[BlueOnyx:25677] Re: Monitor timeout setting
Michael Stauber
mstauber at blueonyx.it
Tue Nov 8 13:36:54 -05 2022
Hi Bob,
> In the past few days we are starting to see a ton of monitor emails re:
>
> smtp server down / smtp server up
> AV-SPAM service down / AV-SPAM service up
> Milter-GeoIP not running / Miter-GeoIP up and running
>
> I'm guessing it's due to increased spam traffic?
Yeah, a common cause for this is that your SMTP is getting hammered by
brute force login attempts.
> The services seems to
> be still working for the users; meaning we're not getting any
> complaints. So I was thinking about increasing the duration that the
> monitor triggers on but I cannot find such in the UI. Is there a way to
> modify this? Or any insights on the increased monitor activity?
You're looking for this cronjob: /etc/cron.d/swatch.cron
*/15 * * * * root /usr/sausalito/sbin/swatch.sh >/dev/null 2>&1
Every 15 minutes it runs /usr/sausalito/sbin/swatch.sh, which checks the
state of enabled services and restarts them if need be.
If you want to run it every 5 minutes instead of every 15, just edit
/etc/cron.d/swatch.cron and change the leading */15 to */5 and save the
changes.
For good measure restart crond:
systemctl restart crond
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list