Monitor URL transactions

[bhadre]

Hi,

I need to monitor sso protected site with nagios. which method i need to use, I need to post username/password for verification. We are post Login credentials using Post data to Cleat trust URL.

Thanks,
Bhadre

[slansing]

You may be able to use check_http for this, I'd give it a shot:

http://www.nagios.org/download/plugins

http://linux.101hacks.com/unix/check-http/

[bhadre]

Hi slansing,

thanks for your quick reply.

Yes I am trying with that Plugin.
Here is my scenarios

First http://abc.com/ is my application URL
for Login page going to http://xyz.com/cleartrust/login.jsp authenticate it and return with application URL
http://abc.com/ABC/

I am using like this

./check_http -H abc.com -u http://abc.com/ -a 'user=xyz&password=123456'

got out put Like this

HTTP OK: HTTP/1.1 303 See Other

Thanks,
Bhadre

[abrist]

Looks like this is a redirect. Have you tried running the check with "follow" (-f) switch?

Code: Select all

./check_http -H abc.com -u http://abc.com/ -f -a 'user=xyz&password=123456'

EDIT: TmcD caught me, yes, you need "-f follow"

[bhadre]

Hi abrist,

I tried that option too, Getting the out put 302 Http status code and temporarily moved

[tmcdonald]

Can you show the exact command you ran and the output? abrist's command should haf "-f follow" instead of just "-f":

Code: Select all

./check_http -H abc.com -u http://abc.com/ -f follow -a 'user=xyz&password=123456'

[bhadre]

Hi,

I used the command like this

./check_http -H abc.com -u http://abc.com/ -f follow -a 'user=xyz&password=123456'

HTTP OK: HTTP/1.1 200 OK - 9241 bytes in 0.017 second response time |time=0.017379s;;;0.000000 size=9241B;;;0

Igive wrong username and password will get same out put

and one more

./check_http -H abc.com -u http://abc.com/ -f follow -a 'user=xyz&password=123456' -s "XYZ"

HTTP CRITICAL: HTTP/1.1 200 OK - string 'XYZ not found on 'http://xyz:80/cleartrust/ct_logon.jsp

Here how applications works

if we browse application URL(http://abc.com) from browser first redirect to RSA clear trust URL so It will go to http://xyz:80/cleartrust/ct_logon.jsp after enter login credential URL will redirect again to application URL( http://abc.com) with header data.

Thanks,
Bhadregowda

[abrist]

hmmm, I am unsure how check_http would handle this, I bet that it has issues doing more than 1 follow. Additionally, there is no clear way to define which redirect should receive the credentials. Could you break it up into 2 checks? One to check the first redirect, and the other to login and check the second redirect?

[sreinhardt]

Are you expecting the string match to be on the last page of this set of redirects? That is presently how check_http will work, is only matching after it hits the final page of redirects. Also could you append a -vvv to your commands so that we can get verbose output and see what is actually going on through the requests.

[bhadre]

Yes expecting the string match on last page of the URL redirection