September 12th, 2007
I spent a lot of searching for and looking at different monitoring tools. There are a lot of them out there — both open source and commercial. The basic idea is to automate the process of keeping an eye on your servers or network. You want to know if the server is up, if the services it is supposed to provide are available, and so on. The variation among the tools is in the details. What language is it in, how is it configured, how is the checking done, how does it alert you, how can you check up on it, does it have a GUI, does it produce graphs, and so on.
I had somewhat reluctantly zeroed in on Hobbit Monitor, which is an offshoot of Big Brother, but seemed to be more focused and together. It is programmed in C, whereas BB is shell script and Big Sister is perl. They all assume a web interface using Apache and use RRDTool to generate graphics. They also typically assume a client application installed on the server that is to be monitored.
My idea was to install monitoring software on my backup server which is running Amanda and doesn’t have much else on it. I didn’t really like the idea of adding more packages and opening up more ports just to get a monitoring application running, and all the alternatives I looked at seemed to have too many requirements. Some would use Java. Some wanted PHP. It just seemed like escalating software infrastructure. Zenoss wanted Python, a web interface with Zope and Ajax, Zope ODB, MySQL, RRDTool, . . . aaarrrggg!
Finally, I stumbled on mon. Try googling that. It’s virtually impossible. Just remember that it’s at kernel.org. Mon is my dream tool. It is simply a scheduler of monitors and alerts. It is written in C and takes a typical text based config file. The monitors and alerts are separate scripts that can be in any language. Many of them are in perl. You can collect whichever ones interest you, and you can write your own. Mon’s footprint on your server is so small that it is hard to see. It doesn’t eat CPU. It doesn’t eat memory. It’s almost invisible … until you get an alert.
There are a wide variety of monitors, including fping, dns, http, smtp, mySQL, mSQL, PostgreSQL, ftp, and dozens of others. Typically, they do more than just poke a port. The mySQL monitor, for example, tries to login and list the tables. There are also a number of alerts, including mail, irc, pager, and a few others. I have ambitions of taking the alert template and writing a growl alert ["Mail's down. Quick, send an email alert! Oops. Umm, Growl?"] Growl is an interface to the alert system on Mac OS X. Remote Growl opens a port to receive remote alerts. So, mon could pop an alert up on my Mac desktop. All I need is the interface script and then add it to the config file.
You can find mon at http://mon.wiki.kernel.org/. Growl is at http://growl.info/. Remote Growl is at http://remotegrowl.erlang.no/. Other things mentioned above, you either don’t need or can find easily enough through google.