++S. Raymond et al. excellent fetchmail program. Some portions of ++this man page does also receive inspiration from the same ++authors. ++.SH "AUTHORS" ++.IX Header "AUTHORS" ++Jan-Henrik Haukeland <hauk@tildeslash.com>, ++Martin Pala <martinp@tildeslash.com>, ++Christian Hopp <chopp@iei.tu\-clausthal.de>, ++Rory Toma <rory@digeo.com> ++.PP ++See also http://www.tildeslash.com/monit/who.html ++.SH "COPYRIGHT" ++.IX Header "COPYRIGHT" ++Copyright (C) 2000\-2007 by the monit project group. All Rights ++Reserved. This product is distributed in the hope that it will be ++useful, but \s-1WITHOUT\s0 any warranty; without even the implied ++warranty of \s-1MERCHANTABILITY\s0 or \s-1FITNESS\s0 for a particular purpose. ++.SH "SEE ALSO" ++.IX Header "SEE ALSO" ++\&\s-1GNU\s0 text utilities; \fImd5sum\fR\|(1); \fIsha1sum\fR\|(1); \fIopenssl\fR\|(1); \fIglob\fR\|(7); ++\&\fIregex\fR\|(7) diff --git a/sysutils/monit/patches/patch-af b/sysutils/monit/patches/patch-af new file mode 100644 index 00000000000..d6b3b32a82e --- /dev/null +++ b/sysutils/monit/patches/patch-af @@ -0,0 +1,16 @@ +$NetBSD: patch-af,v 1.1.1.1 2007/04/30 20:53:54 heinz Exp $ + +fixes crash on NetBSD due to usage of already destroyed mutex. +See also http://cvs.savannah.gnu.org/viewcvs/monit/log.c?rev=1.33&root=monit&r1=1.33&view=log + +--- log.c.orig 2007-01-03 22:02:06.000000000 +0100 ++++ log.c +@@ -277,7 +277,7 @@ void log_close() { + LogError("%s: Error closing the log file -- %s\n", + prog, STRERROR); + } +- pthread_mutex_destroy(&log_mutex); ++ + LOG= NULL; + + } diff --git a/sysutils/monit/patches/patch-ag b/sysutils/monit/patches/patch-ag new file mode 100644 index 00000000000..21bfebf0a75 --- /dev/null +++ b/sysutils/monit/patches/patch-ag @@ -0,0 +1,15 @@ +$NetBSD: patch-ag,v 1.1.1.1 2007/04/30 20:53:54 heinz Exp $ + +Substitute variables in monit.1.in + +--- configure.ac.orig 2007-02-19 23:39:58.000000000 +0100 ++++ configure.ac +@@ -698,7 +698,7 @@ fi + # ------------------------------------------------------------------------ + + AC_CONFIG_HEADER([config.h]) +-AC_CONFIG_FILES([Makefile]) ++AC_CONFIG_FILES([Makefile monit.1]) + AC_OUTPUT + + echo "" diff --git a/sysutils/monit/patches/patch-ah b/sysutils/monit/patches/patch-ah new file mode 100644 index 00000000000..e0c4db27379 --- /dev/null +++ b/sysutils/monit/patches/patch-ah @@ -0,0 +1,23 @@ +$NetBSD: patch-ah,v 1.1.1.1 2007/04/30 20:53:54 heinz Exp $ + +Generated from configure.ac + +--- configure.orig 2007-02-19 23:43:14.000000000 +0100 ++++ configure +@@ -10797,7 +10797,7 @@ fi + + ac_config_headers="$ac_config_headers config.h" + +-ac_config_files="$ac_config_files Makefile" ++ac_config_files="$ac_config_files Makefile monit.1" + + cat >confcache <<\_ACEOF + # This file is a shell script that caches the results of configure +@@ -11354,6 +11354,7 @@ do + case $ac_config_target in + "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;; + "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; ++ "monit.1") CONFIG_FILES="$CONFIG_FILES monit.1" ;; + + *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 + echo "$as_me: error: invalid argument: $ac_config_target" >&2;} |