Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Nagios monitoring port 443 (https)

Posted on 2009-04-07
5
Medium Priority
?
2,982 Views
Last Modified: 2012-05-06
I have an Ubuntu 8.04.2 machine that is currently running NagiosVersion 2.0b3, I want to be able to monitor port 443  (https)
0
Comment
Question by:xpandit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 14

Expert Comment

by:Deepak Kosaraju
ID: 24087290
Use plugins called
./check_http with as below by default plugin directory is /usr/local/nagios/plugins/

#./check_http -S -u https://server1.example.com
(or) 
./check_http -S -H server1.example.com -p 443

Open in new window

0
 

Author Comment

by:xpandit
ID: 24095057
When I ran the following on terminal /usr/local/nagios/libexec/check_http -S I get the following error check_http: Invalid option - SSL is not available. What can I do to rectify the error?

0
 
LVL 14

Expert Comment

by:Deepak Kosaraju
ID: 24098468
Following is the usage of the plugin
Examples:
 check_http -w 5 -c 10 -S -H www.verisign.com

 -S, --ssl
   Connect via SSL. Port defaults to 443

#check_http --help
check_http v2008 (nagios-plugins 1.4.12)
Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>
Copyright (c) 1999-2008 Nagios Plugin Development Team
	<nagiosplug-devel@lists.sourceforge.net>
 
This plugin tests the HTTP service on the specified host. It can test
normal (http) and secure (https) servers, follow redirects, search for
strings and regular expressions, check connection times, and report on
certificate expiration times.
 
 
Usage: check_http -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]
       [-w <warn time>] [-c <critical time>] [-t <timeout>] [-L]
       [-a auth] [-f <ok | warn | critcal | follow>] [-e <expect>]
       [-s string] [-l] [-r <regex> | -R <case-insensitive regex>] [-P string]
       [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>] [-A string]
       [-k string] [-S] [-C <age>] [-T <content-type>]
NOTE: One or both of -H and -I must be specified
 
Options:
 -h, --help
    Print detailed help screen
 -V, --version
    Print version information
 -H, --hostname=ADDRESS
    Host name argument for servers using host headers (virtual host)
    Append a port to include it in the header (eg: example.com:5000)
 -I, --IP-address=ADDRESS
    IP address or name (use numeric address if possible to bypass DNS lookup).
 -p, --port=INTEGER
 Port number (default: 80)
 -4, --use-ipv4
    Use IPv4 connection
 -6, --use-ipv6
    Use IPv6 connection
 -S, --ssl
   Connect via SSL. Port defaults to 443
 -C, --certificate=INTEGER
   Minimum number of days a certificate has to be valid. Port defaults to 443
   (when this option is used the url is not checked.)
 
 -e, --expect=STRING
    String to expect in first (status) line of server response (default: 
HTTP/1.)
    If specified skips all other status line logic (ex: 3xx, 4xx, 5xx processing)
 -s, --string=STRING
    String to expect in the content
 -u, --url=PATH
    URL to GET or POST (default: /)
 -P, --post=STRING
    URL encoded http POST data
 -N, --no-body
    Don't wait for document body: stop reading after headers.
    (Note that this still does an HTTP GET or POST, not a HEAD.)
 -M, --max-age=SECONDS
    Warn if document is more than SECONDS old. the number can also be of
    the form "10m" for minutes, "10h" for hours, or "10d" for days.
 -T, --content-type=STRING
    specify Content-Type header media type when POSTing
 
 -l, --linespan
    Allow regex to span newlines (must precede -r or -R)
 -r, --regex, --ereg=STRING
    Search page for regex STRING
 -R, --eregi=STRING
    Search page for case-insensitive regex STRING
 --invert-regex
    Return CRITICAL if found, OK if not
 
 -a, --authorization=AUTH_PAIR
    Username:password on sites with basic authentication
 -A, --useragent=STRING
    String to be sent in http header as "User Agent"
 -k, --header=STRING
     Any other tags to be sent in http header. Use multiple times for additional headers
 -L, --link
    Wrap output in HTML link (obsoleted by urlize)
 -f, --onredirect=<ok|warning|critical|follow>
    How to handle redirected pages
 -m, --pagesize=INTEGER<:INTEGER>
    Minimum page size required (bytes) : Maximum page size required (bytes)
 -w, --warning=DOUBLE
    Response time to result in warning status (seconds)
 -c, --critical=DOUBLE
    Response time to result in critical status (seconds)
 -t, --timeout=INTEGER
    Seconds before connection times out (default: 10)
 -v, --verbose
    Show details for command-line debugging (Nagios may truncate output)
 
Notes:
 This plugin will attempt to open an HTTP connection with the host.
 Successful connects return STATE_OK, refusals and timeouts return STATE_CRITICAL
 other errors return STATE_UNKNOWN.  Successful connects, but incorrect reponse
 messages from the host result in STATE_WARNING return values.  If you are
 checking a virtual server that uses 'host headers' you must supply the FQDN
 (fully qualified domain name) as the [host_name] argument.
 
 
 This plugin can also check whether an SSL enabled web server is able to
 serve content (optionally within a specified time) or whether the X509 
 certificate is still valid for the specified number of days.
 
Examples:
 CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com
 
 When the 'www.verisign.com' server returns its content within 5 seconds,
 a STATE_OK will be returned. When the server returns its content but exceeds
 the 5-second threshold, a STATE_WARNING will be returned. When an error occurs,
 a STATE_CRITICAL will be returned.
 
 CHECK CERTIFICATE: check_http -H www.verisign.com -C 14
 
 When the certificate of 'www.verisign.com' is valid for more than 14 days,
 a STATE_OK is returned. When the certificate is still valid, but for less than
 14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when
 the certificate is expired.
 
Send email to nagios-users@lists.sourceforge.net if you have questions
regarding use of this software. To submit patches or suggest improvements,
send email to nagiosplug-devel@lists.sourceforge.net

Open in new window

0
 
LVL 14

Accepted Solution

by:
Deepak Kosaraju earned 1200 total points
ID: 24098484
Make sure you have openssl package installed.
0

Featured Post

Certified OpenStack Administrator Course

We just refreshed our COA course based on the Newton exam.  With 14 labs, this course goes over the different OpenStack services that are part of the certification: Dashboard, Identity Service, Image Service, Networking, Compute, Object Storage, Block Storage, and Orchestration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Suggested Courses

664 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question