我不知道如何让 Monit 监控服务器上打开/建立的 TCP/IP 连接数,以便在打开“太多”连接时发出警报。您知道如何设置吗?
答案1
这是另一个解决方案
定义以下配置监控:
check program OpenSocket with path "/bin/checkn_socket.sh"
if status > 0 then alert
group admin
脚本:checkn_socket.sh
#!/bin/bash
Threshold=4 # Set Threshold
TotalEstSocket=$(netstat -t | awk '{/ESTABLISHED/ && n++} END{ print n }')
if (( TotalEstSocket >= Threshold ))
then
echo >&2 "Too Many OpenSocket"
exit $TotalEstSocket
else
exit 0
fi
监控日志
[IST Sep 12 22:32:14] error : 'OpenSocket' status failed (4) for /bin/checkn_socket.sh. Error: Too Many OpenSocket
..
[IST Sep 12 22:32:17] info : 'OpenSocket' status succeeded
[IST Sep 12 22:32:26] error : 'OpenSocket' status failed (4) for /bin/checkn_socket.sh. Error: Too Many OpenSocket
..
[IST Sep 12 22:32:29] error : 'OpenSocket' status failed (4) for /bin/checkn_socket.sh. Error: Too Many OpenSocket
..
[IST Sep 12 22:32:32] error : 'OpenSocket' status failed (4) for /bin/checkn_socket.sh. Error: Too Many OpenSocket
..
[IST Sep 12 22:32:35] info : 'OpenSocket' status succeeded
答案2
它似乎没有被直接支持,但我想出了一个解决办法。
确定每分钟已建立的连接数,并将相同数量的零字节写入文件。
然后,设置 Monit 检查此零文件的文件大小。如果文件大小为“太大”,则发出警报。
在某些用户的 crontab 中:
* * * * * /bin/sh -c '/bin/dd if=/dev/zero of=/tmp/tcp_connections.monit count=$(/bin/netstat -t | /bin/grep ESTABLISHED | /usr/bin/wc -l) bs=1 >/dev/null 2>&1'
在 Monit 配置中:
check file tcp_connections with path /tmp/tcp_connections.monit
if size > 16KB then alert