PHP Apached Question

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
brdr
Posts: 312
Joined: Mon Jun 02, 2014 12:49 pm

PHP Apached Question

Post by brdr »

Hi Nagios,

In ssl_request and access log I see these entries for certain hosts. This logging is happening extremely fast. I'm trying to track down the IP that is doing the requests. Can you please tell me what kind of request this is doing from within Nagios front-end? We have XI 5.2.2.

Thanks

[11/Jan/2016:10:57:32 -0500] x.x.x.x TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_host_status_detailed_info_html%22%2C%22args%22%3A%7B%22hostname%22%3A%22bos-800-81%22%2C%22host_id%22%3A%2214269%22%2C%22display%22%3A%22simple%22%7D%7D&nsp=fcb4d6a67db47c9bdadcbce7b60ac48f HTTP/1.1" 27
[11/Jan/2016:10:57:32 -0500] x.x.x.xTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_host_status_state_summary_html%22%2C%22args%22%3A%7B%22hostname%22%3A%22bos-800-81%22%2C%22host_id%22%3A%2214269%22%2C%22display%22%3A%22simple%22%7D%7D&nsp=fcb4d6a67db47c9bdadcbce7b60ac48f HTTP/1.1" 27
[11/Jan/2016:10:57:33 -0500] x.x.x.xTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_host_status_quick_actions_html%22%2C%22args%22%3A%7B%22hostname%22%3A%22bos-800-81%22%2C%22host_id%22%3A%2214269%22%2C%22display%22%3A%22simple%22%7D%7D&nsp=fcb4d6a67db47c9bdadcbce7b60ac48f HTTP/1.1" 27
[11/Jan/2016:10:57:33 -0500] x.x.x.xTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_host_comments_html%22%2C%22args%22%3A%7B%22hostname%22%3A%22bos-800-81%22%2C%22host_id%22%3A%2214269%22%2C%22display%22%3A%22simple%22%7D%7D&nsp=fcb4d6a67db47c9bdadcbce7b60ac48f HTTP/1.1" 27
[11/Jan/2016:10:57:33 -0500] x.x.x.xTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_host_status_detailed_info_html%22%2C%22args%22%3A%7B%22hostname%22%3A%22bos-800-81%22%2C%22host_id%22%3A%2214269%22%2C%22display%22%3A%22advanced%22%7D%7D&nsp=fcb4d6a67db47c9bdadcbce7b60ac48f HTTP/1.1" 27
[11/Jan/2016:10:57:33 -0500] x.x.x.xTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_host_status_attributes_html%22%2C%22args%22%3A%7B%22hostname%22%3A%22bos-800-81%22%2C%22host_id%22%3A%2214269%22%2C%22display%22%3A%22all%22%7D%7D&nsp=fcb4d6a67db47c9bdadcbce7b60ac48f HTTP/1.1" 27
[11/Jan/2016:10:57:35 -0500] x.x.x.xTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_host_status_state_summary_html%22%2C%22args%22%3A%7B%22hostname%22%3A%22bed-800-63%22%2C%22host_id%22%3A%2214246%22%2C%22display%22%3A%22simple%22%7D%7D&nsp=928a585874b9351893a90028a0f8a1f0 HTTP/1.1" 27
[11/Jan/2016:10:57:35 -0500] x.x.x.xTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_host_status_detailed_info_html%22%2C%22args%22%3A%7B%22hostname%22%3A%22bed-800-63%22%2C%22host_id%22%3A%2214246%22%2C%22disp
Top
rkennedy
Posts: 6579
Joined: Mon Oct 05, 2015 11:45 am

Re: PHP Apached Question

Post by rkennedy »

Ajax is called to refresh the data that you see on the page and sometimes there are multiple instances of it running per page. It isn't anything to worry abouti.
Former Nagios Employee
Top
brdr
Posts: 312
Joined: Mon Jun 02, 2014 12:49 pm

Re: PHP Apached Question

Post by brdr »

ok, thanks. I found the offending PC doing the SSL requests and rebooted it. The problem was that so much logging was going on it was filling up the /var filesystem. Please close.
Top
Locked

Return to “Nagios XI”