Monit configuration checks for common services running in CentOS 7

The following are Monit configuration that are created specifically for CentOS 7 system. If you have not installed Monit yet, please check this guide: Installing Monit to monitor your server running CentOS 7 with nginx.

Apache

Create the file /etc/monit.d/httpd and add the following to it:

      
## Apache monitoring.

## Test the httpd service.
check process apache with pidfile /run/httpd/httpd.pid
  group apache
  start program = "/usr/bin/systemctl start httpd"
  stop  program = "/usr/bin/systemctl stop httpd"
  restart program  = "/usr/bin/systemctl restart httpd"
  ## Test port 80. Restart if the server is down.
  if failed host localhost port 80 protocol http then restart
  ## If the restarts attempts fail then alert.   
  if 3 restarts within 5 cycles then timeout
  depends on apache_bin
  depends on apache_init
  alert root@localhost only on {timeout}    

## Test the process binary.
check file apache_bin with path /usr/sbin/httpd
  group apache
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost  

## Test the init scripts.
check file apache_init with path /usr/lib/systemd/system/httpd.service
  group apache
  if failed checksum then unmonitor
  if failed permission 644 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

Nginx

Create the file /etc/monit.d/nginx and add the following to it:

      
## Nginx monitoring.

## Test the nginx service.
check process nginx with pidfile /run/nginx.pid
  group nginx
  start program = "/usr/bin/systemctl start nginx"
  stop  program = "/usr/bin/systemctl stop nginx"
  restart program  = "/usr/bin/systemctl restart nginx"
  ## Test port 80. Restart if the server is down.
  if failed host localhost port 80 protocol http then restart
  ## If the restarts attempts fail then alert.   
  if 3 restarts within 5 cycles then timeout
  depends on nginx_bin
  depends on nginx_init
  alert root@localhost only on {timeout}    

## Test the process binary.
check file nginx_bin with path /usr/sbin/nginx
  group nginx
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost  

## Test the init scripts.
check file nginx_init with path /usr/lib/systemd/system/nginx.service
  group nginx
  if failed checksum then unmonitor
  if failed permission 644 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

Mariadb

Create the file /etc/monit.d/mariadb and add the following to it:

      
## Mariadb monitoring.

## Test the mariadb service.
check process mariadb with pidfile /run/mariadb/mariadb.pid
  group database
  start program = "/usr/bin/systemctl start mariadb"
  stop  program = "/usr/bin/systemctl stop mariadb"
  restart program  = "/usr/bin/systemctl restart mariadb"
  if failed port 3306 protocol mysql then restart
  if 3 restarts within 5 cycles then timeout
  # This process check depends on checking the binary if the mariadb
  # daemon and the init script.
  depends on mariadb_bin
  depends on mariadb_init
  alert root@localhost only on {timeout}

## Test the process binary.
check file mariadb_bin with path /usr/bin/mysqld_safe
  group database
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

## Test the init scripts.
check file mariadb_init with path /usr/lib/systemd/system/mariadb.service
  group database
  if failed checksum then unmonitor
  if failed permission 644 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

PHP-FPM

Create the file /etc/monit.d/php-fpm and add the following to it:

