How to install SIM (System Integrity Monitor): Difference between revisions
Docs admin (talk | contribs) test |
Docs admin (talk | contribs) No edit summary |
||
(3 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
In this guide, we will go over how to install the System Integrity Monitor (SIM). | |||
==Installing SIM== | |||
[1] Login to the root shell account of your server. | |||
[2] Run these commands: | |||
<syntaxhighlight lang="bash"> | |||
wget http://www.rfxn.com/downloads/sim-current.tar.gz | |||
tar -xzf sim-current.tar.gz; | |||
rm -f sim-current.tar.gz | |||
cd sim-* | |||
sh ./install.sh -i | |||
</syntaxhighlight> | |||
You will see something like this: | |||
<syntaxhighlight lang="bash"> | |||
SIM 2.5-4 | |||
Press return, to view the GPL lisencing for SIM 2.5-4. | |||
</syntaxhighlight> | |||
[3] Press enter to view the GPL License. Press enter to scroll down, and when you are done looking, press 'Q'. | |||
This will repeat for the README. Press enter to scroll down, and when you are finished, press 'Q'. | |||
[4] You will see a message indicating SIM has been installed: | |||
<syntaxhighlight lang="bash"> | |||
SIM 2.5-4 installation completed, related notes: | |||
Executable: /usr/local/sim/sim | |||
Executable symlink: /usr/local/sbin/sim | |||
Config file: /usr/local/sim/conf.sim | |||
Autoconf script: /usr/local/sim/autoconf | |||
Autoconf symlink: /usr/local/sbin/sim-autoconf | |||
Cronjob setup: /usr/local/sim/sim -j | |||
</syntaxhighlight> | |||
==Configuring SIM== | |||
SIM is actually installed at this point, but we still need to configure it. The install script comes with a nice configuration script too, so we just have to answer some questions. Press return to start the configure script. You will see this: | |||
<syntaxhighlight lang="bash"> | |||
SIM 2.5-4 Auto-Config Script | |||
All questions default to value in brackets if no answer is given. If you make a typo during the autoconf process, hit CTRL C (^C) to abort and | |||
rerun the autoconf script (/usr/local/sim/autoconf). | |||
The below are general configuration options for SIM: | |||
press return to continue... | |||
</syntaxhighlight> | |||
Press return when you are ready. | |||
=== General Configuration === | |||
[1] The first question, "Where is SIM installed ?" can be left as default, because that is where the install script installs SIM. Just press enter a single time. | |||
[2] The next question asks where you would like the log file to be created. You can select wherever you wish, but we recommend leaving it as default, or placing it with the rest of your system logs in a location such as /var/log/sim.log. It is up to you. Press enter when you have chosen a location. | |||
Next it asks how large you would like your log file to get before it gets rotated. | |||
The default size is 128kb. It is safe to leave it at whatever size you would like, but just keep in mind the larger the log is the harder it will be to find something, but the smaller the log file the more log files you will have overall. Press enter when you have chosen a log size. | |||
[3] The next step should be automatic unless you have a custom location for your kernel log. If you see a message like this: | |||
<syntaxhighlight lang="bash"> | |||
What is the location of your kernel log ? | |||
Found kernel log at /var/log/messages | |||
</syntaxhighlight> | |||
Then you are fine, it was able to autodetect your kernel log without error. If you do not see this, then you will have to enter the location of your kernel log manually, and press enter when complete. | |||
[4] Next is the address email alerts should be sent to. You can enter a local username, if you would like, or any email address. Press enter when you have selected your desired address. | |||
[5] Next you will select how many alerts to send before disabling the email alerts to prevent flooding. We recommend setting this as high as you feel comfortable with, as missing alerts can be bad. | |||
=== Service Configuration === | |||
After that, you will see this: | |||
<syntaxhighlight lang="bash"> | |||
The below are configuration options for Service modules: | |||
press return to continue... | |||
</syntaxhighlight> | |||
Press enter when you are ready. We are going to configure what SIM monitors and how. | |||
First, you will select whether or not you want SIM to attempt to auto-restart failed services. If you choose to disable this, you will need to start the services manually. Enter true to enable this, or false to disable. | |||
[1] We can select whether or not to use laxed service checking. It is usually a good idea to leave this at true, otherwise SIM is known to have some false reports of service failure. Press enter when you have made your choice. | |||
[2] Next, we are selecting how many times the auto-restart will try before it gives up. | |||
Leaving this at a number around 8-10 is what we recommend. This gives SIM enough changes while preventing it from going off the deep end restarting services forever. Once you make your choice, press enter. | |||
=== Service Selection === | |||
We'll now choose which services you want to monitor. For each item, you can type true to enable monitoring, or false to disable it. | |||
==== FTP ==== | |||
First up is the FTP daemon. If you choose to monitor FTP, you will see something similar to: | |||
<syntaxhighlight lang="bash">Name of the FTP service as appears in 'ps' ? | |||
Found service name as proftpd | |||
TCP/IP port that FTP operates on ? | |||
</syntaxhighlight> | |||
We now have to enter the port that your FTP server runs on. 9 times out of 10 you can leave the FTP port at 21. The only reason this should change is if you use a custom FTP port. If you do, enter it in. Press enter when you are ready. | |||
You have to input the location of the FTP service init script. If you are using proftpd, pure-ftpd, or other common FTP service daemons, it will be able to locate it automatically. Please make sure that it locates the correct service daemon that you have employed. If it does not, you will need to enter it in yourself. Press enter when done. | |||
