Forum OpenACS Q&A: /monitor.tcl

Collapse
Posted by David Walker on
It seems to me that monitor.tcl shouldn't be in the root. I may have scripts that I have written where I wish their existence to be a secret as the general public has no need to know of their existence.

/access_restricted_directory/plain_text_credit_card_number_sales_report.tcl for example.

also the general public has no business knowing how busy my server is at the moment.
Collapse
2: Response to /monitor.tcl (response to 1)
Posted by mark dalrymple on
Putting it behind http authentication is cool.  Don't put monitor.tcl behind the OACS permissions system.  One of my favorite uses of monitor.tcl is diagnosing a web site that's in trouble.  If all of your db handles are tied up by a page with a bad query, monitor.tcl relying on OACS permissions (requiring a db hit) renders the tool useless.
Collapse
3: Response to /monitor.tcl (response to 1)
Posted by David Walker on
I'm testing out the following proc. I put it in my tcl directory and it checks for long running scripts and puts an error about them in the error log. Then aolserver-errors.pl emails me the errors.

Does anyone know of a timeout setting in aolserver so my script can't just run forever? Any script of mine running longer than 90 seconds is bad and should be killed.

proc vt_monitor_long_running_scripts {} {
  # check for long running scripts and add an error to the log for each
  set connections [ns_server active]

  foreach connection $connections {
        set conn [lindex $connection 0]
        set client_ip [lindex $connection 1]
        set state [lindex $connection 2]
        set method [lindex $connection 3]
        set url [lindex $connection 4]
        set n_seconds [lindex $connection 5]
        set bytes [lindex $connection 6]

        if {$n_seconds > 90} {
                ns_log error "Conn #: $conn Client IP: $client_ip State: $state
Method: $method URL: $url n seconds: ${n_seconds} bytes: $bytes "
        }
  }

}

ad_schedule_proc 60 vt_monitor_long_running_scripts
Collapse
4: Response to /monitor.tcl (response to 1)
Posted by MaineBob OConnor on

Hi David,

    ...I may have scripts that I have written where I wish their existence to be a secret as the general public has no need to know of their existence.

Here is some simple code that you can put at the top of any tcl proc so only your eyes see it.

# Assume that YOU are user_id 7 :

set user_id [ad_verify_and_get_user_id]

if { $user_id != 7 } {
    ns_returnredirect "/"
    return
}

Also you could just move the tcl file to the /admin directory then only admin useres could run it....