Better monitoring for websites and certificates

Tick It Off

Checking for Strings

The general expectation of check_httpv2 is that it behaves like a browser. After all, the aim is to check whether regular users (carbon-based forms of life) can actually visit the page. Even if this is the case, the content could still be missing (e.g., because of a defective CMS in the background).

The HTTP check can be used to check whether certain content appears in the header or body; both have options for fixed strings or regular expressions. This example ensures that either checkmk or check_mk appears somewhere in the HTML body of a password-protected page:

./check_httpv2 --auth-user peter --auth-pw-plain spiderman --body-regex '(?m)check(_)?mk'

However, such checks can be used for more than just monitoring the proper functioning of a page. How about monitoring the company's internal bulletin board for terms that could be relevant to the IT department (e.g., an alert when the word "restructuring" appears)? This feature definitely shows off its capabilities!

Bonus: Performance Tests with hyperfine

Invoking the HTTP check not only provides all kinds of information about the remote host and a status code for evaluation in monitoring, but also the response time, which, however, is not particularly meaningful for a single invocation, especially when load balancers, proxies, and the like do not always resolve to the same physical server.

The clever little tool hyperfine [5] is ideal for real performance tests, for example:

hyperfine --warmup 2 -r 20'./check_httpv2 --url https://checkmk.com'

In this case, hyperfine would first perform two warm-up runs that do not contribute to the result, which is sometimes helpful for caches. The HTTP check is then run 20 times; finally, a small report is output (Listing 2).

Listing 2

Output from hyperfine

Time (mean ± sigma):       124.6 ms ±     9.8 ms      [User: 4.9 ms, System: 10.9 ms]
Range (min ... max):   108.3 ms ... 139.9 ms      20 runs

Summary and Outlook

Even in its first version, the new HTTP check can handle most situations (Table 1) and, together with the certificate check (Table 2), can check the availability, performance, and integrity of websites, solo or in Nagios-compatible platforms.

Table 1

check_httpv2 Features

Implemented in Checkmk, usable standalone
Monitoring multiple endpoints with one rule
Checking for strings in body and header
Authentication by token or user
Enforcing specific HTTP and TLS versions
Connection by proxy server
Explicit handling of redirects
Basic checking of certificate validity

Table 2

check_cert Features

Monitoring multiple endpoints with one rule
Validity of certificates
Remaining/maximum validity time
Checking values of the used crypto suites
Checking for issuer, subject, name, etc.

In Checkmk, command-line options are mapped almost 1:1 to configuration options in the GUI, but additional functions enable the monitoring of many pages, a few simplifications, and contextual help. Of course, various kinds of graphs nicely present various performance data (e.g., response time, time to fetch a header or content).

What's next for check_httpv2 and check_cert? Many ideas for extended functions and further performance data is on the wish list, but specifically, certificates behind proxies are on the agenda for now. Do you have your own ideas for features? You can submit and upvote feature requests on the Checkmk Idea Portal [6].

The Author

Marcel Arentz has been working in IT monitoring for more than 10 years and is currently responsible for product development at Checkmk. With a background as a system administrator and IT consultant, he brings deep hands-on experience and a strong understanding of the real-world challenges faced in IT operations. Having joined Checkmk after using it to modernize a legacy monitoring setup, Marcel played a key role in building the product management team and continues to shape the future of Checkmk with a focus on user needs and technical excellence.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Secure status and event monitoring of tier 0 systems
    We show you how monitoring your sensitive IT systems can be a more secure experience.
  • Monitor applications end to end
    Your web server is running perfectly according to Nagios, but is it delivering the intended user experience? End-to-end monitoring lets you know whether your application is performing as expected.
  • Nagios on a Rasp Pi 3 with NEMS
    We show you how to install and use the NEMS distribution of Nagios network monitoring on a Raspberry Pi.
  • Understanding Autodiscovery

    A lack of information about your infrastructure can result in faulty system configuration and other difficulties. Automatic discovery of all hosts and services would seem to be the best solution – but can it also prove itself in practice?

  • Versatile network and system monitoring
    The LibreNMS open source monitoring environment, unlike its predecessor Observium, comes through the back door at no cost, with auto-discovery, alerting, the ability to scale even in very large environments with many devices, and flexible dashboards and widgets for special views.
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs



Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>
	</a>

<hr>		    
			</div>
		    		</div>

		<div class=