Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

MOnitoring OKTA URLS

https://support.nagios.com/forum/viewtopic.php?t=50600

Page 1 of 1

MOnitoring OKTA URLS

Posted: Wed Oct 10, 2018 11:26 am
by matson-itops
Currently we have basic url checks for our java applications like so
http://xxx.xxx.xxx.xxx:8080/app or http://xxx.xxx.xxx.xxx:8080/healthcheck

We are able to monitor each JVM directly, so that if any app behind the load balancer is down
We know immediately. We also monitor the load balanced url.

HOWEVER
Once we have integrated the app with OKTA, we get redirected back okta like so
http://xxx.xxx.xxxx.xxx:800/app  okta server (authentication)  load balanced url.

We need a way to monitor a specific instance of an okta integrated app.
I’m sure this is a well know and well solved problem, but I have not come across anything.

Please advise.

Re: MOnitoring OKTA URLS

Posted: Wed Oct 10, 2018 2:12 pm
by cdienger
The check_http plugin can use the -f option to dictate how redirects are handled:

-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>

https://nagios-plugins.org/doc/man/check_http.html

Does this help?

Re: MOnitoring OKTA URLS

Posted: Thu Oct 11, 2018 12:52 pm
by matson-itops
moving in right direction but not quite.
i tried the options below with check_http

I would like it to follow the redirect to okta login page, and then login but also stick to the IP

-f sticky -a username:password -I xxx.xxx.xxx.xxx -u '/myApp/' -p 8080

Re: MOnitoring OKTA URLS

Posted: Thu Oct 11, 2018 5:01 pm
by ssax
Does OKTA use basic authentication? Like it pops up a box that asks for username/password that isn't form based?

If it is form based, you may need to look at using the web transaction wizard, please read that section starting on page 6 of this guide:

https://assets.nagios.com/downloads/nag ... ios-XI.pdf
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited