Re: [Nagios-users] Using nagios check_http for webbasedauthentication
You may also try http://www.webinject.org/plugin.html Regards, Naren -Original Message- From: Marc Powell [mailto:m...@ena.com] Sent: Thursday, January 22, 2009 8:46 PM To: nagios-users@lists.sourceforge.net Subject: Re: [Nagios-users] Using nagios check_http for webbasedauthentication On Jan 22, 2009, at 7:55 AM, Venugopal S wrote: > > Hi Marc, > > Thanks for the reply. I am even now vague about how to proceed. > > Let me tell you the need : > > I have to open http://ww12.1800flowers.com/signin.do and enter my > email(svenugop...@gmail.com) and password("podhum") in order to login. Looking at the source of the page, the sign-in form has the following pertinent fields -- The field names that would be passed as the POST are 'email' and 'password'. Now, I don't know what command{} definitions you have for check_http or how they're configured so I'll show you how to create a new one very specific to this test -- define command { command_namecheck_flowers_login command_line$USER1$/check_http -I $HOSTADDRESS$ -H ww12.1800flowers.com -u /signin.do -P "email=svenugop...@gmail.com&password=podhum" } Set that as the check_command for a service associated with the host and nagios will verify that the web server does not return an HTTP error after login. Note that if your server returns a standard 200 response indicating OK even if there is a login error (most likely), you'll want to identify a word or string of text that should appear in the page after successful login, but not for a failure, and look for that with the -s parameter -- define command { command_namecheck_flowers_login command_line$USER1$/check_http -I $HOSTADDRESS$ -H ww12.1800flowers.com -u /signin.do -P "email=svenugop...@gmail.com&password=podhum" -s "you are logged in" } > Though this looks like a lot of hand holding, I have no other go. My charge is 1 local specialty beer for all Hand Holding Help. -- Marc -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Using nagios check_http for webbasedauthentication
Venugopal S schrieb: > > > Hi Marc, > > > > * This is my command in commands.cfg : * > > > > / define command{ / > > / command_namecheck_http / > > / command_line$USER1$/check_http -I $HOSTADDRESS$ > / > > / } / > > > > I executed the following command : > > > > ./check_http -I 199.107.237.196 -H ww12.1800flowers.com -u /signin.do > -p 80 -P "email= svenugop...@gmail.com&password=podhum" -s "welcome venu" > > > > and it threw > > > > HTTP CRITICAL - string not found|time=0.080070s;;;0.00 size=38300B;;;0 > > > > Any idea why ? Add -v to you test a analyze te response. There is no string "welcome venu" in the response. -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Using nagios check_http for webbasedauthentication
Hi Marc, This is my command in commands.cfg : define command{ command_namecheck_http command_line$USER1$/check_http -I $HOSTADDRESS$ } I executed the following command : ./check_http -I 199.107.237.196 -H ww12.1800flowers.com -u /signin.do -p 80 -P "email=svenugop...@gmail.com&password=podhum" -s "welcome venu" and it threw HTTP CRITICAL - string not found|time=0.080070s;;;0.00 size=38300B;;;0 Any idea why ? FYI : the password has been changed and now is not "podhum". Thanks Venu -Original Message- From: Marc Powell [mailto:m...@ena.com] Sent: Thursday, January 22, 2009 8:46 PM To: nagios-users@lists.sourceforge.net Subject: Re: [Nagios-users] Using nagios check_http for webbasedauthentication On Jan 22, 2009, at 7:55 AM, Venugopal S wrote: > > Hi Marc, > > Thanks for the reply. I am even now vague about how to proceed. > > Let me tell you the need : > > I have to open http://ww12.1800flowers.com/signin.do and enter my > email(svenugop...@gmail.com) and password("podhum") in order to login. Looking at the source of the page, the sign-in form has the following pertinent fields -- The field names that would be passed as the POST are 'email' and 'password'. Now, I don't know what command{} definitions you have for check_http or how they're configured so I'll show you how to create a new one very specific to this test -- define command { command_name check_flowers_login command_line $USER1$/check_http -I $HOSTADDRESS$ -H ww12.1800flowers.com -u /signin.do -P "email=svenugop...@gmail.com&password=podhum" } Set that as the check_command for a service associated with the host and nagios will verify that the web server does not return an HTTP error after login. Note that if your server returns a standard 200 response indicating OK even if there is a login error (most likely), you'll want to identify a word or string of text that should appear in the page after successful login, but not for a failure, and look for that with the -s parameter -- define command { command_name check_flowers_login command_line $USER1$/check_http -I $HOSTADDRESS$ -H ww12.1800flowers.com -u /signin.do -P "email=svenugop...@gmail.com&password=podhum" -s "you are logged in" } > Though this looks like a lot of hand holding, I have no other go. My charge is 1 local specialty beer for all Hand Holding Help. -- Marc -- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null This email message and its attachments may contain CONFIDENTIAL AND PRIVILEGED INFORMATION intended for the sole use of the addressee(s). If you have received it in error, please contact the sender by return email, notify your system manager and destroy the original message and any copies thereof. Any review, use, disclosure or distribution is unlawful. Please check this email and any attachments for the presence of viruses. The Company accepts no liability for any damage caused by any virus transmitted by this email. The views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of the company. The Company reserves the right to monitor, review and store the content of all messages sent to or from this e-mail address. www.aztecsoft.com-- This SF.net email is sponsored by: SourcForge Community SourceForge wants to tell your story. http://p.sf.net/sfu/sf-spreadtheword___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Using nagios check_http for webbasedauthentication
Just like that.. Changed it now anyways :) That apart, please help me out folks as to how I have to go ahead with nagios .. -Original Message- From: Klaus Umbach [mailto:treibh...@sozial-inkompetent.de] Sent: Thursday, January 22, 2009 7:40 PM To: Venugopal S Cc: Marc Powell; nagios-users@lists.sourceforge.net Subject: Re: [Nagios-users] Using nagios check_http for webbasedauthentication On 22/01/09 19:25, Venugopal S wrote: > > Hi Marc, > > Thanks for the reply. I am even now vague about how to proceed. > > Let me tell you the need : > > I have to open http://ww12.1800flowers.com/signin.do and enter my > email(svenugop...@gmail.com) and password("podhum") in order to login. Why did you give us a valid user/password combination? :-) > > When I login using the above valid credentials it would take me to the > next page or otherwise throw an error. > > How do I compose the command line for check_http ? > > Though this looks like a lot of hand holding, I have no other go. > > Can you please help ? > > Venu > > -Original Message- > From: Marc Powell [mailto:m...@ena.com] > Sent: Thursday, January 22, 2009 7:15 PM > To: Nagios Users Mailinglist > Subject: Re: [Nagios-users] Using nagios check_http for web > basedauthentication > > > On Jan 22, 2009, at 5:50 AM, Venugopal S wrote: > > > Hi, > > > > Can I do a check on a particular website by supplying the username > > and password to nagios check_http commandline ? > > > > To be clear : > > > > Assume that I want to check whether login action happens properly on > > my website which is www.venu.com. And the login page name is > www.venu.com/signup.do > > . This form would take username and password and send a POST > > request to www.venu.com/autorize.do. How will i check this in nagios ? > > > > If it had been GET method, I would have done that. But in my case, > > it is POST method > > Since you're using forms based authentication, use the -P parameter to > check_http. > > $ ./check_http --help > > [chop] > > -P, --post=STRING > URL encoded http POST data > > > check_http -I -H www.venu.com -u /autorize.do -P > "usernamefield=username&passwordfield=password" > > If you need something more complex than that you might want to search > for past posts about use of perl's WWW::Mechanize or > Nagios::WebTransact to help create a custom plugin. > > Note for future readers, if the site uses standard htaccess > authentication then '-a username:password' if the format. > > -- > Marc > > > -- > This SF.net email is sponsored by: > SourcForge Community > SourceForge wants to tell your story. > http://p.sf.net/sfu/sf-spreadtheword > ___ > Nagios-users mailing list > Nagios-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > > This email message and its attachments may contain CONFIDENTIAL AND PRIVILEGED INFORMATION intended for the sole use of the addressee(s). If you have received it in error, please contact the sender by return email, notify your system manager and destroy the original message and any copies thereof. Any review, use, disclosure or distribution is unlawful. Please check this email and any attachments for the presence of viruses. The Company accepts no liability for any damage caused by any virus transmitted by this email. The views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of the company. > The Company reserves the right to monitor, review and store the content of all messages sent to or from this e-mail address. > > www.aztecsoft.com > > -- > This SF.net email is sponsored by: > SourcForge Community > SourceForge wants to tell your story. > http://p.sf.net/sfu/sf-spreadtheword > ___ > Nagios-users mailing list > Nagios-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -- BOFH excuse #184: loop found in loop in redundant loopback This email message and its attachments may contain CONFIDENTIAL AND PRIVILEGED INFORMATION intended for