Hi All,
I am running Nagios core 4.4.6 version (https://www.nagios.org/downloads/nagios-core/thanks/) on CentOS Linux release 8.3.2011. Is there a way to check if the login is working on a website using Nagios Core? I checked https://www.monitoring-plugins.org/doc/ ... _http.html but unable to see any option.
For example:- https://developerportal.mydomain.com/login using the below login credentials if the login is successful. If login fails then Nagios Core will trigger an alert saying login failure.
URL :- https://developerportal.mydomain.com/login
Username :- devadmin@mydomain.com
Password :- xxxxxxxxxxxxxxxxxx
Thanks in Advance. I look forward to hearing from you.
Best Regards,
Kaushal
How to login in to http website and check the pages
-
- Posts: 119
- Joined: Fri May 22, 2015 7:12 am
Re: How to login in to http website and check the pages
It depends on the form's behavior.
If there's something like a POST request that is being submit to /login as the login form's action, check_http supports setting the request method and providing request data:
If it's not just a generic HTTP POST request that the form is submitting, you would need to leverage something like Mechanize, Selenium, Cypress, Playwright, or similar utilities to handle driving the web browser.
Selenium used to have official support within Nagios XI for stuff like this, but it appears as though many of the Nagios+Selenium plugins are quite out of date.
I wrote this to run CasperJS based tests a while ago:
https://github.com/mcapra/nagios-check_casperjs
I have no idea if it still works. I only ever tested it on PhantomJS, which had development halted a few years ago.
If there's something like a POST request that is being submit to /login as the login form's action, check_http supports setting the request method and providing request data:
Code: Select all
-P, --post=STRING
URL encoded http POST data
-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT, CONNECT:POST)
Set HTTP method.
-T, --content-type=STRING
specify Content-Type header media type when POSTing
Selenium used to have official support within Nagios XI for stuff like this, but it appears as though many of the Nagios+Selenium plugins are quite out of date.
I wrote this to run CasperJS based tests a while ago:
https://github.com/mcapra/nagios-check_casperjs
I have no idea if it still works. I only ever tested it on PhantomJS, which had development halted a few years ago.
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
-
- Posts: 119
- Joined: Fri May 22, 2015 7:12 am
Re: How to login in to http website and check the pages
Thanks mcapra for the reply. I did the below config
./check_http -a "devops@mydomain.com:xxxxxxxxxx" develop.mydomain.com
HTTP OK: HTTP/1.0 301 Moved Permanently - 437 bytes in 0.018 second response time |time=0.018391s;;;0.000000;10.000000 size=437B;;;0
$./check_http -a “ops@mydomain.com:xxxxxxxxxx” develop.mydomain.com
HTTP OK: HTTP/1.0 301 Moved Permanently - 437 bytes in 0.024 second response time |time=0.024078s;;;0.000000;10.000000 size=437B;;;0
I tested it using the wrong email id and password, I see the same result. Ideally, it should return Unauthenticated. Am I missing anything?
Best Regards,
Kaushal
./check_http -a "devops@mydomain.com:xxxxxxxxxx" develop.mydomain.com
HTTP OK: HTTP/1.0 301 Moved Permanently - 437 bytes in 0.018 second response time |time=0.018391s;;;0.000000;10.000000 size=437B;;;0
$./check_http -a “ops@mydomain.com:xxxxxxxxxx” develop.mydomain.com
HTTP OK: HTTP/1.0 301 Moved Permanently - 437 bytes in 0.024 second response time |time=0.024078s;;;0.000000;10.000000 size=437B;;;0
I tested it using the wrong email id and password, I see the same result. Ideally, it should return Unauthenticated. Am I missing anything?
Best Regards,
Kaushal
Re: How to login in to http website and check the pages
You can also ask check_http to follow 3xx redirects, give that a try if you're expecting either a 200 or 401:
I'm not sure what the plugin's behavior is for 401 responses. You may need to look for 401 in the header:
Code: Select all
-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>
How to handle redirected pages. sticky is like follow but stick to the
specified IP address. stickyport also ensures port stays the same.
Code: Select all
-d, --header-string=STRING
String to expect in the response headers
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
-
- Posts: 119
- Joined: Fri May 22, 2015 7:12 am
Re: How to login in to http website and check the pages
Thanks for the reply. I use devops@mydomain.com:test@1234 to log in to https://develop.mydomain.com/user/login. It works without issue.I am attaching the screenshot for your reference. [img] [/img]
If I use the wrong password it will report an Unrecognized username or password. Forgot your password? I am attaching the screenshot for your reference.
[img] [/img]
./check_http -vvv -a "devops@mydomain.com:test@1234" --ssl -u /user/login -H develop.mydomain.com
HTTP OK: HTTP/1.1 200 OK - 334002 bytes in 0.088 second response time |time=0.087709s;;;0.000000;10.000000 size=334002B;;;0
./check_http -vvv -a "devops@mydomain.com:**t1234**" --ssl -u /user/login -H develop.mydomain.com
HTTP OK: HTTP/1.1 200 OK - 334034 bytes in 0.089 second response time |time=0.088863s;;;0.000000;10.000000 size=334034B;;;0
When I use the wrong password I still get 200 OK instead of 401 Unauthorized.
Please suggest further. Thanks in Advance.
Best Regards,
If I use the wrong password it will report an Unrecognized username or password. Forgot your password? I am attaching the screenshot for your reference.
[img] [/img]
./check_http -vvv -a "devops@mydomain.com:test@1234" --ssl -u /user/login -H develop.mydomain.com
HTTP OK: HTTP/1.1 200 OK - 334002 bytes in 0.088 second response time |time=0.087709s;;;0.000000;10.000000 size=334002B;;;0
./check_http -vvv -a "devops@mydomain.com:**t1234**" --ssl -u /user/login -H develop.mydomain.com
HTTP OK: HTTP/1.1 200 OK - 334034 bytes in 0.089 second response time |time=0.088863s;;;0.000000;10.000000 size=334034B;;;0
When I use the wrong password I still get 200 OK instead of 401 Unauthorized.
Please suggest further. Thanks in Advance.
Best Regards,
Re: How to login in to http website and check the pages
You can try adding the -v flag to get more verbose output for what exactly check_http is doing:
You can also use -e flag to instead look for that "Unrecognized username or password" message in the response body:
Without knowing specifically how the form is meant to behave (like what the actual code being executed is), it's hard for me to offer much insight.
Code: Select all
-v, --verbose
Show details for command-line debugging (Nagios may truncate output)
Code: Select all
-s, --string=STRING
String to expect in the content
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/