We have a website that continues to become unavailable although the service is running fine so I am being asked to authenticate to the site to ensure its availability.
My thoughts on this are to authentication to website and find a string on the page.
would check_http be able to do this?
Any insight on the proper syntax for it?
To make this worse the username has a / in it and the password has ? and ! in it.
syntax for check_http
Re: syntax for check_http
How is the authentication handled? If it is using anything other than HTTP basic auth you will need to use something like Selenium or WebInject to simulate a login:
https://assets.nagios.com/downloads/nag ... ios-XI.pdf
https://assets.nagios.com/downloads/nag ... ios-XI.pdf (page 5)
Edit: Well, that's not entirely true. If you can pass login credentials or a token as part of the URL you can likely check a page that requires logging in with check_http alone, but this is not good security practice (nor incredibly common).
https://assets.nagios.com/downloads/nag ... ios-XI.pdf
https://assets.nagios.com/downloads/nag ... ios-XI.pdf (page 5)
Edit: Well, that's not entirely true. If you can pass login credentials or a token as part of the URL you can likely check a page that requires logging in with check_http alone, but this is not good security practice (nor incredibly common).
Former Nagios employee
Re: syntax for check_http
From the help menu:emartine wrote: Any insight on the proper syntax for it?
Code: Select all
-s, --string=STRING
String to expect in the content
Code: Select all
[root@localhost libexec]# ./check_http -H www.example.com -s "established"
HTTP OK: HTTP/1.1 200 OK - 1622 bytes in 0.367 second response time |time=0.366765s;;;0.000000 size=1622B;;;0
If it's basic auth:emartine wrote: To make this worse the username has a / in it and the password has ? and ! in it.
Code: Select all
-a, --authorization=AUTH_PAIR
Username:password on sites with basic authenticationCode: Select all
-P, --post=STRING
URL encoded http POST dataCode: Select all
[root@localhost libexec]# ./check_http -H test.site.com -s fancy/text"?"stuff\!
HTTP OK: HTTP/1.1 200 OK - 3604 bytes in 0.096 second response time |time=0.095762s;;;0.000000 size=3604B;;;0
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
Re: syntax for check_http
That is why the account I am using is a restricted account and the web pages have nothing that can be modified anyway. It will only have access to a specific page and nothing more.
check_http -s "my (their) string im looking for (1.0)" -f ok -I <SERVERIP> -u "URL" -S -p 443 -a "some/account:!some.?password"
can you help witht he special character syntax?
check_http -s "my (their) string im looking for (1.0)" -f ok -I <SERVERIP> -u "URL" -S -p 443 -a "some/account:!some.?password"
can you help witht he special character syntax?
Re: syntax for check_http
Here's what worked for me:
username: test/user
password: !some.?password
And, for posterity, as a service definition in the GUI:
username: test/user
password: !some.?password
Code: Select all
[root@localhost libexec]# ./check_http -H test.site.com -a test/user:\!some."?"password
HTTP OK: HTTP/1.1 200 OK - 2171 bytes in 0.046 second response time |time=0.045749s;;;0.000000 size=2171B;;;0You do not have the required permissions to view the files attached to this post.
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
Re: syntax for check_http
My check is being redirected to the login page and doesn't actually authenticate. I used the -v option to show syntax. Any idea why the -a isn't working?
Re: syntax for check_http
Are you absolutely certain that basic authentication is what's used to authenticate? If the -a flag fails, check_http usually returns a 401. There isn't usually a "login page" to redirect to, but if this is the case we might need to revise the command.
Can you also show us the -v output (omitting sensitive information)?
Can you also show us the -v output (omitting sensitive information)?
You do not have the required permissions to view the files attached to this post.
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
Re: syntax for check_http
This is probably form based.
I am getting a STATUS: HTTP/1.1 302 Found
**** HEADER ****
<<URL and server app information>>
**** CONTENT ****
<<OBJECT MOVED>> <<LOGIN>>
I am getting a STATUS: HTTP/1.1 302 Found
**** HEADER ****
<<URL and server app information>>
**** CONTENT ****
<<OBJECT MOVED>> <<LOGIN>>
Re: syntax for check_http
Ah, if it's form based I can't provide much insight other than to use the aforementioned -P flag and change your url path to the form's onsubmit or action value. That's getting pretty technical though. I was able to do that with an incredibly simple form, but not all forms are created equal. If the form has any sort of back-end handling, just passing raw POST data will likely fail.
As @tmcdonald mentioned, Selenium or WebInject are more consistent/appropriate options for this. Refer to his post for handy documents.
As @tmcdonald mentioned, Selenium or WebInject are more consistent/appropriate options for this. Refer to his post for handy documents.
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
Re: syntax for check_http
Seems like webinject would be the better candidate. Do you have a quick FAQ for setting this up?