Servers are working around the clock doing their job as expected. But like any machine they do require some attention and maintenance to prevent server disastrous failures and data loss. An important part of the server maintenance is server monitoring performed by system administrators to ensure that the server is performing as expected and all problems are discovered and solved before they become serious.
Server monitoring can be done using either manual techniques or automated server monitoring software tools. Even if you are responsible for only 1 server, you will very soon realise that you need a monitoring tool. Yes, we humans need some healthy night sleep.
It is important for a system monitoring tool to just work - all the time, and you should be able to trust it to do so. A system monitoring tool needs to be non-intrusive and you should be able to forget about it once it's installed.
Our server monitoring tool of choice is the MONIT ( https://mmonit.com/monit/ ). Monit is a small Open Source utility for managing and monitoring Unix systems. Monit conducts automatic maintenance and repair and can execute meaningful causal actions in error situations.
That's what is exciting about Monit. Monit is more than just a passive monitoring tool. Suppose in the middle of the night apache is using too much resources (e.g. if a DoS attack is in progress) Monit can stop or restart apache and send you an alert message.
- Proactive: Monit can act if an error situation should occur, e.g. if Exim is not running, Monit can start it again and send you an alert.
- Monitoring daemon processes: Monit is particularly useful for monitoring daemon processes, such as those started at system boot time from /etc/init/ For instance postfix, sshd, apache, mysql, fail2ban, etc.
- Monitoring Files, Dirs and Filesystems: Monit can monitor these items for changes, such as timestamps changes, checksum changes or size changes. This is also useful for security reasons - you can monitor the md5 or sha1 checksum of files that should not change and get an alert or perform an action if they should change.
- Monitoring Network Connections: Network tests can be performed on a protocol level; Monit has built-in tests for the main Internet protocols, such as HTTP, SMTP etc. Even if a protocol is not supported you can still test the server as you can configure Monit to send any data and test the response from the server.
- Monitoring Programs and scripts: With Monit you can test programs or scripts at certain times, much like cron, but in addition, you can test the exit value of a program and perform an action or send an alert if the exit value indicates an error. This means that you can use Monit to perform any type of check you can write a script for.
- Monitoring General System Resources: Finally, Monit can be used to monitor general system resources on localhost such as overall CPU usage, Memory and Load Average.
- Built-in a lightweight HTTP(S) interface: You can use it to browse the Monit server and check the status of all monitored services. From the web-interface you can start, stop and restart processes and disable or enable monitoring of services.
Logging and Alerts
Monit can logging status and error messages to a file or via syslog. We are using dedicated Monit log file in our Debian based systems ( /var/log/monit.log ).
If an event occurs Monit will raise an alert. By default, Monit only sends alert notifications via email. Additionally, a script can be added to send alerts using other means. In our solutions we are using a customised Monit2Telegram script to send Monit alerts to Telegram messenger using a Telegram bot.