Nagios Support Forum

Hello:
We use Nagios XI 5.4.13 on RHEL 6.x. Having no issues with Nagios XI or server.
We monitor an externally-hosted website, HTTPS://<website name>/<page>/<to>/<monitor>
and the host decided to turn off port 80, which is now causing an error:
connect to address <website name> and port 80: Connection refused
HTTP CRITICAL - Unable to open TCP socket

I have deleted the monitoring checks for the website and page (Host and Service) in Nagios Xi and tried adding the check back in using the Website URL wizard. The URL contains HTTPS, URL Option is configured to use SSL with port 443, but the error still appears.

How can I get the Host check to not fail and correctly check on port 443?

Can you show us the actual command that you are currently using, run from the command line along with the output of it?

When I used the Website URL Wizard, I entered the following (the Wizard initially provides "http://" and I change it by adding an "s" - "https://):
https://<hostname FQDN>/<parent path>/<child path>/<sub-child path>/, so for example:
https://sitename.wisconsin.com/parent/e ... epartment/

The Wizard identifies the following (for example):
Host Name: sitename.wisconsin.com
Service Name Prefix: "_parent_employee_department_" (without the quotes)
IP Address: <-- the Wizard uses a DNS lookup and adds this correctly.

URL Options
I select "Use SSL: Monitor the URL using SSL/HTTPS."
Port: 443 <-- this is the default

URL Services
I select "URL Status"


I configure the monitoring settings, groups, etc. as needed.

Nagios identifies the following: Configure - Core Config Manager - Monitoring - Services
sitename.wisconsin.com/parent/employee/department/

Common Settings tab:
Config Name: sitename.wisconsin.com
Description: "_parent_employee_department_ URL Status" (without the quotes)
Check command: check_xi_service_http <---- I think this is the culprit of why the Host check fails.
Command view: $USER1$/check_http -H $HOSTADDRESS$ $ARG1$
$ARG1$: " -f ok -I <HOST_IP> -u "/parent/employee/department/" -S -p 443 -a "<user>:<pass>""

You didn't show us the actual command, run from the command line along with the output of it as requested.

Note: you can view the command by going to the CCM > Services > <your service> > Common Settings tab > Run Check Command.

Please hide sensitive info!

Just to rule out a firewall issue, run the following command and show the output:
Example:

Run check command:
/usr/local/nagios/libexec/check_http -H <FQDN Hostname> -f ok -I <Hostname IP> -u '/<parent_folder>/<child folder>/<sub-folder>/' -S -p 443
HTTP OK: HTTP/1.1 302 Moved Temporarily - 735 bytes in 0.056 second response time |time=0.055935s;;;0.000000 size=735B;;;0



NMAP command:
Starting Nmap 6.47 ( http://nmap.org ) at 2018-08-01 16:17 CDT
Nmap scan report for <FQDN Hostname> (<Hostname IP>)
Host is up (0.00028s latency).
PORT STATE SERVICE
443/tcp open https

Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds



Running NMAP and using port 80:
Host is up (0.00029s latency).
PORT STATE SERVICE
80/tcp closed http



The problem is that the Host is red (critical) but the service is green (ok). Service checks via port 443, the Host must be checked via port 80 (snapshot attached).

The external Host Admin shutoff port 80 on their server this morning, Wed. Aug. 1, 2018.

Oh, I see. In this case, you could change your host's check command. It currently uses check_http from a template. You can change that in the CCM. Go to CCM > Hosts > <your host>. Under the "Common Settings" tab, select "check_tcp" from the "Check command" drop-down menu, type 443 in the $ARG1$ field, click on Save and Apply Configuration.

Example: You know that port 443 is open, and you could use check_tcp to monitor it, and report OK when the check succeeds.

Let us know if this workaround worked for you.

Your solution worked perfectly!
Thank you!

The Wizard uses one check, but due to circumstances we needed to modify/change/update the check that the Wizard uses. Perhaps a Wizard modification selection change??

Thanks, again, for your assistance!

You may freeze this post.

Great!

Locking