How to Setup Monit monitoring in Linux – Part 1

Monit Monitoring

Today we want to discuss yet another useful monitoring tool for the system/Linux administrators called Monit. This tools able monitor and manages server process (Like Nginx, Apache, MySQL, FTP, telegraf etc), files, directories, checksums, permissions, filesystems in Unix/Linux based systems automatically.

Along with this, this is capable monitor remote and local TCP/IP ports, Server protocols and ping, which will keep you alert incase if any service unavailable and this helps you to keep your up and running always. Monit keeps its own log file and alerts about any critical error conditions and recovery status.

Here few lists what Monit can do;

  • Keep check the service status and make sure services are up and running. With this you can achieve self-healing.
  • One of the big advantages is, monit reacts when things go wrong like restarting the services, running any custom scripts, alert via mail, teams or slack etc.
  • Another cool extra features like service management and file-hash checking and is easy to use.

Installing Monit

By default, if package not available on system base repositories, you need to add and enable third party epel repository (# yum install epel-release) to install monit package under your RHEL/CentOS. Once you’ve added epel repository, install package by running the following commands as below

On RedHat/CentOS/Fedora/
# yum install monit
On Ubuntu/Debian/Linux Mint
# apt-get install monit


Once you installed, you will able to find the config file on following location and you can configure based on your requirement;

# ls -lrt /etc/monit/monitrc
-rw------- 1 root root 28993 June 19 2020 /etc/monit/monitrc

Please refer following documentation to know more about the file location:

To Check about the config, you can run

#  monit -t

This will check the syntax of your configuration file to make sure your configuration is correct. It will acknowledge the syntax is correct.

If all goes well, you can run monit and check what’s going on by typing:

# monit            # this will launch the monit daemon
# monit status     # show some basic system information

Set Up

Monit runs as a daemon (a background process runs periodically as per configuration, do the defined tasks and go to be sleep mode). Where to mention? In Monitrc file you can see file value you should set how frequent Monit should perform the test/check and whenever it finds anything wrong it do the action mentioned in the config file, either alert or run some script etc.

set daemon 120
set logfile /var/log/monit.log

The first line means “wake up and check all the services and ports etc I’ve defined in this config file every 120 seconds or two minutes.” The second line means “please log into a special logfile just for monit, as opposed to syslog.”

Monit is not only command line tool, it have WebUI to check the service or system or port status and also you can perform disable and enable monitoring for existing configured stuffs.

set httpd
 port 2812
use address localhost # only accept connection from localhost
allow   # allow localhost to connect to the server and
allow admin:monit      # require user 'admin' with password 'monit'

This allows to access monit via WebUI with port 2812, you can restrict the connection with selected IP’s but mentioning the IP instead of

Monitoring Rules

Now for the monitoring rules! First, we’ll monitor some of our server’s core metrics, such as cpu usage and swap usage. Add the following to your monitrc file:

# Test CPU usage including user, system and wait. Note that 
# multi-core systems can generate 100% per core
# so total CPU usage can be more than 100%
check system $HOST

if memory usage > 85% for 5 cycles then alert
if swap usage > 20% for 5 cycles then alert
# Test the user part of CPU usage
if cpu usage (user) > 60% for 5 cycles then alert
# Test the system part of CPU usage
if cpu usage (system) > 20% for 5 cycles then alert
# Test the i/o wait part of CPU usage
if cpu usage (wait) > 85% for 5 cycles then alert

This host check is taken from these monit configuration examples, a useful page that will get you up and running with monit configuration snippets. Just like in a shell script, everything after a hash is a comment, the monit ignores it.

Monitoring Apache Service & Ports

As monit has capable monitor and take proactive solution, we can mention the service location also desire action to perform when the application is not reachable. Here we have defined the service solution and what action should perform

check process apache2 with pidfile /run/apache2/
    start program = "/bin/systemctl start apache2.service" with timeout 15 seconds
    stop program  = "/bin/systemctl stop apache2.service"
    restart program = "/bin/systemctl restart apache2.service"
    if failed host port 80
    protocol http then restart
    if 5 restarts within 5 cycles then timeout

Next, we’ll monitor a website which we’re presumably hosting on this server. It doesn’t matter if it’s hosted on this server; monit will simply go out, try to connect over HTTP, and move on if things seem to be working:

check host with address
if failed port 80 protocol http for 2 cycles then aler

Or if you want to monitor port 443 or SSL domain, you can mention, also it capable to check HTTP status code, which will be helpful for internal moved domains or forwarding domains.

check host with address
 if failed
      port 443
      protocol https
      status = 200 for 2 cycles then alert

If things don’t seem to be working, monit will retry one more time at the next cycle (however long you’ve defined a cycle to be, whether that’s 30 seconds or one hour) and then alert you if the site still doesn’t respond over HTTP.

Next, we’ll monitor mysql

# check mariadb
check host mymariadb with address
 if failed ping then alert
 if failed port 3306 protocol mysql then alert

If you’re not running these on the server where you’re setting up monit, there’s obviously no need to add these to your configuration file.

Once you define all, you can check syntax by running (# monit -t) and reload to start monitoring it

#  monit reload

 You can start check on the WebUI also the status of the service and portal you are enabled to monit.