Monitrc configuration for Debian 7 server

Posted: 24/04/2014 in Uncategorized

My monitrc configuration file to monitor apache2, nginx, mysql, sshd, fail2ban, pureftpd, munin-node, postfix, amavisd-new, courier, cron and rsyslogd on my Debian 7 server.

# Apache2
check process apache with pidfile /var/run/apache2.pid
   group www-data
   start program = "/etc/init.d/apache2 start"
   stop program  = "/etc/init.d/apache2 stop"
   if failed port 82 protocol http then restart
   if cpu is greater than 60% for 2 cycles then alert
   if cpu > 80% for 5 cycles then restart
   if totalmem > 1500 MB for 5 cycles then restart
   if children > 512 then restart
   if loadavg(5min) greater than 10 for 8 cycles then stop
   if 3 restarts within 5 cycles then timeout

# Nginx
   group www-data
   check process nginx with pidfile /var/run/nginx.pid
   start program = "/etc/init.d/nginx start"
   stop program = "/etc/init.d/nginx stop"

# MySQL
check process mysql with pidfile /var/run/mysqld/mysqld.pid
   group database
   start program = "/etc/init.d/mysql start"
   stop program = "/etc/init.d/mysql stop"
   if failed host 127.0.0.1 port 3306 protocol mysql then restart
   if 5 restarts within 5 cycles then timeout

# SSH
check process sshd with pidfile /var/run/sshd.pid
   start program  "/etc/init.d/ssh start"
   stop program  "/etc/init.d/ssh stop"
   if failed port 59292 then restart			### Change it to your ssh port
   if 5 restarts within 5 cycles then timeout

# Fail2ban
check process fail2ban with pidfile /var/run/fail2ban/fail2ban.pid
   group services
   start program = "/etc/init.d/fail2ban start"
   stop  program = "/etc/init.d/fail2ban stop"
   if 5 restarts within 5 cycles then timeout

# PureFTPd
check process pure-ftpd with pidfile /var/run/pure-ftpd/pure-ftpd.pid
   start program  "/etc/init.d/pure-ftpd-mysql start"
   stop program  "/etc/init.d/pure-ftpd-mysql stop"
   if failed host 127.0.0.1 port 21 then restart
   if 5 restarts within 5 cycles then timeout

# Munin-node
check process munin-node with pidfile /var/run/munin/munin-node.pid
   group services
   start program = "/etc/init.d/munin-node start"
   stop  program = "/etc/init.d/munin-node stop"
   if 5 restarts within 5 cycles then timeout

# Postfix
check process postfix with pidfile /var/spool/postfix/pid/master.pid
   group mail
   start program = "/etc/init.d/postfix start"
   stop  program = "/etc/init.d/postfix stop"
   if failed port 25 protocol smtp then restart
   if 5 restarts within 5 cycles then timeout
   depends on postfix_rc

check file postfix_rc with path /etc/init.d/postfix
   group mail
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor

# Amavisd-new
check process amavisd with pidfile /var/run/amavis/amavisd.pid
   group mail
   start program = "/etc/init.d/amavis start"
   stop  program = "/etc/init.d/amavis stop"
   if failed port 10024 protocol smtp then restart
   if 5 restarts within 5 cycles then timeout
   depends on amavisd_bin
   depends on amavisd_rc

check file amavisd_bin with path  /usr/sbin/amavisd-new
   group mail
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor

check file amavisd_rc with path /etc/init.d/amavis
   group mail
   if failed checksum then unmonitor
   if failed permission 755 then unmonitor
   if failed uid root then unmonitor
   if failed gid root then unmonitor

# Courier_authdaemon
check process authdaemon with pidfile /var/run/courier/authdaemon/pid
   group services
   start program = "/etc/init.d/courier-authdaemon start"
   stop  program = "/etc/init.d/courier-authdaemon stop"
   if 5 restarts within 5 cycles then timeout

# Courier_imapd
check process imap with pidfile /var/run/courier/imapd.pid
   group mail
   start program = "/etc/init.d/courier-imap start"
   stop  program = "/etc/init.d/courier-imap stop"
   if failed port 143 then restart
   if 5 restarts within 5 cycles then timeout

# Courier_immapd-ssl
check process imapd-ssl with pidfile /var/run/courier/imapd-ssl.pid
   group mail
   start program = "/etc/init.d/courier-imap-ssl start"
   stop  program = "/etc/init.d/courier-imap-ssl stop"
   if failed port 143 then restart
   if 5 restarts within 5 cycles then timeout

# Courier_pop3d
check process pop3 with pidfile /var/run/courier/pop3d.pid
   group mail
   start program = "/etc/init.d/courier-pop start"
   stop  program = "/etc/init.d/courier-pop stop"
   if failed port 110 then restart
   if 5 restarts within 5 cycles then timeout

# Courier_pop3-ssl
check process pop3-ssl with pidfile /var/run/courier/pop3d-ssl.pid
   group mail
   start program = "/etc/init.d/courier-pop-ssl start"
   stop  program = "/etc/init.d/courier-pop-ssl stop"
   if failed port 995 then restart
   if 5 restarts within 5 cycles then timeout

# Cron
check process cron with pidfile /var/run/crond.pid
   start program = "/etc/init.d/cron start"
   stop  program = "/etc/init.d/cron stop"
   group system
   depends cron_init, cron_bin

check file cron_init with path /etc/init.d/cron
   group system

check file cron_bin with path /usr/sbin/cron
   group system

# Rsyslogd
check process syslogd with pidfile /var/run/rsyslogd.pid
   start program = "/etc/init.d/rsyslog start"
   stop program = "/etc/init.d/rsyslog stop"
   if 5 restarts within 5 cycles then timeout
   check file syslogd_file with path /var/log/syslog
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s