==== HTTP ==== | |||
Next is HTTP monitoring. If you choose to monitor this service, enter true and press enter. | |||
Input the location of the HTTP service init script. If you are using Apache or other common HTTP service daemons, it will be able to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done. | |||
==== DNS ==== | |||
Next is DNS monitoring. If you choose to monitor this service, enter true and press enter. | |||
You have to select the port that your DNS service is running on. Unless you have specially configured your DNS server to a custom port, it will automatically detect this. Otherwise, you will need to enter the port and press enter when ready. | |||
Input the location of the DNS service init script. If you are using named or other common DNS service daemons, SIM will be able to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done. | |||
==== SSH ==== | |||
Next is SSH monitoring. If you choose to monitor this service, enter true and press enter. Next you have to select the port that your SSH service is running on. Unless you have specially configured your SSH server to a custom port, it will automatically detect this. Otherwise, you will need to enter the port and press enter when ready. | |||
Input the location of the SSH service init script. It will try to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done. | |||
==== MySQL ==== | |||
Next is MySQL monitoring. If you choose to monitor this service, enter true and press enter. Next you have to select the port that your mySQL service is running on. Unless you have specially configured your MySQL server to a custom port, it will automatically detect this. Otherwise, you will need to enter the port and press enter when ready. | |||
Input the location of the MySQL service init script. SIM will try to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done. | |||
==== SMTP ==== | |||
Next is SMTP monitoring. If you choose to monitor this service, enter true and press enter. Select the port that your SMTP service is running on. Unless you have specifally configured SMTP to run on a special port, enter 25 and press enter. | |||
Input the location of the SMTP service init script. SIM will try to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done. | |||
==== xinetd ==== | |||
Next is xinetd monitoring. If you choose to monitor this service, enter true and press enter. It should automatically detect xinetd as the service name. If it does not, you will need to manually enter the name of the service. Next you have to select the port that your xinetd service is running on. Unless you have specifally configured xinetd to run on a special port, enter 110 and press<br /> enter. | |||
Input the location of the xinetd service init script. SIM will try to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done. | |||
==== Ensim ==== | |||
Next is ENSIM monitoring. If you choose to monitor this service, enter true and press enter. Select the port that your Ensim service is running on. Unless you have specifally configured ENSIM to run on a special port, enter 19638 and press enter. Next you have to input the location of the ENSIM service init script. It will try to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done. | |||
==== PostgreSQL ==== | |||
Next is postgreSQL If you choose to monitor this service, enter true and press enter. Next you have to input the location of the PGSQL service init script. It will try to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done. | |||
After that, you should see something similar to this: | |||
<syntaxhighlight lang="bash"> | |||
The below are configuration options for System modules: | |||
press return to continue... | |||
</syntaxhighlight> | |||
Press enter when you are ready. | |||
=== Network Monitoring === | |||
The SIM setup script will ask you if you want monitor the network. Unless you have two network devices and two network connections to different networks, there is no purpose to enable this. If the network goes down, it will be unable to send you an email alert in the first place. If you need to monitor the network availability of your server, we recommend using a monitor that runs from outside the server's network. | |||
=== Load Monitoring === | |||
Next is the load monitor. If you wish to monitor your system's load, type in true and hit enter. Select the warning threshold. The default is 25, which is actually pretty high. We recommend setting the limit to 10 or 15 instead, but it is up to you. Enter in the load limit, and press enter. Select the load "critical" limit. The default is 45, which is also very high. we recommend 25 or 30. | |||
If you would like a message sent to all current shell users on your server when the load reaches the warning or critical levels, type in true and hit enter. | |||
SIM gives you the option to renice (set different CPU priority) services if the load gets too high. You can disable it (false), have it set to critical (crit), or warning (warn). Enter your choice and press return. | |||
SIM also gives you the option to halt services when the load reaches the warning or critical levels. You can disable it (false), have it set to critical (crit), or warning (warn). Enter your choice and press return. | |||
Lastly is the option to reboot the system when the load reaches the warning or critical levels. We do not recommend this. This can cause the server to reboot at strange and unexpected moments, which can corrupt hard drives and may harm your filesystem. You can disable it (false), have it set to critical (crit), or warning (warn). Enter your choice and press return. | |||
After that, you should see: | |||
<syntaxhighlight lang="bash"> | |||
Configuration completed, saving conf.sim... | |||
Done, conf.sim saved to /usr/local/sim. | |||
</syntaxhighlight> | |||
SIM is now configured to monitor your system. | |||
[[Category:SIM (System Integrity Monitor)]] |
Latest revision as of 10:21, 9 October 2012
In this guide, we will go over how to install the System Integrity Monitor (SIM).
