Re: [Nagios-users] Using nagios check_http for webbasedauthentication
You may also try http://www.webinject.org/plugin.html
Regards,
Naren
-Original Message-
From: Marc Powell [mailto:m...@ena.com]
Sent: Thursday, January 22, 2009 8:46 PM
To: nagios-users@lists.sourceforge.net
Subject: Re: [Nagios-users] Using nagios check_http for
webbasedauthentication
On Jan 22, 2009, at 7:55 AM, Venugopal S wrote:
>
> Hi Marc,
>
> Thanks for the reply. I am even now vague about how to proceed.
>
> Let me tell you the need :
>
> I have to open http://ww12.1800flowers.com/signin.do and enter my
> email(svenugop...@gmail.com) and password("podhum") in order to login.
Looking at the source of the page, the sign-in form has the following
pertinent fields --
The field names that would be passed as the POST are 'email' and
'password'. Now, I don't know what command{} definitions you have for
check_http or how they're configured so I'll show you how to create a
new one very specific to this test --
define command {
command_namecheck_flowers_login
command_line$USER1$/check_http -I $HOSTADDRESS$ -H
ww12.1800flowers.com -u /signin.do -P
"email=svenugop...@gmail.com&password=podhum"
}
Set that as the check_command for a service associated with the host
and nagios will verify that the web server does not return an HTTP
error after login. Note that if your server returns a standard 200
response indicating OK even if there is a login error (most likely),
you'll want to identify a word or string of text that should appear in
the page after successful login, but not for a failure, and look for
that with the -s parameter --
define command {
command_namecheck_flowers_login
command_line$USER1$/check_http -I $HOSTADDRESS$ -H
ww12.1800flowers.com -u /signin.do -P
"email=svenugop...@gmail.com&password=podhum" -s "you are logged in"
}
> Though this looks like a lot of hand holding, I have no other go.
My charge is 1 local specialty beer for all Hand Holding Help.
--
Marc
--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when
reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Using nagios check_http for webbasedauthentication
Venugopal S schrieb:
>
>
> Hi Marc,
>
>
>
> * This is my command in commands.cfg : *
>
>
>
> / define command{ /
>
> / command_namecheck_http /
>
> / command_line$USER1$/check_http -I $HOSTADDRESS$
> /
>
> / } /
>
>
>
> I executed the following command :
>
>
>
> ./check_http -I 199.107.237.196 -H ww12.1800flowers.com -u /signin.do
> -p 80 -P "email= svenugop...@gmail.com&password=podhum" -s "welcome venu"
>
>
>
> and it threw
>
>
>
> HTTP CRITICAL - string not found|time=0.080070s;;;0.00 size=38300B;;;0
>
>
>
> Any idea why ?
Add -v to you test a analyze te response. There is no string "welcome venu" in
the response.
--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Using nagios check_http for webbasedauthentication
Hi Marc,
This is my command in commands.cfg :
define command{
command_namecheck_http
command_line$USER1$/check_http -I $HOSTADDRESS$
}
I executed the following command :
./check_http -I 199.107.237.196 -H ww12.1800flowers.com -u /signin.do
-p 80 -P "email=svenugop...@gmail.com&password=podhum" -s "welcome venu"
and it threw
HTTP CRITICAL - string not found|time=0.080070s;;;0.00
size=38300B;;;0
Any idea why ?
FYI : the password has been changed and now is not "podhum".
Thanks
Venu
-Original Message-
From: Marc Powell [mailto:m...@ena.com]
Sent: Thursday, January 22, 2009 8:46 PM
To: nagios-users@lists.sourceforge.net
Subject: Re: [Nagios-users] Using nagios check_http for
webbasedauthentication
On Jan 22, 2009, at 7:55 AM, Venugopal S wrote:
>
> Hi Marc,
>
> Thanks for the reply. I am even now vague about how to proceed.
>
> Let me tell you the need :
>
> I have to open http://ww12.1800flowers.com/signin.do and enter my
> email(svenugop...@gmail.com) and password("podhum") in order to login.