      
## PHP-FPM monitoring.
  
## Test the php-fpm service.
check process php-fpm-tcp with pidfile /run/php-fpm/php-fpm.pid
  group phpcgi-tcp
  start program = "/usr/bin/systemctl start php-fpm"
  stop  program = "/usr/bin/systemctl stop php-fpm"
  restart program  = "/usr/bin/systemctl restart php-fpm"
  ## Test the FCGI protocol with an empty FCGI request.
  if failed port 9000
  ## This was based from here:
  ## http://richard.wallman.org.uk/2010/03/monitor-a-fastcgi-server-using-monit/
  ## and here:
  ## http://stackoverflow.com/questions/1302209/how-do-i-ping-a-fastcgi-server.
  ## Send FastCGI packet: version 1 (0x01), cmd FCGI_GET_VALUES (0x09)
  ## padding 8 bytes (0x08), followed by 8xNULLs padding.
  ## This follows the FCGI spec at http://www.fastcgi.com/devkit/doc/fcgi-spec.html#S3.
  ## 1. Version - 1 byte (version 1).
  ## 2. Type - 1 byte (FCGI_GET_VALUES = 9).
  ## 3. Request ID - 2 bytes (set to 0 - null request ID).
  ## 4. Content length - 2 bytes (set to 0).
  ## 5. Padding length - 1 byte (set to 8).
  ## 6. Reserved - 1 byte (set to 0).
  ## 7. Content data - variable size set to NULL.
  ## 8. Padding data - variable size set to 8 bytes (all NULL).
  send "\0x01\0x09\0x00\0x00\0x00\0x00\0x08\0x00\0x00\0x00\0x00\0x00\0x00\0x00\0x00\0x00"
  ## Expect FastCGI packet: version 1 (0x01), resp FCGI_GET_VALUES_RESULT (0x0A).
  ## 1. Version - 1 byte (version 1).
  ## 2. Type - 1 byte (FCGI_GET_VALUES_RESULT = 10).
  expect "\0x01\0x0A"
  ## Timeout because we don't care about anything else then the two initial bytes. 
  timeout 5 seconds
  then restart
  ## If the restarts attempts fail then alert.
  if 3 restarts within 5 cycles then timeout
  depends on php-fpm-tcp_bin
  depends on php-fpm-tcp_init
  alert root@localhost only on {timeout}

## Test the php-fpm binary.
check file php-fpm-tcp_bin with path /usr/sbin/php-fpm
   group phpcgi-tcp
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor
   alert root@localhost

## Test the init scripts.
check file php-fpm-tcp_init with path /usr/lib/systemd/system/php-fpm.service
   group phpcgi-tcp
   if failed checksum then unmonitor
   if failed permission 644 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor
   alert root@localhost

SSH

Create the file /etc/monit.d/sshd and add the following to it:

      
## SSH monitoring.

## Test the sshd service.
check process sshd with pidfile /run/sshd.pid
  group ssh
  start program = "/usr/bin/systemctl start sshd"
  stop  program = "/usr/bin/systemctl stop sshd"
  restart program  = "/usr/bin/systemctl restart sshd"
  if failed port 22 protocol ssh then restart
  if 3 restarts within 5 cycles then timeout
  depends on sshd_bin   
  depends on sshd_init
  alert root@localhost only on {timeout}

## Test the process binary.
check file sshd_bin with path /usr/sbin/sshd
  group ssh
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

## Test the init scripts.
check file sshd_init with path /usr/lib/systemd/system/sshd.service
  group ssh
  if failed checksum then unmonitor
  if failed permission 644 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

Cron

Create the file /etc/monit.d/crond and add the following to it:

      
## Cron monitoring.

## Test the crond service.
check process crond with pidfile /run/crond.pid
  group cron
  start program = "/usr/bin/systemctl start crond"
  stop  program = "/usr/bin/systemctl stop crond"
  restart program  = "/usr/bin/systemctl restart crond"
  depends on crond_bin   
  depends on crond_init
  alert root@localhost

## Test the process binary.
check file crond_bin with path /usr/sbin/crond
  group cron
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

## Test the init scripts.
check file crond_init with path /usr/lib/systemd/system/crond.service
  group cron
  if failed checksum then unmonitor
  if failed permission 644 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

Postfix

Create the file /etc/monit.d/postfix and add the following to it:

      
## Postfix monitoring.

## Test the postfix service.
check process postfix with pidfile /var/spool/postfix/pid/master.pid
  group mailserver
  start program = "/usr/bin/systemctl start postfix"
  stop  program = "/usr/bin/systemctl stop postfix"
  restart program  = "/usr/bin/systemctl restart postfix"
  if failed port 25 protocol smtp then restart
  if 3 restarts within 5 cycles then timeout
  depends on postfix_bin   
  depends on postfix_init
  alert root@localhost only on {timeout}