Installing SIM
[1] Login to the root shell account of your server.
[2] Run these commands:
<syntaxhighlight lang="bash"> wget http://www.rfxn.com/downloads/sim-current.tar.gz tar -xzf sim-current.tar.gz; rm -f sim-current.tar.gz cd sim-* sh ./install.sh -i </syntaxhighlight>
You will see something like this:
<syntaxhighlight lang="bash"> SIM 2.5-4 Press return, to view the GPL lisencing for SIM 2.5-4. </syntaxhighlight>
[3] Press enter to view the GPL License. Press enter to scroll down, and when you are done looking, press 'Q'.
This will repeat for the README. Press enter to scroll down, and when you are finished, press 'Q'.
[4] You will see a message indicating SIM has been installed:
<syntaxhighlight lang="bash"> SIM 2.5-4 installation completed, related notes: Executable: /usr/local/sim/sim Executable symlink: /usr/local/sbin/sim Config file: /usr/local/sim/conf.sim Autoconf script: /usr/local/sim/autoconf Autoconf symlink: /usr/local/sbin/sim-autoconf Cronjob setup: /usr/local/sim/sim -j </syntaxhighlight>
Configuring SIM
SIM is actually installed at this point, but we still need to configure it. The install script comes with a nice configuration script too, so we just have to answer some questions. Press return to start the configure script. You will see this:
<syntaxhighlight lang="bash"> SIM 2.5-4 Auto-Config Script All questions default to value in brackets if no answer is given. If you make a typo during the autoconf process, hit CTRL C (^C) to abort and rerun the autoconf script (/usr/local/sim/autoconf).
The below are general configuration options for SIM:
press return to continue... </syntaxhighlight>
Press return when you are ready.
General Configuration
[1] The first question, "Where is SIM installed ?" can be left as default, because that is where the install script installs SIM. Just press enter a single time.
[2] The next question asks where you would like the log file to be created. You can select wherever you wish, but we recommend leaving it as default, or placing it with the rest of your system logs in a location such as /var/log/sim.log. It is up to you. Press enter when you have chosen a location.
Next it asks how large you would like your log file to get before it gets rotated.
The default size is 128kb. It is safe to leave it at whatever size you would like, but just keep in mind the larger the log is the harder it will be to find something, but the smaller the log file the more log files you will have overall. Press enter when you have chosen a log size.
[3] The next step should be automatic unless you have a custom location for your kernel log. If you see a message like this:
<syntaxhighlight lang="bash"> What is the location of your kernel log ? Found kernel log at /var/log/messages </syntaxhighlight>
Then you are fine, it was able to autodetect your kernel log without error. If you do not see this, then you will have to enter the location of your kernel log manually, and press enter when complete.
[4] Next is the address email alerts should be sent to. You can enter a local username, if you would like, or any email address. Press enter when you have selected your desired address.
[5] Next you will select how many alerts to send before disabling the email alerts to prevent flooding. We recommend setting this as high as you feel comfortable with, as missing alerts can be bad.
Service Configuration
After that, you will see this:
<syntaxhighlight lang="bash"> The below are configuration options for Service modules: press return to continue... </syntaxhighlight>
Press enter when you are ready. We are going to configure what SIM monitors and how.
First, you will select whether or not you want SIM to attempt to auto-restart failed services. If you choose to disable this, you will need to start the services manually. Enter true to enable this, or false to disable.
[1] We can select whether or not to use laxed service checking. It is usually a good idea to leave this at true, otherwise SIM is known to have some false reports of service failure. Press enter when you have made your choice.
[2] Next, we are selecting how many times the auto-restart will try before it gives up.
Leaving this at a number around 8-10 is what we recommend. This gives SIM enough changes while preventing it from going off the deep end restarting services forever. Once you make your choice, press enter.
Service Selection
We'll now choose which services you want to monitor. For each item, you can type true to enable monitoring, or false to disable it.
