🛠 What is Monit?
Monit is a lightweight, yet powerful utility for monitoring and managing system processes, files, directories, and more. It’s like having a silent watchdog that not only barks when something breaks — it fixes it.
Whether you’re running a homelab, a production server, or something in between — Monit ensures your critical services stay alive.
🔧 My Setup — What I Monitor
I use Monit to manage and recover key services on my stack:
- 🛡
wazuh-manager,wazuh-dashboard,wazuh-indexer - 📊
grafana,uptime-kuma,fluent-bit - 🔐
clamav,fail2ban,tailscale,haproxy,sshd,mariadb - ⚠️ Custom alerting via Discord and email
Each service has a dedicated configuration file under /etc/monit/conf.d/.
Example: grafana-server
check process grafana-server matching "grafana-server"
start program = "/usr/bin/systemctl start grafana-server"
stop program = "/usr/bin/systemctl stop grafana-server"
if failed port 3000 protocol http with timeout 30 seconds then restart
if 3 restarts within 5 cycles then unmonitor
if does not exist for 3 cycles then exec "/etc/monit/discord-alert.sh grafana-server failed"
✅ Auto-restart
✅ Rate-limiting restarts
✅ Discord webhook notifications
📬 Discord Alerts: No More Missed Downtime
I created a small Bash script that pushes alerts directly to Discord using a webhook. Here’s how it works:
/etc/monit/discord-alert.sh <service> <status>
Sample Discord JSON payload:
{
"content": "**wazuh-manager is failed**",
"embeds": [
{
"title": "Service Alert",
"description": "**wazuh-manager** is **failed**",
"color": 16711680
}
]
}
Monit executes this when a service fails for 3 cycles. It’s fast, clean, and doesn’t require mail relay configurations.
📧 Email Alerts (Optional)
I also configured Monit to send email alerts through Gmail using App Passwords:
set mailserver smtp.gmail.com port 587
username "ngashauth@gmail.com" password "your-app-password"
using STARTTLS
💡 Tip: Use Gmail’s “App Password” instead of your real password to avoid authentication issues.
🧪 Simulating Failure — Why Testing Matters
I don’t deploy monitoring and pray. I simulate real failures:
sudo systemctl stop wazuh-manager
Then watch Monit take action:
sudo tail -f /var/log/monit.log
Expected log:
[UTC] error : 'wazuh-manager' process is not running
[UTC] info : 'wazuh-manager' trying to restart
After 3 failures, you’ll see:
[UTC] alert : 'wazuh-manager' failed 3 times in 5 cycles — unmonitored
Boom — it’s working.
😵 Issues I Faced (And Fixed)
Here are a few challenges I ran into:
🔄 Wazuh Restart Problem
Monit wasn’t restarting wazuh-manager because it was looking for the wrong process name.
✅ Fixed by updating config:
check process wazuh-manager matching "wazuh-analysisd"
📧 SSL Issues with Gmail
Monit couldn’t send emails via Gmail due to outdated SSL settings.
✅ Fixed by switching to:
using STARTTLS
✅ Also enabled App Passwords for Gmail login.
🔁 Crash Loop Prevention
Sometimes a broken service causes infinite restarts. I prevent this with:
if 3 restarts within 5 cycles then unmonitor
✅ Keeps the server sane
✅ Prevents resource exhaustion
🔑 Recommendations
Here’s what I recommend to anyone setting up Monit:
✅ 1. Use Discord or Telegram Webhooks
They’re easier to test, faster to receive, and don’t rely on SMTP servers.
✅ 2. Test Your Configs
Use:
monit -t
Before restarting:
sudo systemctl restart monit
✅ 3. Rate-Limit Restarts
Prevent infinite loops:
if 3 restarts within 5 cycles then unmonitor
✅ 4. Don’t Just Monitor — Simulate Failures
Testing is part of setup. Simulate and verify that Monit responds as expected.
✅ 5. Monitor the Monitor
Enable Monit’s web dashboard:
set httpd port 2812 and
allow admin:monit
Access it via: http://localhost:2812
🎯 Final Thoughts
Monit is simple yet powerful. It’s a great watchdog for anyone running services — whether on a Raspberry Pi or in production.
Add some scripting, test your setup, and sleep better at night. 🛌💤
Would you like me to convert this into a Markdown file or publish-ready HTML version?