# 安裝

apt-get update && apt-get install -y monit

# 驗證安裝

monit -v

# 啟動服務

systemctl start monit

systemctl enable monit

yum install -y monit

systemctl start monit

systemctl enable monit

# 檢測配置文件語法

monit -t

# 重載配置

monit reload

# 啟動 monit

monit start

# 停止 monit  

monit stop

# 查看狀態

monit status

# 強制檢查所有服務

monit validate

# 啟用 / 禁用特定檢查

monit enable <service>

monit disable <service>

# 重啟特定服務

monit restart <service>

/etc/monit/monitrc

# 設置監控周期（秒）

set daemon 60

    with start delay 120  # 啟動後等待 120 秒再開始監控

# 設置日誌

set logfile syslog facility log_daemon

# 設置事件隊列

set eventqueue

    basepath /var/monit

    slots 1000

# Web 控制界面（可選）

set httpd port 2812

    use address localhost

    allow localhost

    allow admin:admin.password@

# 郵件告警

set mailserver smtp.gmail.com port 587

    username "your-email@gmail.com" password "app-password"

    using tlsv12

# 郵件格式

set mail-format {

    from: Monit Alert <monit@$HOST>

    subject: [$SERVICE] $EVENT at $DATE

    message:

    Event: $EVENT

    Service: $SERVICE

    Date: $DATE

    Host: $HOST

    Action: $ACTION

    Description: $DESCRIPTION

}

# 告警接收昏

set alert admin@example.com { action: alert }

check process sshd with pidfile /var/run/sshd.pid

    group networking

    start program = "/bin/systemctl start ssh"

    stop program = "/bin/systemctl stop ssh"

    if does not exist for 2 cycles then restart

    if cpu usage > 90% for 5 cycles then alert

    if failed host 127.0.0.1 port 22 protocol SSH then alert

    if 3 restarts with 5 cycles then set timeout

    alert admin@example.com

check process nginx with pidfile /var/run/nginx.pid

    group webserver

    start program = "/bin/systemctl start nginx"

    stop program = "/bin/systemctl stop nginx"

    depends on nginx_config

    if does not exist for 1 cycles then restart

    if failed host 127.0.0.1 port 80 with timeout 5 seconds for 2 cycles then restart

    if failed host 127.0.0.1 port 443 with timeout 5 seconds for 2 cycles then restart

    alert admin@example.com

# 檢測配置文件完整性

check file nginx_config with path /etc/nginx/nginx.conf

    if failed checksum and timestamp then alert

    if failed permission 644 then alert

    alert admin@example.com

check system localhost

    if loadavg (1min) > 4.0 for 2 cycles then alert

    if loadavg (5min) > 2.0 for 5 cycles then alert

    if memory usage > 80% for 2 cycles then alert

    if cpu usage (system) > 75% for 3 cycles then alert

    if cpu usage (user) > 75% for 3 cycles then alert

    alert admin@example.com

check filesystem root_fs with path /

    if space usage > 80% for 2 cycles then alert

    if inode usage > 85% then alert

    alert admin@example.com

check filesystem data_fs with path /data

    if space usage > 70% for 3 cycles then alert

    if changed timestamp then alert

    alert admin@example.com

check process mysql with pidfile /var/run/mysqld/mysqld.pid

    group database

    start program = "/bin/systemctl start mysql"

    stop program = "/bin/systemctl stop mysql"

    if does not exist for 1 cycles then restart

    if failed host 127.0.0.1 port 3306 then restart

    if 3 restarts with 5 cycles then set timeout

    alert admin@example.com { action: alert, repeat every 5 cycles }

check file mysql_sock with path /var/run/mysqld/mysqld.sock

    if failed permission 660 then alert

    alert admin@example.com

check process docker_app with pidfile /var/run/docker/app.pid

    start program = "docker start app_container"

    stop program = "docker stop app_container"

    if does not exist for 1 cycles then restart

    if failed host 127.0.0.1 port 8080 for 2 cycles then restart

    alert admin@example.com

check file application_file with path /opt/app/config.json

    if changed checksum then exec "/opt/scripts/notify_change.sh"

    if failed permission 640 then alert

    if failed uid root then alert

    if failed gid app then alert

    alert admin@example.com

check program backup_status with path "/opt/scripts/backup_check.sh"

    every 1 hour

    if status != 0 for 1 cycles then alert

    alert admin@example.com

set mailserver smtp.gmail.com port 587

    username "your-email@gmail.com" password "XXXX-XXXX-XXXX-XXXX"

    using tlsv12 certificate verify disable

set mailserver smtp.office365.com port 587

    username "your-user@company.com" password "password"

    using tlsv12 certificate verify disable

set mailserver mail.example.com port 25

    using no certificate

set httpd port 2812

    use address 0.0.0.0  # 監聽所有網卡

    allow admin:admin.password@

    allow 192.168.1.0/24  # 允許子網訪問

    with ssl {

        pem: /etc/monit/monit.pem

    }

openssl req -new -x509 -days 365 -nodes \

    -out /etc/monit/monit.pem \

    -keyout /etc/monit/monit.pem

chmod 600 /etc/monit/monit.pem

# monit 客戶端配置

set mmonit https://mmonit-ip:8443/collector

    with timeout 30 seconds

    and register without credentials

# 或帶認證

set mmonit https://admin:password@mmonit-ip:8443/collector

    with timeout 30 seconds

    and register

monit -t

# 輸出示例

/etc/monit/monitrc:50: error: parse error

syntax OK  # 正常時的輸出

# 實時日誌

tail -f /var/log/syslog | grep monit

# 或指定日誌文件

cat /var/log/monit.log

# 前台運行，顯示詳細信息

monit -v -I