Website monitoring

[kalyanpabolu]

Hello Team,

We are trying to monitor Nagios XI URL of one server from other Nagios XI server. We used Website monitoring Wizard. While monitoring the URL content, we are getting error as below:

HTTP CRITICAL: HTTP/1.1 200 OK - string 'Logout' not found on 'http://10.44.3.8:80/nagiosxi/login.php' - 26118 bytes in 0.716 second response time

As we know, Logout option is there once you login to Nagios XI GUI. Still its giving this error.

Could you please help us here?

[ssax]

There shouldn't be any Logout string on the XI login page (the URL you are using). Try changing the string you're using to use Login instead of Logout:

Make sure you have -f follow set on it as well.

Code: Select all

/usr/local/nagios/libexec/check_http -H 10.44.3.8 -s 'Login' -f follow -I 10.44.3.8 -u '/nagiosxi/login.php' -p 80

[kalyanpabolu]

Hello,

Thanks for your reply!!

I want to monitor if I am able to login to Nagios GUI.
What URL shall I use? Once you login to it, you can see the Logout option right? I want to monitor that.

Please suggest!!

[benjaminsmith]

Hi,

One suggestion would be to use the Website Transaction Wizard to run that type of check, the wizard is covered in the following guide.

Monitoring Websites With Nagios XI

A sample test case for Nagios XI would look like:

Code: Select all

<case
    id="1"
    url="http://<ip address>/nagiosxi/login.php"
postbody="username=nagiosadmin&password=welcome"
/>

Let me know if that works for you or not.

Ben

[kalyanpabolu]

Hello,

I am checking that document.
But, it would be great if we are able to achieve the same using Website Wizard.

Could you please help me with that?
I want to monitor if I am able to login to Nagios GUI.
What URL shall I use? Once you login to it, you can see the Logout option right? I want to monitor that.

[benjaminsmith]

Hi,

I am checking that document.
But, it would be great if we are able to achieve the same using Website Wizard.

The website wizard mainly uses the check_http plugin. The wizard doesn't currently provide this feature. However, you can set up another check_http service for the host in the CCM. Check_http has an option to pass basic authentication using the -a option. Otherwise, the Web Transaction wizard is another option here.

-a, --authorization=AUTH_PAIR
Username:password on sites with basic authentication

Try running the following command:

Code: Select all

/usr/local/nagios/libexec/check_http -H 192.168.23.112 -f follow -I 192.168.23.112 -u '/nagiosxi/login.php' -a 'nagiosadmin:welcome' -p 80

If it fails you can add the -v flag for detailed output.

Best Regards,
Benjamin

[kalyanpabolu]

Hello,

The command provided by you is giving correct output:
[root@HO1-NAGIOSXI libexec]# /usr/local/nagios/libexec/check_http -H 10.44.3.8 -f follow -I 10.44.3.8 -u '/nagiosxi/login.php' -a 'nagiosadmin:[email protected]' -p 80
HTTP OK: HTTP/1.1 200 OK - 26118 bytes in 0.671 second response time |time=0.670989s;;;0.000000 size=26118B;;;0
[root@HO1-NAGIOSXI libexec]#

But, we are not using any string in above command.
We wanted to check "Logout" string.

[root@HO1-NAGIOSXI libexec]# /usr/local/nagios/libexec/check_http -H 10.44.3.8 -s "Logout" -f follow -I 10.44.3.8 -u '/nagiosxi/login.php' -a 'nagiosadmin:[email protected]' -p 80
HTTP CRITICAL: HTTP/1.1 200 OK - string 'Logout' not found on 'http://10.44.3.8:80/nagiosxi/login.php' - 26118 bytes in 0.652 second response time |time=0.652177s;;;0.000000 size=26118B;;;0
[root@HO1-NAGIOSXI libexec]#

[benjaminsmith]

Hi @kalyanpabolu,

I believe I spoke too soon in my last reply since Nagios XI does not use basic authentication ( PHP sessions) to handle logins as used by check_http. The simplest workaround here is to use the initial suggestion of checking the status of the login page.

