Monit is a tiny watchdog daemon that monitors processes, filesystems, and system health on a single host. It’s not a replacement for Prometheus or Nagios — it doesn’t talk to any external server — but for a box that needs “restart this daemon if it dies, page me if disk fills up, email me if load spikes”, Monit does exactly that in a single 1 MB binary with a config file that reads like plain English.
This guide installs Monit on Ubuntu 24.04 LTS and Debian 13, configures a few useful system checks, enables the built-in HTTP status page, and queries it to verify the daemon is watching what you told it to watch.
Tested April 2026 on Ubuntu 24.04.4 LTS with Monit 5.33.0 built with SSL, IPv6, and PAM support
Step 1: Install Monit
Monit is in the Debian and Ubuntu default repositories as a first-class citizen, so a single apt call is all you need:
sudo apt update
sudo apt install -y monitThe package includes a systemd unit that starts Monit at boot and restarts it if it crashes. Confirm the install and note the feature flags the build was compiled with:
monit --versionThe output reports the version and the feature flags the build was compiled with:
This is Monit version 5.33.0
Built with ssl, with ipv6, with compression, with pam and with large files
Copyright (C) 2001-2022 Tildeslash Ltd. All Rights Reserved.5.33 is the upstream stable released in late 2022. It’s the version shipping in both Debian 13 and Ubuntu 24.04 LTS.
Step 2: Understand the config layout
Monit reads its main config from /etc/monit/monitrc. It also scans /etc/monit/conf.d/ and /etc/monit/conf-enabled/ for additional .cfg files. The Debian packaging convention is to put new checks under /etc/monit/conf.d/ so package upgrades don’t touch your customizations.
ls /etc/monit/conf.d/ /etc/monit/conf-enabled/
head -20 /etc/monit/monitrcThe main file contains daemon-level settings (check interval, mail configuration, HTTP server). Keep your hands off it and drop individual checks into conf.d/.
Step 3: Add a system-level check
Create a config file that watches CPU, memory, load average, and root filesystem usage. Every line reads close to English so you can tweak thresholds without looking up syntax:
sudo vi /etc/monit/conf.d/system.cfgPaste in the following:
check system $HOST
if loadavg (1min) > 4 then alert
if loadavg (5min) > 2 then alert
if memory usage > 75% for 4 cycles then alert
if cpu usage (user) > 90% for 4 cycles then alert
if cpu usage (system) > 30% then alert
if cpu usage (wait) > 20% then alert
check filesystem rootfs with path /
if space usage > 80% then alert
if inode usage > 80% then alertMonit interprets “for 4 cycles” as “for four consecutive check intervals”, where the check interval is set in monitrc (default: 120 seconds). So “memory usage greater than 75% for 4 cycles” means the system has to be over 75% for 8 minutes continuously before the alert fires. This kind of hysteresis stops transient spikes from paging you at 3am.
Step 4: Validate and reload
Always run monit -t after editing a config. It parses every file under /etc/monit/conf.d/ and reports the first syntax error it finds:
sudo monit -tA clean config validates with a single line:
Control file syntax OKRestart Monit to pick up the new config. A plain reload also works but restarting is cleaner for a brand new install:
sudo systemctl restart monitStep 5: Enable the HTTP status interface
Monit ships with a tiny built-in HTTP server that exposes the current state of every check in HTML and in a plain-text API. It’s off by default. Turn it on by adding another config file. Keep the listener on localhost unless you have a reverse proxy with authentication:
sudo vi /etc/monit/conf.d/httpd.cfgPaste in the following block:
set httpd port 2812
use address localhost
allow localhost
allow admin:monitpassThe allow admin:monitpass line creates a user named admin with password monitpass that can view and control the HTTP interface. For production, generate a stronger password and put the whole endpoint behind an Nginx reverse proxy with a real Let’s Encrypt certificate.
Validate and restart:
sudo monit -t
sudo systemctl restart monitStep 6: Query the Monit status
With the HTTP interface up, you can fetch the full status via the command line. The monit status subcommand talks to the local daemon and prints everything it’s watching:
sudo monit statusA healthy system reports both the system-level check and the filesystem check as OK, with current values filled in:
System 'cfg-ubuntu24-b3'
status OK
monitoring status Monitored
monitoring mode active
load average [0.44] [0.25] [0.12]
cpu 0.0%usr 0.0%sys 0.0%nice 0.0%iowait
memory usage 306.4 MB [15.6%]
swap usage 0 B [0.0%]
uptime 6m
filedescriptors 1056 [0.0% of ... limit]
Filesystem 'rootfs'
status OK
monitoring status Monitored
filesystem type ext4
filesystem flags ro,nosuid,relatime,discard,errors=remount-roOr fetch the same data over the HTTP interface with curl:
curl -u admin:monitpass http://localhost:2812/_status?format=textStep 7: Watch a specific service
Add another file to watch, for example, your Nginx process. Monit reads the PID from a pidfile and sends SIGKILL if the process disappears, then runs a start script to bring it back:
sudo vi /etc/monit/conf.d/nginx.cfgAdd the process check below:
check process nginx with pidfile /run/nginx.pid
start program = "/bin/systemctl start nginx"
stop program = "/bin/systemctl stop nginx"
if failed host 127.0.0.1 port 80 protocol http
request "/" with timeout 10 seconds for 3 cycles
then restart
if 5 restarts within 5 cycles then alertWhat this does: every check cycle, Monit fetches http://127.0.0.1/. If Nginx fails to respond three cycles in a row (6 minutes by default), Monit calls the stop program and then the start program to try to recover. If the process has been restarted more than 5 times in 5 cycles, the watchdog gives up and raises an alert instead of bouncing the process forever.
Reload and confirm Nginx shows up in the status:
sudo monit -t
sudo systemctl reload monit
sudo monit statusMail alerts
For alerts to actually land in your inbox, configure the SMTP settings in /etc/monit/monitrc. A typical block for an authenticated SMTP relay (for example Amazon SES or Mailgun):
set mailserver smtp.example.com port 587
username "SMTP_USER" password "SMTP_PASS"
using tlsv1
set alert [email protected] not on { action, instance }The not on { action, instance } clause filters out noise from restart events and daemon lifecycle messages so you only get paged for actual failures. Validate and reload after editing.
Wrap up
Monit is the right tool when you want a single-file watchdog for a single machine. For fleet-wide observability, pair it with Prometheus (see our Prometheus MySQL exporter guide) and stream metrics into a central Grafana. For running services under a proper process manager with restart policies, our Supervisor + Celery guide covers the pattern. For the rest of the server setup, our Ubuntu 22.04 to 24.04 upgrade guide and our systemctl reference are the natural next steps.
