Server Port Status Check Monit Configuration

Question

I have two servers with several services running there and I want monit to check whether some ports (relative to that service) are listening or not with monit. The configuration relatively simple, monit check port status, when failed monit will start a Nmap bash script and send the status to the file. Plus, in the same function, monit will send alert after 5 cycles.

The problem is after monit send a connections failed alert, then in the next 5 minutes monit send again a connection suceeded alert. When I checked the Nmap log script there's no port failed (filtered or close)/port status is always open. I've also checked manually with Nmap (without script) when monit send failed alert but the result is always the same: port status is open:

Why monit do always send failure alert when the port is open, and why in the next 5 minutes interval I see connection succeeded? I've changed set daemon to 30, and then the alert interval become 1.5 minutes, and lastly revert daemon to be 300, but now the alert interval is always be 1.5 minutes.

This is my /etc/monitrc configuration for first server (another server configuration script exactly the same)

set daemon  300              # check services at 300 seconds (5 minutes) intervals

check host somehost with address somehost.com
        start program = "/opt/monit/scripts/checkport.sh start"
        stop program = "/opt/monit/scripts/checkport.sh stop"
        if failed port 80 then restart
        if failed port 843 then restart
        if failed port 2121 then restart
        if failed port 8080 then restart
        if failed port 80 for 5 cycles then alert
        if failed port 843 for 5 cycles then alert
        if failed port 2121 for 5 cycles then alert
        if failed port 8080 for 5 cycles then alert
        alert [email protected] with reminder on 5 cycles 

and this is my /opt/monit/checkport.sh script, an slightly modified version from this example

#!/bin/bash

case $1 in
     start)
            nmap -p 80,843,2121,8080 -P0 somehost.com -oG-| awk 'NR>=6 && NR<=9 {print $1 "\t" $2}' | cat >> /opt/monit/log/checkedport | date >> /opt/monit/log/checkedport & echo $! > /var/run/checkport.pid ;
            ;;
     stop)
       pkill -F /var/run/checkport.pid ;;
     *)
       echo "usage: checkport {start|stop}" ;;
    esac
    exit 0 

Answer 1

I think no need of nmap port checking script.

check host myhost with address 0.0.0.0
if failed port 80 then alert
if failed port 843 then alert
alert [email protected] with reminder on 5 cycles

add your monit ports like this. its enough for monit. when your port is down coming alert

Answer 2

Below worked for me [ port monitoring with service restart in Monit ]

check host {any name to identify} with address 127.0.0.1
start program = "/bin/systemctl start {service name}"
stop program = "/bin/systemctl stop {service name}"
if failed port {port number} then restart
if 5 restarts within 5 cycles then timeout