After reviewing some thread about server monitoring software I end up with a simple question:

Which of the server monitoring tools should I use for automatic detection of "abnormal" situations with recommendations on how to fix them?

I look for software that checks the system performance after installation and calculate some average load values (memory, CPU, etc). And when something happens (CPU load is increased to 20%) then it tries to detect a reason for this. If it is apache, it should check for access logs. If mysql, it should check mysql logs and tell me what happens. It this is because some user decodes a lot of images, I'd like to know which command is executed, when and user name. The same for disk usage, memory, number of processes, threads and so on.

Ideally, this software should periodically checks the system and report problems: errors in PHP error log, outdated packages, security vulnerabilities.

In other words, I'm looking for software that will keep my simple Debian/Apache/PHP/MySQL server without forcing me to monitor the charts every day.

  • 11,887
  • 8
  • 41
  • 68

6 Answers6


In contrast to Zabbix - mentioned by Maxwell - is the venerable nagios (and it's relatively recent fork, icinga). This framework has been around for over ten years, and is incredibly stable - the only downside is the installation and configuration, which is much more time-consuming (especially the first time) than a commercial-company-backed system like Zabbix.

Both have their place in the ecosystem, of course - so I'd suggest you try both out. As mentioned in my comment, though: the more in-depth type of monitoring you intend doing, the more you should expect to expend effort, whether it be actually writing your own plugins/scripts, or searching/downloading/modifying the work of others.

Good luck!

Zayne S Halsall
  • 1,902
  • 15
  • 19

There are plenty of softwares like that, a thing to note is that you should run it on a different host or you have a high risk of not being notified if something goes wrong.

As an example, we use a combination of nagios (handles all the monitoring and alerting, in other words it's in charge of waking up someone when there is any need of an operator looking at something) and cacti (could also do alerting but we just use it to collect and aggregate various metrics, ranging from network traffic to system load to email spam statistics).

When the time comes that you get an alert (from nagios cacti zabbix whatever) having some performance data to look at (cacti, zabbix, others will do that) will usually help you in diagnosing where the problem is.

On the usual LAMP stack that you describe the two most common problem situations (in my experience, at least) is the HTTP or SQL server not responding at all or in a reasonable time (a nagios probe will check that) or load average on the system going awfully high.

These two checks will probably catch 95% of your problems, but there are many other things you should look for - examples:

  1. apache constantly working with the maximum number of processes/threads you configured means your server is not keeping up with the load
  2. system working "ok" but with a failed drive in the RAID (you don't know how often this kind of things goes unnoticed for months - or up to the next disk failure at least ;)

Nearly all of the products you'll find around will be able to monitor / graph everything you can throw at them, you can usually extend them via simple shell scripts, short programs, and whatnot, in addition to their included instruments and the ubiquitous SNMP.

  • 5,708
  • 3
  • 44
  • 58

Zabbix monitoring solution can monitor whatever you want and trigger actions accordinately, actions may be for exemple executing a script that process logs and sends back the result if needed. Also you may trigger an action when one or more conditions are met (such has output of log parsing script showing an error and cpu load at more than 40% for example).

  • 5,026
  • 1
  • 25
  • 31
  • Thank you for recommendation. Does Zabbix search for suspicious requests (by scanning logs, for example) when it detects peak in Apache CPU consumption? –  Jun 16 '10 at 10:48
  • 1
    Most of the open source monitoring systems available, from 'mon' to 'nagios' and all the variations in-between, are frameworks off of which other functionality (usually scripts and/or plugins) can be hung. So scanning logs is almost always available, sometimes with more and sometimes with less actual configuration effort required on the installer's part. – Zayne S Halsall Jun 16 '10 at 11:33

Opsview is a fully integrated monitoring tool that incorporates the popular Open Source software including Nagios Core, Nagvis, Net-SNMP and RRDtool.

The Catalyst web framework provides an extensible monitoring and configuration user interface. Opsview server software runs on Linux and Solaris 10. It will monitor all common operating systems including Linux, AIX, Solaris and Windows.

Using the thousands of Nagios plugins available Opsview can monitor virtually any device, system or software component.

Opview sees into all aspects of your IT environment including the way they work with your business processes.

  • 3,329
  • 21
  • 29

Nagios Installation

Nagios is a host and service monitor designed to inform you of network problems before your clients, end-users or managers do. It has been designed to run under the Linux operating system, but works fine under most variants as well. The monitoring daemon runs intermittent checks on hosts and services you specify using external plugins which return status information to Nagios. When problems are encountered, the daemon can send notifications out to administrative contacts in a variety of different ways (email, instant message, SMS, etc.) Having a Nagios installation on your server will help improve your server reliability.

Nagios has a lot of features, making it a very powerful monitoring tool. Some of the major features are listed below: Monitoring of network services (SMTP, POP3, HTTP, NNTP, PING, etc.) Monitoring of host resources (processor load, disk and memory usage, running processes, log files, etc.) Monitoring of environmental factors such as temperature Scheduled downtime for suppressing host and service notifications during periods of planned outages Simple plugin design that allows users to easily develop their own host and service checks Ability to define network host hierarchy, allowing detection of and distinction between hosts that are down and those that are unreachable Support for implementing redundant and distributed monitoring servers Ability to acknowledge problems via the web interface Contact notifications when service or host problems occur and get resolved (via email, pager, or other user-defined method) Optional escalation of host and service notifications to different contact groups Ability to define event handlers to be run during service or host events for proactive problem resolution External command interface that allows on-the-fly modifications to be made to the monitoring and notification behavior through the use of event handlers, the web interface, and third-party applications Retention of host and service status across program restarts


Have a look at Zenoss Core, a free and very versatile monitoring software, that many companies use to monitor their networks. It's easy to setup and get started with.

Many types of monitoring and alerting are built in, including history graphs. So called ZenPacks can be installed to extend it. Also, Nagios plugins can be added.

This could be just what you need.

Martijn Heemels
  • 7,438
  • 6
  • 39
  • 62