Code: Select all

/usr/local/nagios/libexec/check_http -H 10.44.3.8 -s 'Login' -f follow -I 10.44.3.8 -u '/nagiosxi/login.php' -p 80

Benjamin

Reference:
How to login into http website and check the pages

[kalyanpabolu]

Hello,

As suggested by you in previous posts, I have installed Website Transaction Wizard and tried to configure monitoring using the same.

I am getting some error message. I am attaching screenshot for your reference.

Also, below is the test case that I have written, could you please help me to write the same so that we can achieve proper monitoring?

[root@HO1-NAGIOSXI webinject]# cat 10_44_3_8__Web_Transaction_testdata.xml
<testcases repeat="1">

<case
id="1"
url="http://10.44.3.8/nagiosxi/index.php"
/>

<case
id="2"
method="post"
url="http://10.44.3.8/nagiosxi/index.php"
postbody="username=nagiosadmin&password=**********&task=search&searchword=Logout"
verifypositive="Logout"

</testcases>
[root@HO1-NAGIOSXI webinject]#



[root@HO1-NAGIOSXI webinject]# cat 10_44_3_8__Web_Transaction_config.xml
<testcasefile>10_44_3_8__Web_Transaction_testdata.xml</testcasefile>
<useragent>WebInject Application Tester</useragent>
<timeout>10</timeout>
<globaltimeout>30</globaltimeout>
<reporttype>nagios</reporttype>[root@HO1-NAGIOSXI webinject]#

[benjaminsmith]

Hi,

So the default version of Webinject ( used be the Web Transaction Wizard) does not support redirects which will be required for this usage.

The following script will upgrade Web inject and set up a few sample test cases that meet your requirements. If you running a VM, I highly recommend taking a snapshot before making any changes.

Code: Select all

rm -rf /usr/local/nagiosxi/etc/components/webinject/webinject.pl
cat << \EOF > /usr/local/nagiosxi/etc/components/webinject/webinject.pl
#!/usr/bin/env perl
#    Copyright 2010 Sven Nierlein ([email protected])
#    Copyright 2004-2006 Corey Goldberg ([email protected])
#
#    This file is part of WebInject.
#
#    WebInject is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 2 of the License, or
#    (at your option) any later version.
#
#    WebInject is distributed in the hope that it will be useful,
#    but without any warranty; without even the implied warranty of
#    merchantability or fitness for a particular purpose.  See the
#    GNU General Public License for more details.
# Ignore SSL Certificate Verification
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0;
use warnings;
use strict;
use Webinject;
my $webinject = Webinject->new();
my $rc = $webinject->engine();
exit $rc;
EOF
cat << \EOF > /usr/local/nagiosxi/etc/components/webinject/XI_Example__Web_Transaction_config.xml
<testcasefile>XI_Example__Web_Transaction_testdata.xml</testcasefile>
<useragent>WebInject Application Tester</useragent>
<timeout>10</timeout>
<globaltimeout>30</globaltimeout>
<max_redirect>5</max_redirect>
EOF
cat << \EOF > /usr/local/nagiosxi/etc/components/webinject/XI_Example__Web_Transaction_testdata.xml
<testcases repeat="1">
<case
id="1"
url="https://192.168.232.21/nagiosxi/"
verifyresponsecode="200"
verifypositive="Username"
verifypositive2="Password"
errormessage="Cannot display the login page."
parseresponse='nsp" value="|"|escape'
logrequest="no"
logresponse="no"
/>
<case
id="2"
method="post"
url="https://192.168.232.21/nagiosxi/login.php"
posttype="application/x-www-form-urlencoded"
postbody="nsp={PARSEDRESULT}&username=nagiosadmin&password=welcome&loginButton&page=auth&pageopt=login"
verifypositive="Home Dashboard"
verifynegative="Invalid"
errormessage="Login failed."
logrequest="no"
logresponse="no"
/>
</testcases>
EOF
chown apache.nagios /usr/local/nagiosxi/etc/components/webinject/*
chmod 644 /usr/local/nagiosxi/etc/components/webinject/*.xml
chmod 755 /usr/local/nagiosxi/etc/components/webinject/webinject.pl
cpan -i Webinject
cd /usr/local/nagiosxi/etc/components/webinject/
./webinject.pl -c /usr/local/nagiosxi/etc/components/webinject/XI_Example__Web_Transaction_config.xml