## Test the process binary.
check file postfix_bin with path /usr/sbin/postfix
  group mailserver
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

## Test the init scripts.
check file postfix_init with path /usr/lib/systemd/system/postfix.service
  group mailserver
  if failed checksum then unmonitor
  if failed permission 644 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

Memcache

      
## Memcache monitoring.

## Test the memcached service.
check process memcached matching "memcache"
  group memcache
  start program = "/usr/bin/systemctl start memcached"
  stop  program = "/usr/bin/systemctl stop memcached"
  restart program  = "/usr/bin/systemctl restart memcached"
  if failed port 11211 protocol memcache then restart
  if 3 restarts within 5 cycles then timeout
  depends on memcached_bin   
  depends on memcached_init
  alert root@localhost only on {timeout}

## Test the process binary.
check file memcached_bin with path /usr/bin/memcached
  group memcache
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

## Test the init scripts.
check file memcached_init with path /usr/lib/systemd/system/memcached.service
  group memcache
  if failed checksum then unmonitor
  if failed permission 644 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

Solr

Create the file /etc/monit.d/solr and add the following to it:

      
## Solr monitoring.

## Test the solr service.
check process solr with pidfile /var/solr/solr-8983.pid
  group solr
  start program = "/usr/bin/systemctl start solr"
  stop  program = "/usr/bin/systemctl stop solr"
  restart program  = "/usr/bin/systemctl restart solr"
  if failed port 8983 then restart
  if 3 restarts within 5 cycles then timeout
  depends on solr_bin   
  depends on solr_init
  alert root@localhost only on {timeout}

## Test the process binary.
check file solr_bin with path /opt/solr/bin/solr
  group solr
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid solr then unmonitor
  if failed gid solr then unmonitor
  alert root@localhost

## Test the init scripts.
check file solr_init with path /etc/init.d/solr
  group solr
  if failed checksum then unmonitor
  if failed permission 744 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

MongoDB

Create the file /etc/monit.d/mongod and add the following to it:

      
## Mongodb monitoring.

## Test the mongodb service.
check process mongodb with pidfile /run/mongodb/mongod.pid
  group mongodb
  start program = "/etc/init.d/mongod start"
  stop  program = "/etc/init.d/mongod stop"
  restart program  = "/etc/init.d/mongod restart"
  if failed port 27017 then restart
  if 3 restarts within 5 cycles then timeout
  # This process check depends on checking the binary if the mariadb
  # daemon and the init script.
  depends on mongodb_bin
  depends on mongodb_init
  alert root@localhost only on {timeout}

## Test the process binary.
check file mongodb_bin with path /usr/bin/mongod
  group mongodb
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

## Test the init scripts.
check file mongodb_init with path /etc/init.d/mongod
  group mongodb
  if failed checksum then unmonitor
  if failed permission 755 then unmonitor
  if failed uid root then unmonitor
  if failed gid root then unmonitor
  alert root@localhost

For more examples of Monit configuration checks, please go here.

Comments

Mark (not verified)

Sun, 10/07/2018 - 22:20

Permalink

if failed host

In the "if failed host" is it the sane if we write the IP address of the server?

admin

Mon, 10/08/2018 - 14:31

Permalink

Yes, you can write the IP…

Yes, you can write the IP address of the server.

SarraY (not verified)

Thu, 09/26/2019 - 19:50

Permalink

odoo services monitor

Hi
I need UR help; I have server CentOS7 installed with odoo12,
But some time odoo service stopped without any reason!
So I searched in many websites and i reached to this module ( Monit )
and I want to use it to fix my issue
HOW can I use it to monitor odoo services if its stop, make restart automatically ?