Re: how to configure monit for remote server ??

[Jan-Henrik Haukeland]

On 30. aug. 2007, at 15.57, Ryan Dooley wrote:

> You can get monit to test remote services but it will only do a  
> basic check (tcp open sort of thing) but I have one host checking  
> mysql, apache, ldap and dns ports on other machines.

Its true that monit can do basic tcp connection tests, but it can do  
a wee bit more.

Connection testing with monit is documented in its own chapter in the  
manual, I just wanted to point out some highlights.

In addition to TCP, monit can also use UDP and send ping requests.  
Here, for example, is how you can test a quake arena server [1] over  
UDP using monit.

check host quake3 with address 217.172.182.41
     if failed icmp  type echo
        for 3,5 cycles
     then alert
     if failed port 27970 type udp
        send "\0xFF\0xFF\0xFF\0xFFgetstatus"
        expect "sv_floodProtect|sv_maxPing"
     then alert

In this example monit first ping the server to see if its up. If its  
not, monit is smart enough not to bother with the other test since it  
assume the server is down. This save you unnecessary alerts. The send/ 
expect feature of monit is quite nice and as you can see, allow you  
to even send "binary" packages. The expect statement support regular  
expressions when testing a reply from the server. By using send/ 
expect you can test most of the network protocols out there.

Another highlight is that monit can test specific pages on a http  
server and can even test the checksum of the page. In this example  
monit will download an earlier distribution of monit itself and check  
that the package has not been tampered with and has the expected  
checksum.

check host tildeslash with address www.tildeslash.com
   if failed port 80 protocol http
      and request "/monit/dist/monit-4.0.tar.gz"
          with checksum f9d26b8393736b5dfad837bb13780786
   then alert

This could be rather useful if you distribute software packages. The  
GNU project had this problem a few years back. Their server was  
hacked and they suspected that the the hackers had changed many  
software packages.

Finally, it is possible to use regular expressions to test content  
delivered by a web-server. I.e. you can "grep" for text in a web-page.

check host hacker_news with address news.ycombinator.com
   if failed url http://news.ycombinator.com/
      and content != "apple"
   then alert

In the above example I need an alert if someone is writing about apple.

I hope this demonstrate that it is possible to do quite a bit of  
remote testing with monit and by combining these features a lot can  
be achieved. See also the monit man page for more examples and details.

[1] I like this example and think its fun to run this test using  
'monit -Iv' and see the response from the server. Maybe its because I  
used to play a lot, and I mean a lot of quake in the old days. I was  
just invincible on q3dm17 when I got my hands on the rail gun.