Page 1 of 1
Monitor a website with changing IP
Posted: Mon Nov 20, 2023 1:06 pm
by NMFSTeam
We have a few websites that are behind a cloud-based WAF that we need to be able to monitor. The public facing IPs are constantly changing. It seems that any of the methods I have tried in Nagios XI always result in Nagios doing a DNS lookup and then putting in that IP in the config. Any way to just have it monitor the actual URL, which could resolve to a new IP at any moment?
Thank you!
Re: Monitor a website with changing IP
Posted: Mon Nov 20, 2023 3:40 pm
by danderson
Thanks for reaching out
@NMFSTeam,
You can do this with the "Website URL" wizard. The second step of the process will automatically fill in the IP address field, but you can remove this and the created service will default to using the hostname instead of the IP address.
The resulting URL Status check will look like this:
Code: Select all
/usr/local/nagios/libexec/check_http -H example.com -f ok -u '/' -p 80
As opposed to something like this:
Code: Select all
/usr/local/nagios/libexec/check_http -H example.com -f ok -I 120.34.56.78 -u '/' -p 80
Re: Monitor a website with changing IP
Posted: Wed Nov 22, 2023 1:08 am
by NMFSTeam
Thank you, this looks very helpful. Would it also be possible to monitor the status of the SSL certificate for such a website?
Re: Monitor a website with changing IP
Posted: Wed Nov 22, 2023 10:11 am
by gwesterman
Hi @NMFSTeam,
There are a number of plugins on the
Nagios Exchange that monitor the SSL certificate for websites. For example,
this one and
this one look well used and well reviewed. For setting up such plugins, you can follow
this guide.
Hope this helps! Thank you!
Re: Monitor a website with changing IP
Posted: Wed Nov 22, 2023 2:06 pm
by NMFSTeam
I see there is also a "Monitor a website" wizard in Nagios XI. I have tried to use that, also removing the IP address from the wizard, and it gives an SSL error when trying to monitor the SSL certificate.
Code: Select all
140467834537904:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769:
And this is what displayed for the command:
Code: Select all
check_xi_service_http_cert!30 -p 443
Based on all of this, is this why you recommend going with one of those extensions from the Nagios Exchange website?
Thanks again.
Re: Monitor a website with changing IP
Posted: Wed Nov 22, 2023 2:47 pm
by gwesterman
That option is actually used to monitor the website using SSL rather than monitor the website's SSL certificate. As of right now, there is no default, built-in check for an SSL certificate which is why I recommended setting up an external plugin.
Hopefully this clears that up.
Re: Monitor a website with changing IP
Posted: Mon Dec 11, 2023 1:07 pm
by gwesterman
Adding to my previous response, there actually IS a built-in functionality for checking SSL certificates! The check_http plugin that ships with XI (in nagios/libexec/plugins) has the ability to check SSL certs. For example, running:
Code: Select all
./check_http -H www.amazon.com -C 40
will return something like:
Code: Select all
SSL OK - Certificate 'www.amazon.com' will expire in 336 days on 2024-11-11 17:59 -0600/CST.
It is also an option to check in the website wizard! If the url you input begins with https://, there will be the option to monitor the SSL certificate.
So sorry for misleading you initially! I'm still learning!