Monitoring : HTTP URL Authentication monitoring with Shinken

Shinken is an excellent monitoring platform which scales considerably better than competing solutions like Nagios or Zabbix. HTTP Authentication monitoring can provide useful diagnostics to all sorts of the application or platform health. For example it is possible that your web page authenticates against a database server. If the authentication fails then the database server could be down. Rather than doing multiple checks you can streamline your monitoring by doing a single check that has multiple dependencies and thus get a better idea of what the actual health state of your application is.

In etc/hosts/<hostname>.cfg you should have the following

define host{
     use           http
     host_name     www.domain.com
     address       www.domain.com
 }

Where www.domain.com is the site that you want to monitor. Now by default that will only monitor port 80 with a simple HTTP check.. You can now add a URL and an Authentication user and password. Here is an example

define host{
     use           http
     host_name     www.domain.com
     address       www.domain.com
     _CHECK_HTTP_URI    /secure-site/
     _CHECK_HTTP_AUTH   username:password
 }

By adding the MACRO CHECK_HTTP_URL the check_http template will automatically start to monitor the new url /secure-site/ you can change that to whatever you want as long as it is a valid URL on the destination server. The secure-site section requires login to view the content. In this case we are logging in with the _CHECK_HTTPS_AUTH MACRO. The username is “username” and the password is “password”. Note that it is recommended that all secure credentials are passed over HTTPS. To change the above health check to HTTPS do the following.

define host{
     use           https
     host_name     www.domain.com
     address       www.domain.com
     _CHECK_HTTPS_URI    /secure-site/
     _CHECK_HTTPS_AUTH   username:password
 }

Some other MACRO’s that can be used to improve functionality or to change the port that the health check is conducted on.

_CHECK_HTTP_PORT

_CHECK_HTTP_DOMAIN_NAME

_CHECK_HTTP_URI

_CHECK_HTTPS_PORT

_CHECK_HTTPS_DOMAIN_NAME

_CHECK_HTTPS_URI

Each one should be very descriptive by their names.

NOTE: by default the check_http script uses SNI for HTTPS validation.

Tags: , , ,