π What is Monit?
Monit is a lightweight, yet powerful utility for monitoring and managing system processes, files, directories, and more. It’s like having a silent watchdog that not only barks when something breaks β it fixes it.
Whether you’re running a homelab, a production server, or something in between β Monit ensures your critical services stay alive.
π§ My Setup β What I Monitor
I use Monit to manage and recover key services on my stack:
- π‘
wazuh-manager,wazuh-dashboard,wazuh-indexer - π
grafana,uptime-kuma,fluent-bit - π
clamav,fail2ban,tailscale,haproxy,sshd,mariadb - β οΈ Custom alerting via Discord and email
Each service has a dedicated configuration file under /etc/monit/conf.d/.
Example: grafana-server
check process grafana-server matching "grafana-server"
start program = "/usr/bin/systemctl start grafana-server"
stop program = "/usr/bin/systemctl stop grafana-server"
if failed port 3000 protocol http with timeout 30 seconds then restart
if 3 restarts within 5 cycles then unmonitor
if does not exist for 3 cycles then exec "/etc/monit/discord-alert.sh grafana-server failed"
β
Auto-restart
β
Rate-limiting restarts
β
Discord webhook notifications
π¬ Discord Alerts: No More Missed Downtime
I created a small Bash script that pushes alerts directly to Discord using a webhook. Hereβs how it works:
/etc/monit/discord-alert.sh <service> <status>
Sample Discord JSON payload:
{
"content": "**wazuh-manager is failed**",
"embeds": [
{
"title": "Service Alert",
"description": "**wazuh-manager** is **failed**",
"color": 16711680
}
]
}
Monit executes this when a service fails for 3 cycles. Itβs fast, clean, and doesnβt require mail relay configurations.
π§ Email Alerts (Optional)
I also configured Monit to send email alerts through Gmail using App Passwords:
set mailserver smtp.gmail.com port 587
username "ngashauth@gmail.com" password "your-app-password"
using STARTTLS
π‘ Tip: Use Gmailβs “App Password” instead of your real password to avoid authentication issues.
π§ͺ Simulating Failure β Why Testing Matters
I don’t deploy monitoring and pray. I simulate real failures:
sudo systemctl stop wazuh-manager
Then watch Monit take action:
sudo tail -f /var/log/monit.log
Expected log:
[UTC] error : 'wazuh-manager' process is not running
[UTC] info : 'wazuh-manager' trying to restart
After 3 failures, youβll see:
[UTC] alert : 'wazuh-manager' failed 3 times in 5 cycles β unmonitored
Boom β it’s working.
π΅ Issues I Faced (And Fixed)
Here are a few challenges I ran into:
π Wazuh Restart Problem
Monit wasnβt restarting wazuh-manager because it was looking for the wrong process name.
β Fixed by updating config:
check process wazuh-manager matching "wazuh-analysisd"
π§ SSL Issues with Gmail
Monit couldnβt send emails via Gmail due to outdated SSL settings.
β Fixed by switching to:
using STARTTLS
β Also enabled App Passwords for Gmail login.
π Crash Loop Prevention
Sometimes a broken service causes infinite restarts. I prevent this with:
if 3 restarts within 5 cycles then unmonitor
β
Keeps the server sane
β
Prevents resource exhaustion
π Recommendations
Hereβs what I recommend to anyone setting up Monit:
β 1. Use Discord or Telegram Webhooks
Theyβre easier to test, faster to receive, and donβt rely on SMTP servers.
β 2. Test Your Configs
Use:
monit -t
Before restarting:
sudo systemctl restart monit
β 3. Rate-Limit Restarts
Prevent infinite loops:
if 3 restarts within 5 cycles then unmonitor
β 4. Donβt Just Monitor β Simulate Failures
Testing is part of setup. Simulate and verify that Monit responds as expected.
β 5. Monitor the Monitor
Enable Monitβs web dashboard:
set httpd port 2812 and
allow admin:monit
Access it via: http://localhost:2812
π― Final Thoughts
Monit is simple yet powerful. It’s a great watchdog for anyone running services β whether on a Raspberry Pi or in production.
Add some scripting, test your setup, and sleep better at night. ππ€
Would you like me to convert this into a Markdown file or publish-ready HTML version?