Name

monitor — report current status of Kernun proxies

Synopsis

monitor [-g [-f]] [-d dir] [-o file] [-w sec] [-r sec] [-c cols] [-t n [-T col]] [-s col] [-R type] [application...]

Description

Utility monitor provides a user interface to the Kernun application runtime monitoring facility. It reads the monitoring communication files created by running applications, processes the data, and generates reports. A report can be generated once or periodically, see option -r. The format of the report is either plain text or an HTML document. The report can be sorted by various criteria and contains information about all active proxy sessions or other entities, or only about a subset of them. It is possible to select applications by name (argument proxy) or location of communication files (-d). Another alternative is to show only top values, for example, only the 10 sessions with the largest amount of data downloaded from a server.

HTML output is intended for remote access to data monitoring. Remote access requires an HTTP server (secure and properly configured) on the firewall. If the server does not support CGI scripts or the security policy forbids them, monitor may be started as a daemon with -h, -r and other arguments that choose a fixed format of displayed information. The monitor then periodically generates a report as a static HTML page. If the monitor is used as a CGI script, it is possible to augment the report (-f) with a form that allows setting some report parameters. Option -r in both versions of HTML output instructs the user's browser to periodically refresh the page.

Arguments

-c cols

Selects the displayed colums, cols is a comma-separated list of column types (see below).

-d dir

Specifies a directory containing monitoring communication files. If not set, the current working directory is used by default.

-f

Adds a form for selecting some parameters to HTML output, processes input from the form.

Textual output is generated if neither -g nor -f is used.

-g

Generates HTML output.

-o file

Stores the output to a file instead of sending it to the standard output.

-r sec

Refreshes the report with given period (in seconds). HTML output will contain a Refresh header in order to automatically reload the page in a browser. If started as a CGI script, monitor always exits after the first report is generated, regardless of -r.

-R type

Print data from records of given type (see below).

-s col

The column type used for sorting the output. If not set, sin is used.

-t n

Shows only top n entries with the highest values (or the oldest time).

-T col

The column type used for -t. If not set, sin is used. Only times, byte counts, and speeds may be used here.

-w sec

Sets timeout (in seconds) for waiting for monitor-dump. When reading a communication file, monitor-dump must sometimes wait until the proxy finishes modification of the file. This options prevents indefinitely long waiting in the case of a synchronization error.

application...

Reports active data of these applications only. If no application is specified, all applications are reported.

Record Types and Column Names

The column set depends on particular record type.

SESSION record type

This type is a default type and is used by proxies and the atrmon application.

name

Proxy name, the name of section *-proxy in the configuration

prog

Proxy type, the name of the proxy executable

pid

PID of the process handling the session

start

Session start time (hour:min:sec), prefixed with date if not today

time

Current session duration time (hour:min:sec)

cip

Client numeric IP address and port

cname

Client name and port; IP to name resolution is done by proxy

sip

Server numeric IP address and port

sname

Server name and port; IP to name resolution is done by proxy

cout

Bytes received from the client

sout

Bytes sent to the server

sin

Bytes received from the server

cin

Bytes sent to the client

int

Measurement interval (in seconds) for communication speed evaluation

cos

Current speed of data receiving from the client (bytes per second)

sos

Current speed of data sending to the server (bytes per second)

sis

Current speed of data receiving from the server (bytes per second)

cis

Current speed of data sending to the client (bytes per second)

trunc

Flags indicating truncation of additional variable-length data (user, auser and file)

user

User name as authenticated by the proxy (not the user on the final server)

auser

AProxy user name authenticated by http-proxy(8)

file

Name of the file that is being currently downloaded/uploaded by ftp-proxy(8) or the current request URI in http-proxy(8)

all

All columns

def

A default set of columns: name,time,cname,sname,sout,sin,sos,sis

HOSTMON record type

This type is used by host monitoring applications like atrmon and pikemon.

name

Application name

entity

Entity for which the monitoring is relevant, i.e. a VIRTUAL-CLUSTER name for pikemon and a REQUEST-ACL.ADDRESS for atrmon

group

The name of a group with ping target hosts

target_ip

Particular target host to ping

err_tot

Total number of unsuccessful ping attempts

sent_tot

Total number of ping sent

rtt_tot

An average RTT of total responses received

age1

Age of the last ping response

rtt1

Round trip time of the last ping

period

Length of the last monitored period

errp

Number of unsuccessful ping attempts during the last period

sentp

Number of ping sent during the last period

rttp

An average RTT of responses received during the last period

PIKEMON record type

This type is used by cluster monitoring application pikemon.

name

Application name

vcname

The VIRTUAL-CLUSTER name

host_prio

This host priority (Primary vs. Secondary)

host_state

This host state (Master vs. Backup)

host_ready

This host health status (Up vs. Down)

sensors

Number of live sensors (ping groups and/or watched interfaces) and number of all sensors

peer_prio

Peer host priority (Primary vs. Secondary)

peer_state

Peer host state (Master vs. Backup)

peer_ready

Peer host health status (Up vs. Down)

last_hello

An age of the last HELO packet received from the peer

Configuration

It is possible to configure colors used by the monitor in HTML output and the description of the abbreviated column names. See instructions at the beginning of the monitor script.

See Also

monitoring(7), ftp-proxy(8), http-proxy(8)

Authors

This man page is a part of Kernun Firewall.
Copyright © 2000–2021 Trusted Network Solutions, a. s.
All rights reserved.