Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Nagios checking Exchange URL (login required)

https://support.nagios.com/forum/viewtopic.php?t=51813

Page 1 of 1

Nagios checking Exchange URL (login required)

Posted: Wed Jan 02, 2019 9:33 am
by RyanMule
Hello All,

I have somewhat of an odd request. To begin we are running Nagios XI 5.5.7 and NSClient++ 5.3.

On our Exchange frontend servers I need to monitor this address https://SERVER/ews/exchange.asmx/wssecurity. Browsing to this address prompts for a login and brings you to a XML page. When that happens all is working. If the XWL page does not load I need to restart the MSExchangeServicesAppPool.

So I need a script/plugin that points to that address, inputs logins info and check XML page.

I apologize for the odd request but any help on talking this will be greatly appreciated.

Thank you
Ryan

Re: Nagios checking Exchange URL (login required)

Posted: Wed Jan 02, 2019 9:45 am
by mcapra
RyanMule wrote:this address prompts for a login
A very important question; How is it prompting for a login? Is it using basic authentication? Some sort of form based authentication?

The check_http plugin supports basic authentication via the -a argument:

Code: Select all

     -a, --authorization=AUTH_PAIR
        Username:password on sites with basic authentication
In terms of answering the "did the XML page generate" question, hoo boy there's a lot of options starting with checking response codes (200, 400, 503, etc)

Code: Select all

     -e, --expect=STRING
        Comma-delimited list of strings, at least one of them is expected in
        the first (status) line of the server response (default: HTTP/1.)
        If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)
Checking response headers (Content-Type, XSS, etc):

Code: Select all

     -d, --header-string=STRING
        String to expect in the response headers
Checking body contents (specific XML key/value pairs maybe?):

Code: Select all

     -s, --string=STRING
        String to expect in the content

...

     -l, --linespan
        Allow regex to span newlines (must precede -r or -R)
     -r, --regex, --ereg=STRING
        Search page for regex STRING
     -R, --eregi=STRING
        Search page for case-insensitive regex STRING
     --invert-regex
        Return CRITICAL if found, OK if not
Really depends on the specific site, but check_http can cover an awful lot of ground by itself assuming basic auth is the authentication mechanism.

If you're having to navigate forms-based authentication, I'd recommend the following documentation (specifically the bit about the "web transaction" wizard):
https://assets.nagios.com/downloads/nag ... ios-XI.pdf
RyanMule wrote: I apologize for the odd request
Doesn't strike me as odd :) Login checks are super handy for multiple reasons.

Re: Nagios checking Exchange URL (login required)

Posted: Wed Jan 02, 2019 10:32 am
by RyanMule
Hello Mcapra,

Thank you for the quick response!
Yes... I missed that key part... It is form based authentication, so it does complicate it a bit.

I am not looking for anything specific in the XML document just as long as is generated.

This is all great information! I have some work to do and I will provide an update asap

Thank you!

mcapra wrote:
RyanMule wrote:this address prompts for a login
A very important question; How is it prompting for a login? Is it using basic authentication? Some sort of form based authentication?

The check_http plugin supports basic authentication via the -a argument:

Code: Select all

     -a, --authorization=AUTH_PAIR
        Username:password on sites with basic authentication
In terms of answering the "did the XML page generate" question, hoo boy there's a lot of options starting with checking response codes (200, 400, 503, etc)

Code: Select all

     -e, --expect=STRING
        Comma-delimited list of strings, at least one of them is expected in
        the first (status) line of the server response (default: HTTP/1.)
        If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)
Checking response headers (Content-Type, XSS, etc):

Code: Select all

     -d, --header-string=STRING
        String to expect in the response headers
Checking body contents (specific XML key/value pairs maybe?):

Code: Select all

     -s, --string=STRING
        String to expect in the content

...

     -l, --linespan
        Allow regex to span newlines (must precede -r or -R)
     -r, --regex, --ereg=STRING
        Search page for regex STRING
     -R, --eregi=STRING
        Search page for case-insensitive regex STRING
     --invert-regex
        Return CRITICAL if found, OK if not
Really depends on the specific site, but check_http can cover an awful lot of ground by itself assuming basic auth is the authentication mechanism.

If you're having to navigate forms-based authentication, I'd recommend the following documentation (specifically the bit about the "web transaction" wizard):
https://assets.nagios.com/downloads/nag ... ios-XI.pdf
RyanMule wrote: I apologize for the odd request
Doesn't strike me as odd :) Login checks are super handy for multiple reasons.

Re: Nagios checking Exchange URL (login required)

Posted: Wed Jan 02, 2019 12:27 pm
by ssax
If it is using form based authentication you will need to use the check_http -P option:

Code: Select all

 -P, --post=STRING
    URL encoded http POST data
You will need to URL encode the data:

https://www.urlencoder.org/

You will need to work with your application developers to determine what POST data you need to submit such as username/pass/etc.

Something like this may work:

Code: Select all

/usr/local/nagios/libexec/check_http -H SERVER -f follow -u '/ews/exchange.asmx/wssecurity' --method=POST -P 'username=USER&password=PASS&loginButton=' -s 'TEXT TO SEARCH FOR' -S -p 443 --sni

Re: Nagios checking Exchange URL (login required)

Posted: Thu Jan 03, 2019 5:37 am
by optionstechnology
FYI: I came across a very similar issue and resolved by monitoring the IIS AppPool itself with check_iis -

https://exchange.nagios.org/directory/P ... ol/details

Re: Nagios checking Exchange URL (login required)

Posted: Thu Jan 03, 2019 5:08 pm
by cdienger
Glad to hear you found another plugin that seems to work. Are we good to lock this one up?

Re: Nagios checking Exchange URL (login required)

Posted: Fri Jan 04, 2019 3:58 pm
by RyanMule
Thank you ssax!

I will look into this option as well.
ssax wrote:If it is using form based authentication you will need to use the check_http -P option:

Code: Select all

 -P, --post=STRING
    URL encoded http POST data
You will need to URL encode the data:

https://www.urlencoder.org/

You will need to work with your application developers to determine what POST data you need to submit such as username/pass/etc.

Something like this may work:

Code: Select all

/usr/local/nagios/libexec/check_http -H SERVER -f follow -u '/ews/exchange.asmx/wssecurity' --method=POST -P 'username=USER&password=PASS&loginButton=' -s 'TEXT TO SEARCH FOR' -S -p 443 --sni

Re: Nagios checking Exchange URL (login required)

Posted: Fri Jan 04, 2019 3:59 pm
by RyanMule
Yes, this can be locked for now.
cdienger wrote:Glad to hear you found another plugin that seems to work. Are we good to lock this one up?

Re: Nagios checking Exchange URL (login required)

Posted: Fri Jan 04, 2019 3:59 pm
by scottwilkerson
RyanMule wrote:Yes, this can be locked for now.
cdienger wrote:Glad to hear you found another plugin that seems to work. Are we good to lock this one up?
Locking
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited