Get documents about "mod12
Shared by: huangyuarong
-
Stats
- views:
- 0
- posted:
- 1/16/2013
- language:
- simple
- pages:
- 16
Document Sample
Module 12
Performing Preventive Maintenance
1
Mon Overview
What is Mon?
Mon is a general purpose service monitor
Mon schedules monitors
Mon provides a multitude of alert methods
Mon is extensible
SCOoffice Server uses Mon to monitor:
HTTP
LDAP
FTP
SMTP
IMAP
Pop3
2
Mon Monitor facilities
Monitor scripts provided by Mon:
dns.monitor
ftp.monitor
http.monitor
imap.monitor
ldap.monitor
ping.monitor
pop3.monitor
smtp.monitor
tcp.monitor
telnet.monitor
Monitor scripts are stored in /opt/insight/mon/mon.d
3
Mon Alert Methods
Alert scripts provided by Mon:
file.alert
mail.alert
remote.alert
Alert scripts are stored in /opt/insight/mon/alert.d
4
The MON configuration file
MON is configured in /opt/insight/mon/etc/mon.cf
1. maxprocs = 20
2. randstart = 60s
3. hostgroup building1 elm.example.com oak.example.com
4. hostgroup building2 spruce.example.com maple.example.com
5. watch building1
6. service ftp
7. interval 1m
8. monitor ftp.monitor
9. period wd {Sun-Sat}
10. alert file.alert /opt/insight/logs/mon_ftp.log
11. alert mail.alert admin@example.com
12. alertevery 1h
5
The MON configuration file (cont.)
MON is configured in /opt/insight/mon/etc/mon.cf
1. maxprocs = 20
2. randstart = 60s
3. hostgroup building1 elm.example.com oak.example.com
4. hostgroup building2 spruce.example.com maple.example.com
5. watch building1
6. service ftp
7. interval 1m
8. monitor ftp.monitor
9. period wd {Sun-Sat}
10. alert file.alert /opt/insight/logs/mon_ftp.log
11. alert mail.alert admin@example.com
12. alertevery 1h
6
The MON configuration file (cont.)
MON is configured in /opt/insight/mon/etc/mon.cf
1. maxprocs = 20
2. randstart = 60s
3. hostgroup building1 elm.example.com oak.example.com
4. hostgroup building2 spruce.example.com maple.example.com
5. watch building1
6. service ftp
7. interval 1m
8. monitor ftp.monitor
9. period wd {Sun-Sat}
10. alert file.alert /opt/insight/logs/mon_ftp.log
11. alert mail.alert admin@example.com
12. alertevery 1h
7
The MON configuration file (cont.)
MON is configured in /opt/insight/mon/etc/mon.cf
1. maxprocs = 20
2. randstart = 60s
3. hostgroup building1 elm.example.com oak.example.com
4. hostgroup building2 spruce.example.com maple.example.com
5. watch building1
6. service ftp
7. interval 1m
8. monitor ftp.monitor
9. period wd {Sun-Sat}
10. alert file.alert /opt/insight/logs/mon_ftp.log
11. alert mail.alert admin@example.com
12. alertevery 1h
8
Managing Disk Space
Strategies for managing disk space usage:
Setting maximum message size
Restricting attachments
Imposing quotas
Setting mailbox expire values
Setting logging levels
Pruning log files
9
Managing Disk Space
Strategies for managing disk space usage:
Setting maximum message size
Restricting attachments
Imposing quotas
Setting mailbox expire values
Setting logging levels
Pruning log files
10
Guarding Backups
Backups are stored in /opt/insight/htdocs/is4web/tar
Protected by .htaccess in that directory
Beware of:
Missing .htaccess
Modified .htaccess
World writable .htaccess
11
Configuration File Sanity Checks
spamassassin --lint
postfix check
apachectl configtest
12
Log Files
SCOoffice uses the following log files:
/var/adm/syslog
/opt/insight/logs/amavis.log
/opt/insight/logs/freshclam.log
/opt/insight/logs/access_log
/opt/insight/logs/error_log
13
Log Files
Component Syslogd Facility
Cyrus IMAP and POP3 local6
Postfix mail
SASLAUTHD auth
ProFTPD authpriv
slapd/slurpd local4
14
Log Files
Where to specify logging levels:
/etc/syslog.conf
/opt/insight/etc/postfix/master.cf
/opt/insight/etc/postfix/main.cf
/opt/insight/etc/amavisd.conf
/opt/insight/etc/clamav.conf
/opt/insight/etc/freshclam.conf
/opt/insight/etc/apache/httpd.conf
15
Log Files
Events to monitor in syslog:
Monitor SMTPD connections:
egrep “[^s]connect from|client=“ /var/adm/syslog
Monitor bounced messages:
grep status=bounced /var/adm/syslog
Monitor deferred messages:
grep status=deferred /var/adm/syslog
Monitor address rewriting:
grep orig_to /var/adm/syslog
Monitor SASLAUTHD failures:
grep “auth failure” /var/adm/syslog
16
