MONIT:监控日志文件中的计数和时间戳的变化

tag-icon tag-icon monitoring log-files monit timestamp
MONIT:监控日志文件中的计数和时间戳的变化

我想监视日志文件,并且我只对“已收到新块”行感兴趣。我需要两个不同的要监控的脚本

  • ,它height应该始终比上一行“已接收新块”中的高度高一个数字。如果不是 +1 并且如果在 120 秒内没有变化,则发出警报。
  • (仅适用于“已接收新块”行timestamp)应始终变化。如果 120 秒内没有发生任何变化,则发出警报。

所有其他行在这里都不重要,可以忽略。我试图找到任何例子来把它们结合起来,但仍然没有成功,所以我希望你能帮助我。

日志片段

{"level":"warn","message":"Main queue","timestamp":"2016-04-30 19:49:33","data":50}
{"level":"info","message":"Checking blockchain on 11.22.33.44:1234","timestamp":"2016-04-30 19:49:33"}
{"level":"warn","message":"Balance queue","timestamp":"2016-04-30 19:49:39","data":50}

{"level":"info","message":"Received new block id: 12345678901234567890 height: 8761 round: 87 slot: 3350818 reward: 100000000","timestamp":"2016-04-30 19:49:41"}

{"level":"info","message":"Removing peer POST http://11.22.33.44:1234/peer/transactions","timestamp":"2016-04-30 19:49:42"}
{"level":"warn","message":"Main queue","timestamp":"2016-04-30 19:49:43","data":94}
{"level":"warn","message":"Main queue","timestamp":"2016-04-30 19:49:43","data":93}
{"level":"warn","message":"Main queue","timestamp":"2016-04-30 19:49:43","data":52}
{"level":"warn","message":"Main queue","timestamp":"2016-04-30 19:49:43","data":51}
{"level":"warn","message":"Main queue","timestamp":"2016-04-30 19:49:43","data":50}
{"level":"info","message":"Checking blockchain on 11.22.33.44:1234","timestamp":"2016-04-30 19:49:44"}
{"level":"info","message":"Removing peer POST http://11.22.33.44:1234/peer/blocks","timestamp":"2016-04-30 19:49:46"}

{"level":"info","message":"Received new block id: 12345678901234567890 height: 8762 round: 87 slot: 3350819 reward: 100000000","timestamp":"2016-04-30 19:49:50"}

监控

set daemon 120            # check services at 2-minute intervals
set logfile /var/log/monit.log
set idfile /var/lib/monit/id
set statefile /var/lib/monit/state
set mailserver SMTP.MAILHOSTER.COM port 587         # primary mailserver
     username "LoginUsername" password "LoginPassword"
     using ssl
     with timeout 30 seconds
set eventqueue
      basedir /var/lib/monit/events # set the base directory where events will be stored
      slots 100                     # optionally limit the queue size
set   mail-format {
        from: [email protected]
        subject: ALARM on Test-Server -- $EVENT $SERVICE
        message: $EVENT Service $SERVICE
        Date:        $DATE
        Action:      $ACTION
        Host:        $HOST
        Description: $DESCRIPTION

        Bye,
        Monit
}
set alert [email protected]       # receive all alerts
include /etc/monit/conf.d/*

答案1

If no change occurs for 30 seconds THEN alarm

您是否将 monit 设置为每 30 秒运行一次?Monit 不适用于此类指标,因为它会从默认配置每 (2) 分钟检查一次。此外,检测时间戳是否每 30 秒更改与每秒检查一次(如果不超过 30 秒)不同

对于这种特殊情况,请使用包含所有逻辑的自定义脚本,然后根据退出代码采取行动。参见https://mmonit.com/monit/documentation/monit.html#PROGRAM-STATUS-TESTING

相关内容