Hello Nagios XI
Ability of checking for web transactions is very important to us. When following standard WebInject documentation and samples, provided for your plugin, we re can't make most of the things work.
What to do next? Is there other tools to use with Nagios? Other plugins to use with Nagios?
Thank you
When WebInject does not work or not enough?
Re: When WebInject does not work or not enough?
Asking "what to do next" is like asking a car dealer what to do once you've purchased a car. You can do whatever you want that the tool is programmed to do.
Eric Loyd • http://everwatch.global • 844.240.EVER • @EricLoyd
I'm a Nagios Fanatic! • Join our public Nagios Discord Server!
Re: When WebInject does not work or not enough?
This is not helping: we cannot get webinject to work for our portals. (this make the entire XI solution unnecessary)eloyd wrote:Asking "what to do next" is like asking a car dealer what to do once you've purchased a car. You can do whatever you want that the tool is programmed to do.
Re: When WebInject does not work or not enough?
Nagios is a framework with plugins that provide most of the check logic. There are literally thousands of plugins on the Nagios Exchange (https://exchange.nagios.org/). You will need to be more specific about what you want to do with Nagios before anyone will be able to help you with specific advice on how to accomplish it.
For instance, you have opened three tickets about trying to get information from an authenticated web page. Did you look through webinject documentation and are you saying that it will not do what you want? Unfortunately, if you need Nagios to enter data into a form field on your web page in order to get past security and/or enter data that needs to be validated, you will likely not be able to do it. Nagios is a monitoring tool, not a QA/testing tool. The only way you will be able to do this sort of thing is if you can create a URL with GET paramaters in it (or write a custom plugin using curl and POST data) that contains the form data that gets passed to the authentication page.
Another option is to provide a secret, perhaps HTTP Authenticated web page that bypasses your SSO so that your monitoring system can verify functionality without having to log in. Perhaps protect it so that only the IP address of your Nagios server can access the page.
There are options, we just need to know what you are trying to do to help you figure them out.
For instance, you have opened three tickets about trying to get information from an authenticated web page. Did you look through webinject documentation and are you saying that it will not do what you want? Unfortunately, if you need Nagios to enter data into a form field on your web page in order to get past security and/or enter data that needs to be validated, you will likely not be able to do it. Nagios is a monitoring tool, not a QA/testing tool. The only way you will be able to do this sort of thing is if you can create a URL with GET paramaters in it (or write a custom plugin using curl and POST data) that contains the form data that gets passed to the authentication page.
Another option is to provide a secret, perhaps HTTP Authenticated web page that bypasses your SSO so that your monitoring system can verify functionality without having to log in. Perhaps protect it so that only the IP address of your Nagios server can access the page.
There are options, we just need to know what you are trying to do to help you figure them out.
Eric Loyd • http://everwatch.global • 844.240.EVER • @EricLoyd
I'm a Nagios Fanatic! • Join our public Nagios Discord Server!
Re: When WebInject does not work or not enough?
Thank you (wish I could talk to someone from you team)eloyd wrote:Nagios is a framework with plugins that provide most of the check logic. There are literally thousands of plugins on the Nagios Exchange (https://exchange.nagios.org/). You will need to be more specific about what you want to do with Nagios before anyone will be able to help you with specific advice on how to accomplish it.
For instance, you have opened three tickets about trying to get information from an authenticated web page. Did you look through webinject documentation and are you saying that it will not do what you want? Unfortunately, if you need Nagios to enter data into a form field on your web page in order to get past security and/or enter data that needs to be validated, you will likely not be able to do it. Nagios is a monitoring tool, not a QA/testing tool. The only way you will be able to do this sort of thing is if you can create a URL with GET paramaters in it (or write a custom plugin using curl and POST data) that contains the form data that gets passed to the authentication page.
Another option is to provide a secret, perhaps HTTP Authenticated web page that bypasses your SSO so that your monitoring system can verify functionality without having to log in. Perhaps protect it so that only the IP address of your Nagios server can access the page.
There are options, we just need to know what you are trying to do to help you figure them out.
We've got Dozens of internal portals (All different) I was told to create web-transaction monitoring for (1) before-login-check / (2) login-check (3) after-login-check (4) other-operations-after-login-check and so on
- SSO no going to work with XI (from your answer)
- functionality w/o authentication (an issue is that we have to monitor "real user experience" from different angles. So this would be "yes" for functionality, but "no" for realtime monitoring of the working portals we need.
Many tickets opened: because I do not entirely understand what could or could not be done (or how). 2 traning taken with Mike Weber did not not really concentrate on WebInject or similar solutions.
Re: When WebInject does not work or not enough?
I recall seeing that you were using NTLM authentication on your pages that you're trying to check, is this the case for all of them? Can you post the output of a curl <page> -v? (replace <page> with the page you're looking to check)dlukinski wrote:Hello Nagios XI
Ability of checking for web transactions is very important to us. When following standard WebInject documentation and samples, provided for your plugin, we re can't make most of the things work.
What to do next? Is there other tools to use with Nagios? Other plugins to use with Nagios?
Thank you
This plugin might work for NTLM, but there really isn't much documentation provided with it.
https://exchange.nagios.org/directory/P ... LM/details
Former Nagios Employee
Re: When WebInject does not work or not enough?
