Knock Daemon is a lightweight python daemon backed by a managed supervision infrastructure.
Knock Daemon runs locally on your servers and works locally. The only outbound traffic is toward our supervision infrastructure, using encryption (https) and optimized protocol (json/gzip).
We only work locally inside your server. We only read data inside your server. We modify nothing inside your server.
Knock Daemon buffers json protocol in-memory (limited in size). It emits json requests at regular intervals.
We choose to keep json buffer in memory without flushing to disk. Many reasons to this, but mainly we want to avoid using disk space on your server. It also keeps daemon code path simple (KISS).
Knock Daemon is python based, gevent/co-routine backed (single threaded), has light memory, cpu and network footprints. Our goal is clear : monitor servers with the lowest footprint possible.
We spent years handling servers and softwares in high performance, high traffic production platforms.
Setting up supervision on different kind of servers is often painful. You have to think what is running. You have to adapt supervision to newly installed or removed software components. This is often manual, time consuming and error proof.
We decided to address this using a daemon which auto-discover services to monitor, with - almost - zero-configuration required. For instance, if you add nginx on some servers, the daemon will adapt to that.
More over, having a platform of hundreds of servers requires an overview of this platform. That's why we support - in standard - "aggregated" probes, which gives you a dashboard of your platform.
You may open bugs or enhancements requests within the daemon source code repository : https://bitbucket.org/knockcenter/kdaemon.
Please provide as much details as possible (os details, daemon logs, strace logs, repro steps...).
Unittests, with mocks, are a must.
Alerts thresholds are managed by Knock. We will not accept custom thresholds requests at this stage.
Notifications will be sent to the two emails you have to specify. Please refer to : How notifications behave.
Please note that everything in Knock works in UTC / GMT time zone.
Official support :
Beta support :
Experimental support :
We currently support for all operating systems :
We currently support for all Linux operating systems (Windows support will come later) :
Some of them require configurations on your end. Please refer to : How to monitor.
Windows installer is provided as an MSI file build with Wix Installer.
At this stage, the MSI file is not yet signed by a code signing certificate, this will be fixed soon.
The installer will ask for your Knock namespace and namespace api key during install or upgrade.
Though covered by massive unit tests, the Windows daemon and the Windows installer are still in beta stage. In case of any issues, contact us.
After MSI installation, binary and configuration files are located at "C:\Program Files (x86)\Knock\KnockDaemon\" or equivalent.
Knock Daemon NT service flush some logs toward Application event log.
Lifecycle event logs are written at short intervals after service start, then each hour later on.
Complete logs files are available at "C:\Windows\system32\config\systemprofile\AppData\Local\knockdaemon\" or equivalent (refer to Event logs entries to locate your current log file).
There is one log file per day, with 7 days retention.
By default, clock synchronization on windows is done once a week or once a day. This will result in progressive time shifting and time difference alerts.
To decrease time synchronization intervals to one hour:
And do not forget to engage automatic clock synchronization under Windows clock settings.
Windows like swap and use swap, even if you have lot of memory free and/or cached.
You may experience swap usage alerts even on normal conditions.
Windows swappiness cannot be configured, a solution is to disable swap, or increase disk swap size to mitigate these alerts.