We have a few websites that are behind a cloud-based WAF that we need to be able to monitor. The public facing IPs are constantly changing. It seems that any of the methods I have tried in Nagios XI always result in Nagios doing a DNS lookup and then putting in that IP in the config. Any way to just have it monitor the actual URL, which could resolve to a new IP at any moment?
Thank you!
Monitor a website with changing IP
Re: Monitor a website with changing IP
Thanks for reaching out @NMFSTeam,
You can do this with the "Website URL" wizard. The second step of the process will automatically fill in the IP address field, but you can remove this and the created service will default to using the hostname instead of the IP address.
The resulting URL Status check will look like this:
As opposed to something like this:
You can do this with the "Website URL" wizard. The second step of the process will automatically fill in the IP address field, but you can remove this and the created service will default to using the hostname instead of the IP address.
The resulting URL Status check will look like this:
Code: Select all
/usr/local/nagios/libexec/check_http -H example.com -f ok -u '/' -p 80
Code: Select all
/usr/local/nagios/libexec/check_http -H example.com -f ok -I 120.34.56.78 -u '/' -p 80
Re: Monitor a website with changing IP
Thank you, this looks very helpful. Would it also be possible to monitor the status of the SSL certificate for such a website?
-
gwesterman
- Posts: 257
- Joined: Wed Aug 23, 2023 11:29 am
Re: Monitor a website with changing IP
Hi @NMFSTeam,
There are a number of plugins on the Nagios Exchange that monitor the SSL certificate for websites. For example, this one and this one look well used and well reviewed. For setting up such plugins, you can follow this guide.
Hope this helps! Thank you!
There are a number of plugins on the Nagios Exchange that monitor the SSL certificate for websites. For example, this one and this one look well used and well reviewed. For setting up such plugins, you can follow this guide.
Hope this helps! Thank you!
Re: Monitor a website with changing IP
I see there is also a "Monitor a website" wizard in Nagios XI. I have tried to use that, also removing the IP address from the wizard, and it gives an SSL error when trying to monitor the SSL certificate.
And this is what displayed for the command:
Based on all of this, is this why you recommend going with one of those extensions from the Nagios Exchange website?
Thanks again.
Code: Select all
140467834537904:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769:
Code: Select all
check_xi_service_http_cert!30 -p 443
Thanks again.
-
gwesterman
- Posts: 257
- Joined: Wed Aug 23, 2023 11:29 am
Re: Monitor a website with changing IP
That option is actually used to monitor the website using SSL rather than monitor the website's SSL certificate. As of right now, there is no default, built-in check for an SSL certificate which is why I recommended setting up an external plugin.
Hopefully this clears that up.
Hopefully this clears that up.
-
gwesterman
- Posts: 257
- Joined: Wed Aug 23, 2023 11:29 am
Re: Monitor a website with changing IP
Adding to my previous response, there actually IS a built-in functionality for checking SSL certificates! The check_http plugin that ships with XI (in nagios/libexec/plugins) has the ability to check SSL certs. For example, running:
will return something like:
It is also an option to check in the website wizard! If the url you input begins with https://, there will be the option to monitor the SSL certificate.
So sorry for misleading you initially! I'm still learning!
Code: Select all
./check_http -H www.amazon.com -C 40Code: Select all
SSL OK - Certificate 'www.amazon.com' will expire in 336 days on 2024-11-11 17:59 -0600/CST.So sorry for misleading you initially! I'm still learning!