标签:tle normal mat serve moni lse 监控 memory 关闭
1.存在性检测
功能:检测文件或者服务不存在时进行相应的动作,默认是重启
语法:
IF [DOES] NOT EXIST [[<X>] <Y> CYCLES] THEN action [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]
action的相关动作:ALERT告警 、RESTART 重启 、START 启动、 STOP关闭、EXEC 执行命令、 UNMONITOR 不监控
例子:
check process named with pidfile /var/run/named.pid start program = “/etc/init.d/named start” stop program = “/etc/init.d/named stop” if failed port 53 use type udp protocol dns then restart if 3 restarts within 5 cycles then timeout 如果53的udp端口不通,就重启
2.资源检测
功能:检测对象的指标是否达到某个值,然后进行相应的动作
语法:
IF resource operator value [[<X>] <Y> CYCLES] THEN action [ELSE IF SUCCEEDED [[<X>] <Y> CYCLES] THEN action]
resource:就是监控的对象,如"CPU", "TOTALCPU", "CPU([user|system|wait])", "MEMORY", "SWAP", "CHILDREN", "TOTALMEMORY", "LOADAVG([1min|5min|15min])".
operator:逻辑判断符号,如 > ,=,< 等
action的相关动作:ALERT告警 、RESTART 重启 、START 启动、 STOP关闭、EXEC 执行命令、 UNMONITOR 不监控
例子:
check system myhost.mydomain.tld if loadavg (1min) > 4 then alert if loadavg (5min) > 2 then alert if memory usage > 75% then alert if cpu usage (user) > 70% then alert if cpu usage (system) > 30% then alert if cpu usage (wait) > 20% then alert
3.文件校验码检测
功能:检测文件是否发生变化
例子:
check file apache_bin with path /usr/local/apache/bin/httpd if failed checksum and expect the sum 8f7f419955cefa0b33a2ba316cba3659 then unmonitor if failed permission 755 then unmonitor if failed uid root then unmonitor if failed gid root then unmonitor alert security@foo.bar on { checksum, permission, uid, gid, unmonitor } with the mail-format { subject: Alarm! } group server
4。文件大小检测
check file with path /home/laicb/test.txt if does not exist for 5 cycles then alert if changed size for 1 cycles then alert //如果没有指定,查看服务所对应的会发现是for 5 times within 5cycles
5.UID GID检测
check file passwd with path /etc/passwd if failed uid root then unmonitor check file shadow with path /etc/shadow if failed gid root then unmonitorv
6.pid文件检测,及运行时间检测
check process myapp with pidfile /var/run/myapp.pid start program = "/etc/init.d/myapp start" stop program = "/etc/init.d/myapp stop" if uptime > 3 days then restart
7。监控磁盘空间
check filesystem datafs with path /dev/sdb1 group server start program = "/bin/mount /data" stop program = "/bin/umount /data" if failed permission 660 then unmonitor if failed uid root then unmonitor if failed gid disk then unmonitor if space usage > 80 % then alert if space usage > 94 % then stop if inode usage > 80 % then alert if inode usage > 94 % then stop alert root@localhost
8.icmp检测
check host www.tildeslash.com with address www.tildeslash.com if failed icmp type echo count 5 with timeout 15 seconds then alert
标签:tle normal mat serve moni lse 监控 memory 关闭
原文地址:https://www.cnblogs.com/pycode/p/9495872.html