Getting what looks like a stackdump in -vv output
Issue #108
invalid
Running monit to watch for ssh logins and when a match is found an email is sent to me via gmail smtp. What looks like a stackdump shows up in when running monit -vv. Everything runs fine, and an alert email gets sent. Not sure where this is coming from.
-------------------------------------------------------------------------------
0 monit 0x00000001076519bb log_backtrace + 75
1 monit 0x00000001076514a9 LogError + 169
2 monit 0x000000010764cf43 Event_post + 1107
3 monit 0x0000000107661243 check_file + 2195
4 monit 0x000000010765ef29 validate + 921
5 monit 0x0000000107649ba1 main + 2033
6 libdyld.dylib 0x00007fff8dec35fd start + 1
7 ??? 0x0000000000000005 0x0 + 5
-------------------------------------------------------------------------------
Here is the relevant info from my setup.
[foo@bar monit-5.10]$ ./monit -c monitrc -I -vv
Adding host allow 'localhost'
Skipping redundant host 'localhost'
Adding credentials for user 'admin'
Adding PAM group 'monit'
Adding PAM group 'users'
Runtime constants:
Control file = /Users/foo/Downloads/monit-5.10/monitrc
Log file = (not defined)
Pid file = /Users/foo/.monit.pid
Id file = /Users/foo/.monit.id
State file = /Users/foo/.monit.state
Debug = True
Log = False
Use syslog = False
Is Daemon = True
Use process engine = True
Poll time = 60 seconds with start delay 0 seconds
Expect buffer = 256 bytes
Mail server(s) = smtp.gmail.com:587(ssl) with timeout 30 seconds
Mail from = monit@bar.local
Mail subject = $SERVICE $EVENT at $DATE
Mail message = Monit $ACTION $SERVI..(truncated)
Start monit httpd = True
httpd bind address = localhost
httpd portnumber = 2812
httpd signature = True
Use ssl encryption = False
httpd auth. style = Basic Authentication and Host/Net allow list
Alert mail to = foo@gmail.com
Alert on = Checksum Connection Content Data Exec Fsflags Gid Icmp Invalid Permission Resource Size Status Timeout Timestamp Uid Uptime
The service list contains the following entries:
File Name = ssh_logins
Path = /var/log/system.log
Monitoring mode = active
Existence = if does not exist then restart
Pattern = if match "Accepted publickey" then alert
System Name = bar.local
Monitoring mode = active
-------------------------------------------------------------------------------
pidfile '/Users/foo/.monit.pid' does not exist
Starting Monit 5.10 daemon with http interface at [localhost:2812]
Starting Monit HTTP server at [localhost:2812]
Monit HTTP server started
'bar.local' Monit started
'ssh_logins' file exists
'ssh_logins' is a regular file or socket
'ssh_logins' Pattern 'Accepted publickey' doesn't match on content line [Nov 6 13:37:15 bar.local natd[1460]: failed to write packet back (Permission denied)]
'ssh_logins' content doesn't match
'ssh_logins' file exists
'ssh_logins' is a regular file or socket
'ssh_logins' Pattern 'Accepted publickey' doesn't match on content line [Nov 6 13:37:26 bar com.apple.launchd.peruser.501[156] (com.apple.FileStatsAgent): Throttling respawn: Will start in 9 seconds]
'ssh_logins' Pattern 'Accepted publickey' doesn't match on content line [Nov 6 13:37:28 bar.local login[74444]: USER_PROCESS: 74444 ttys007]
'ssh_logins' Pattern 'Accepted publickey' match on content line [Nov 6 13:37:30 bar.local foo[74459]: Accepted publickey]
'ssh_logins' content match:
Nov 6 13:37:30 bar.local foo[74459]: Accepted publickey
-------------------------------------------------------------------------------
0 monit 0x00000001076519bb log_backtrace + 75
1 monit 0x00000001076514a9 LogError + 169
2 monit 0x000000010764cf43 Event_post + 1107
3 monit 0x0000000107661243 check_file + 2195
4 monit 0x000000010765ef29 validate + 921
5 monit 0x0000000107649ba1 main + 2033
6 libdyld.dylib 0x00007fff8dec35fd start + 1
7 ??? 0x0000000000000005 0x0 + 5
-------------------------------------------------------------------------------
Content match notification is sent to foo@gmail.com
[foo@bar monit-5.10]$ grep -v ^# monitrc
set daemon 60 # check services at 1-minute intervals
set httpd port 2812 and
use address localhost # only accept connection from localhost
allow localhost # allow localhost to connect to the server and
allow admin:monit # require user 'admin' with password 'monit'
allow @monit # allow users of group 'monit' to connect (rw)
allow @users readonly # allow users of group 'users' to connect readonly
include /Users/foo/Downloads/monit-5.10/foo/*
set mailserver smtp.gmail.com port 587
username "foo@gmail.com" password "password"
using tlsv1
with timeout 30 seconds
SET mail-format {
from: monit@bar.local
subject: $SERVICE $EVENT at $DATE
message: Monit $ACTION $SERVICE at $DATE on $HOST: $DESCRIPTION.
Yours sincerely,
monit
}
set alert foo@gmail.com NOT ON { action, instance, pid, ppid, nonexist }
[foo@bar monit-5.10]$ cat foo/monit_ssh_logins.conf
check file ssh_logins with path /var/log/system.log
if match "Accepted publickey" then alert
Comments (2)
-
repo owner -
repo owner - changed status to invalid
- Log in to comment
Stacktrace on error is intentional and it's the only effect of -vv option, see "monit -h":
If you don't want to see stacktrace on error, use simple -v option.