Monitor # of established sockets with Monit?

Question

I cannot figure out how to get Monit to monitor the number of open/established TCP/IP connections on a server so an alert can be sent when "too many" are open. Do you know how this can be setup?

Answer 1

here is another Solution

define following configuration monit :

check program OpenSocket with path "/bin/checkn_socket.sh"
    if status > 0 then alert
                group admin

Script : checkn_socket.sh

#!/bin/bash

Threshold=4 # Set Threshold

TotalEstSocket=$(netstat -t | awk '{/ESTABLISHED/ && n++} END{ print n }')

if (( TotalEstSocket >= Threshold ))
then
        echo >&2 "Too Many OpenSocket"
        exit $TotalEstSocket
else
        exit 0
fi

Monit Logs

[IST Sep 12 22:32:14] error    : 'OpenSocket' status failed (4) for /bin/checkn_socket.sh. Error: Too Many OpenSocket
..
[IST Sep 12 22:32:17] info     : 'OpenSocket' status succeeded
[IST Sep 12 22:32:26] error    : 'OpenSocket' status failed (4) for /bin/checkn_socket.sh. Error: Too Many OpenSocket
..
[IST Sep 12 22:32:29] error    : 'OpenSocket' status failed (4) for /bin/checkn_socket.sh. Error: Too Many OpenSocket
..
[IST Sep 12 22:32:32] error    : 'OpenSocket' status failed (4) for /bin/checkn_socket.sh. Error: Too Many OpenSocket
..
[IST Sep 12 22:32:35] info     : 'OpenSocket' status succeeded

Answer 2

It doesn't seem to be supported directly but I came up with a hack.

Determine the number of ESTABLISHED connections every minute and write a file with an equal number of zero bytes.

Then, setup Monit to check on file size of this zeros file. If it gets "too big" alert.

In crontab for some user:

* * * * * /bin/sh -c '/bin/dd if=/dev/zero of=/tmp/tcp_connections.monit count=$(/bin/netstat -t | /bin/grep ESTABLISHED | /usr/bin/wc -l) bs=1 >/dev/null 2>&1'

In Monit config:

check file tcp_connections with path /tmp/tcp_connections.monit
    if size > 16KB then alert