7.4 Using Sysmon

The following sections discuss the details of running Sysmon.

Starting the Sysmon Daemon

While Sysmon does not strictly have to be run from a root account, any account that does not have root privileges will be unable to run ping tests. So practically speaking, you will probably want to run the daemon as root. If you are concerned about security and do not need to use ping tests, you may run Sysmon from a user -level account.

Before starting the Sysmon daemon, you will need to create a configuration file. A short sample config will be sufficient for now. Place the following in /usr/local/etc/sysmon.conf , which is the default location for the configuration file:

 
 root="server";   config showupalso;   config statusfile text "/var/tmp/status.txt";   object server {      ip "server.example.com";      type ping;      contact "admin@example.com";   }; 

Replace "server" and "server.example.com" with the name of the machine you are running Sysmon on and replace "admin@example.com" with your email address. Now you can start the daemon with:

 
 Solaris# /usr/local/bin/sysmond   sysmond: 15:25:36 Starting System Monitor version v0.91.17   System Monitor version v0.91.17   /usr/local/bin/sysmond started on server.example.com   forked process as pid 7467 

If you are running Sysmon from a user-level account and do not have access to write the configuration file to /usr/local/etc , you may place it in another file and start sysmond with the -f option:

 
 Solaris% /usr/local/bin/sysmond -f /var/tmp/sysmon.conf 

If the configuration has an error, it will be reported at startup time. Some errors are considered only warnings, and sysmond will start with the new config regardless. For example, if no description had been set for the "server" object:

 
 Solaris# /usr/local/bin/sysmond   sysmond: 15:30:57 WARNING: object has no descripton near line 10   sysmond: 15:30:57 Starting System Monitor version v0.91.17   System Monitor version v0.91.17   /usr/local/bin/sysmond started on server.example.com   forked process as pid 7476 

If Sysmon detects an error in an object definition, it may choose to exclude that object from the configuration and start without it.

Once Sysmon is up and running, you can check the status of monitored devices by looking at /var/tmp/status.txt , whose path was specified in the configuration file:

 
 Solaris# cat /var/tmp/status.txt   Network Summary     System Monitor version v0.91.14   Hostname     Type  Port DownN UpN   NotifiedStat     Time Failed   server       ping  0    0     220 No     up       Never 

This file is periodically written by Sysmon, and it will contain the latest status information as long as the Sysmon daemon is running.

Stopping the Sysmon Daemon

Though you can kill Sysmon by sending it a signal, it is more convenient to use the sysmond program instead:

 
 Solaris# /usr/local/bin/sysmond stop   sysmond: 15:35:33 sending signal 15 to sysmond process 7467   sysmond: 15:35:33 Please remain seated as your ride comes to a... 

As the output indicates, this is equivalent to sending a TERM signal to the sysmond process.

Pausing Sysmon

You can also instruct Sysmon to temporarily stop functioning and then resume later with the pause and resume commands:

 
 Solaris# /usr/local/bin/sysmond pause   sysmond: 15:37:15 sending signal 17 to sysmond process 7486   Solaris# /usr/local/bin/sysmond resume   sysmond: 15:37:19 sending signal 17 to sysmond process 7486 

Both commands send a USR2 signal to the sysmond process, which toggles between the paused and running states.

Reloading the Configuration

After changes are made to the configuration file, Sysmon has to either be restarted or be instructed to reload the configuration. Otherwise, the changes will not take effect. The reload command is executed as:

 
 Solaris# /usr/local/bin/sysmond reload   sysmond: 19:07:23 sending signal 1 to sysmond process 7486   sysmond: 19:07:23 Done reloading new config file 

The reload command sends a HUP signal to sysmond . If the configuration is not valid, the process will continue to run with the old configuration. Otherwise, the new configuration will take effect.

Connecting with a Remote Client

Sysmon runs a TCP service on port 1345 where it provides data about monitored services. You can connect to it using the curses client that was built and installed as /usr/local/bin/sysmon :

 
 Solaris% /usr/local/bin/sysmon server.example.com 

The screen will clear and a display like the following will come up:

 
 Server: server               Current Time:  Apr  7 18:22:57 2003   Hostname         Type Port Count Notif Stat       Time Failed   ------------------------------------------------------------------   www.example.com  www  80   66    Yes   Conn Ref   Never   ------------------------------------------------------------------    q = quit  space = refresh  h = help 

Only services that are down or have failed tests will be present. You can exit this application by pressing press the "q" key.

Other Runtime Options

Running the sysmond program with the -help argument will produce a listing of all the options that can be used on the command line:

 
 Solaris# /usr/local/bin/sysmond -help   Usage: /usr/local/bin/sysmond [ -f config-file ] [ -n ] [ -d ]      [ -v ] [ -t ] [ -p port ] [ reload ]     -b             : IP Address to listen on     -f config-file : Alternate config file location             DEFAULT: /usr/local/etc/sysmon.conf     -n             : Don't do notifies     -d             : Don't fork     -i             : Disable ICMP     -v             : Print version then exit     -w             : Toggle warning messages     -D             : Toggle debug messages     -M             : Toggle memory debugging     -t             : Test/check config file then exit     -p #           : Change port number listening on (0 to disable)     -q             : Quiet     -l             : do not syslog     reload         : Test/check config file, and if it passes ...     pause          : Suspend/resume monitoring (SIGUSR2)     resume         : Suspend/resume monitoring (SIGUSR2)     stop           : End monitoring and quit (SIGTERM) 


Open Source Network Administration
Linux Kernel in a Nutshell (In a Nutshell (OReilly))
ISBN: 130462101
EAN: 2147483647
Year: 2002
Pages: 85

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net