Here is curl result for one of the pages:rkennedy wrote:I recall seeing that you were using NTLM authentication on your pages that you're trying to check, is this the case for all of them? Can you post the output of a curl <page> -v? (replace <page> with the page you're looking to check)dlukinski wrote:Hello Nagios XI
Ability of checking for web transactions is very important to us. When following standard WebInject documentation and samples, provided for your plugin, we re can't make most of the things work.
What to do next? Is there other tools to use with Nagios? Other plugins to use with Nagios?
Thank you
This plugin might work for NTLM, but there really isn't much documentation provided with it.
https://exchange.nagios.org/directory/P ... LM/details
[root@cakc-nagxitest01 ~]# curl http://siebel.konecranes.com -v
* About to connect() to siebel.konecranes.com port 80 (#0)
* Trying 10.102.34.120... connected
* Connected to siebel.konecranes.com (10.102.34.120) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.16.2.3 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: siebel.konecranes.com
> Accept: */*
>
< HTTP/1.1 200 OK
< Cache-Control: max-age=86400
< Content-Type: text/html
< Last-Modified: Sun, 14 Sep 2014 11:57:44 GMT
< Accept-Ranges: bytes
< ETag: "661201813d0cf1:0"
< Server: Microsoft-IIS/7.5
< X-Powered-By: ASP.NET
< Date: Tue, 26 Apr 2016 14:24:50 GMT
< Content-Length: 611
<
<!DOCTYPE HTML>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<meta http-equiv="refresh" content="1;url=http://example.com">
<script type="text/javascript">
window.location.href = "http://siebel.konecranes.com/service_enu"
</script>
<title>Page Redirection</title>
</head>
<body>
<!-- Note: don't tell people to `click` the link, just tell them that it is a link. -->
If you are not redirected automatically, follow the <a href='http://sieb el-qa.konecranes.com/service_enu'>link to example</a>
</body>
* Connection #0 to host siebel.konecranes.com left intact
* Closing connection #0
[root@cakc-nagxitest01 ~]#
--------------------------------
That plugin has a comment about it not working...
Re: When WebInject does not work or not enough?
curl from page redirect:
[root@cakc-nagxitest01 ~]# curl http://siebel.konecranes.com/service_enu -v
* About to connect() to siebel.konecranes.com port 80 (#0)
* Trying 10.102.34.120... connected
* Connected to siebel.konecranes.com (10.102.34.120) port 80 (#0)
> GET /service_enu HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.16.2.3 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: siebel.konecranes.com
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Content-Type: text/html
< Server: Microsoft-IIS/7.5
< WWW-Authenticate: Negotiate
< WWW-Authenticate: NTLM
< X-Powered-By: ASP.NET
< Date: Tue, 26 Apr 2016 14:27:36 GMT
< Content-Length: 1293
<
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
<h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
</fieldset></div>
</div>
</body>
</html>
* Connection #0 to host siebel.konecranes.com left intact
* Closing connection #0
[root@cakc-nagxitest01 ~]#
-----------------------------------------------------------------------------------------------------------------------------------
[root@cakc-nagxitest01 ~]# curl http://siebel.konecranes.com/service_enu -v
* About to connect() to siebel.konecranes.com port 80 (#0)
* Trying 10.102.34.120... connected
* Connected to siebel.konecranes.com (10.102.34.120) port 80 (#0)
> GET /service_enu HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.16.2.3 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: siebel.konecranes.com
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Content-Type: text/html
< Server: Microsoft-IIS/7.5
< WWW-Authenticate: Negotiate
< WWW-Authenticate: NTLM
< X-Powered-By: ASP.NET
< Date: Tue, 26 Apr 2016 14:27:36 GMT
< Content-Length: 1293
<
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
<style type="text/css">
<!--
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
fieldset{padding:0 15px 10px 15px;}
h1{font-size:2.4em;margin:0;color:#FFF;}
h2{font-size:1.7em;margin:0;color:#CC0000;}
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
background-color:#555555;}
#content{margin:0 0 0 2%;position:relative;}
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
-->
</style>
</head>
<body>
<div id="header"><h1>Server Error</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
<h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
</fieldset></div>
</div>
</body>
</html>
* Connection #0 to host siebel.konecranes.com left intact
* Closing connection #0
[root@cakc-nagxitest01 ~]#
-----------------------------------------------------------------------------------------------------------------------------------
Re: When WebInject does not work or not enough?
You'll need to try and use that plugin, or write your own with NTLM support. The plugin doesn't mention that it doesn't work, just that there is a lack of documentation.
The key to your redirected output is this line -
Normal webinject isn't going to work with that in mind.
Code: Select all
This version of webinject was modified to support NTLM authentification
Based on http://www.webinject.org/
- You can test your NTLM with test.pl
- Configure server-config.xml with your login and password
server.xml
Nagios
ntlm-website:80::DOMAINLogin:Password
10
20
nagios
- Configure server.xml for your test case.
- Launch ./webinject.pl -c server-config.xml
For more details, you can use ./webinject.pl.debug
Code: Select all
< WWW-Authenticate: NTLM
Former Nagios Employee
Re: When WebInject does not work or not enough?
This worked with NTLM-enabled Webinject and we were able to reproduce or results
Please close this case
Please close this case