FTP
First up is the FTP daemon. If you choose to monitor FTP, you will see something similar to:
<syntaxhighlight lang="bash">Name of the FTP service as appears in 'ps' ? Found service name as proftpd
TCP/IP port that FTP operates on ? </syntaxhighlight>
We now have to enter the port that your FTP server runs on. 9 times out of 10 you can leave the FTP port at 21. The only reason this should change is if you use a custom FTP port. If you do, enter it in. Press enter when you are ready.
You have to input the location of the FTP service init script. If you are using proftpd, pure-ftpd, or other common FTP service daemons, it will be able to locate it automatically. Please make sure that it locates the correct service daemon that you have employed. If it does not, you will need to enter it in yourself. Press enter when done.
HTTP
Next is HTTP monitoring. If you choose to monitor this service, enter true and press enter.
Input the location of the HTTP service init script. If you are using Apache or other common HTTP service daemons, it will be able to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done.
DNS
Next is DNS monitoring. If you choose to monitor this service, enter true and press enter.
You have to select the port that your DNS service is running on. Unless you have specially configured your DNS server to a custom port, it will automatically detect this. Otherwise, you will need to enter the port and press enter when ready.
Input the location of the DNS service init script. If you are using named or other common DNS service daemons, SIM will be able to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done.
SSH
Next is SSH monitoring. If you choose to monitor this service, enter true and press enter. Next you have to select the port that your SSH service is running on. Unless you have specially configured your SSH server to a custom port, it will automatically detect this. Otherwise, you will need to enter the port and press enter when ready.
Input the location of the SSH service init script. It will try to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done.
MySQL
Next is MySQL monitoring. If you choose to monitor this service, enter true and press enter. Next you have to select the port that your mySQL service is running on. Unless you have specially configured your MySQL server to a custom port, it will automatically detect this. Otherwise, you will need to enter the port and press enter when ready.
Input the location of the MySQL service init script. SIM will try to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done.
SMTP
Next is SMTP monitoring. If you choose to monitor this service, enter true and press enter. Select the port that your SMTP service is running on. Unless you have specifally configured SMTP to run on a special port, enter 25 and press enter.
Input the location of the SMTP service init script. SIM will try to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done.
xinetd
Next is xinetd monitoring. If you choose to monitor this service, enter true and press enter. It should automatically detect xinetd as the service name. If it does not, you will need to manually enter the name of the service. Next you have to select the port that your xinetd service is running on. Unless you have specifally configured xinetd to run on a special port, enter 110 and press
enter.
Input the location of the xinetd service init script. SIM will try to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done.
Ensim
Next is ENSIM monitoring. If you choose to monitor this service, enter true and press enter. Select the port that your Ensim service is running on. Unless you have specifally configured ENSIM to run on a special port, enter 19638 and press enter. Next you have to input the location of the ENSIM service init script. It will try to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done.
PostgreSQL
Next is postgreSQL If you choose to monitor this service, enter true and press enter. Next you have to input the location of the PGSQL service init script. It will try to locate it automatically. If it does not, you will need to enter it in yourself. Press enter when done.
After that, you should see something similar to this:
<syntaxhighlight lang="bash"> The below are configuration options for System modules: press return to continue... </syntaxhighlight>
Press enter when you are ready.
Network Monitoring
The SIM setup script will ask you if you want monitor the network. Unless you have two network devices and two network connections to different networks, there is no purpose to enable this. If the network goes down, it will be unable to send you an email alert in the first place. If you need to monitor the network availability of your server, we recommend using a monitor that runs from outside the server's network.
Load Monitoring
Next is the load monitor. If you wish to monitor your system's load, type in true and hit enter. Select the warning threshold. The default is 25, which is actually pretty high. We recommend setting the limit to 10 or 15 instead, but it is up to you. Enter in the load limit, and press enter. Select the load "critical" limit. The default is 45, which is also very high. we recommend 25 or 30.
If you would like a message sent to all current shell users on your server when the load reaches the warning or critical levels, type in true and hit enter.
SIM gives you the option to renice (set different CPU priority) services if the load gets too high. You can disable it (false), have it set to critical (crit), or warning (warn). Enter your choice and press return.
SIM also gives you the option to halt services when the load reaches the warning or critical levels. You can disable it (false), have it set to critical (crit), or warning (warn). Enter your choice and press return.
Lastly is the option to reboot the system when the load reaches the warning or critical levels. We do not recommend this. This can cause the server to reboot at strange and unexpected moments, which can corrupt hard drives and may harm your filesystem. You can disable it (false), have it set to critical (crit), or warning (warn). Enter your choice and press return.
After that, you should see:
<syntaxhighlight lang="bash"> Configuration completed, saving conf.sim... Done, conf.sim saved to /usr/local/sim. </syntaxhighlight>
SIM is now configured to monitor your system.