Looking at the source of the page, the sign-in form has the following
pertinent fields --
The field names that would be passed as the POST are 'email' and
'password'. Now, I don't know what command{} definitions you have for
check_http or how they're configured so I'll show you how to create a
new one very specific to this test --
define command {
command_name check_flowers_login
command_line $USER1$/check_http -I
$HOSTADDRESS$ -H
ww12.1800flowers.com -u /signin.do -P
"email=svenugop...@gmail.com&password=podhum"
}
Set that as the check_command for a service associated with the host
and nagios will verify that the web server does not return an HTTP
error after login. Note that if your server returns a standard 200
response indicating OK even if there is a login error (most likely),
you'll want to identify a word or string of text that should appear in
the page after successful login, but not for a failure, and look for
that with the -s parameter --
define command {
command_name check_flowers_login
command_line $USER1$/check_http -I
$HOSTADDRESS$ -H
ww12.1800flowers.com -u /signin.do -P
"email=svenugop...@gmail.com&password=podhum" -s "you are logged in"
}
> Though this looks like a lot of hand holding, I have no other go.
My charge is 1 local specialty beer for all Hand Holding Help.
--
Marc
--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when
reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
This email message and its attachments may contain CONFIDENTIAL AND PRIVILEGED
INFORMATION intended for the sole use of the addressee(s). If you have received
it in error, please contact the sender by return email, notify your system
manager and destroy the original message and any copies thereof. Any review,
use, disclosure or distribution is unlawful. Please check this email and any
attachments for the presence of viruses. The Company accepts no liability for
any damage caused by any virus transmitted by this email. The views or opinions
presented in this e-mail are solely those of the author and do not necessarily
represent those of the company.
The Company reserves the right to monitor, review and store the content of all
messages sent to or from this e-mail address.
www.aztecsoft.com--
This SF.net email is sponsored by:
SourcForge Community
SourceForge wants to tell your story.
http://p.sf.net/sfu/sf-spreadtheword___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Using nagios check_http for webbasedauthentication
Just like that.. Changed it now anyways :)
That apart, please help me out folks as to how I have to go ahead with
nagios ..
-Original Message-
From: Klaus Umbach [mailto:treibh...@sozial-inkompetent.de]
Sent: Thursday, January 22, 2009 7:40 PM
To: Venugopal S
Cc: Marc Powell; nagios-users@lists.sourceforge.net
Subject: Re: [Nagios-users] Using nagios check_http for
webbasedauthentication
On 22/01/09 19:25, Venugopal S wrote:
>
> Hi Marc,
>
> Thanks for the reply. I am even now vague about how to proceed.
>
> Let me tell you the need :
>
> I have to open http://ww12.1800flowers.com/signin.do and enter my
> email(svenugop...@gmail.com) and password("podhum") in order to login.
Why did you give us a valid user/password combination? :-)
>
> When I login using the above valid credentials it would take me to the
> next page or otherwise throw an error.
>
> How do I compose the command line for check_http ?
>
> Though this looks like a lot of hand holding, I have no other go.
>
> Can you please help ?
>
> Venu
>
> -Original Message-
> From: Marc Powell [mailto:m...@ena.com]
> Sent: Thursday, January 22, 2009 7:15 PM
> To: Nagios Users Mailinglist
> Subject: Re: [Nagios-users] Using nagios check_http for web
> basedauthentication
>
>
> On Jan 22, 2009, at 5:50 AM, Venugopal S wrote:
>
> > Hi,
> >
> > Can I do a check on a particular website by supplying the username
> > and password to nagios check_http commandline ?
> >
> > To be clear :
> >
> > Assume that I want to check whether login action happens properly on
> > my website which is www.venu.com. And the login page name is
> www.venu.com/signup.do
> > . This form would take username and password and send a POST
> > request to www.venu.com/autorize.do. How will i check this in nagios
?
> >
> > If it had been GET method, I would have done that. But in my case,
> > it is POST method
>
> Since you're using forms based authentication, use the -P parameter to
> check_http.
>
> $ ./check_http --help
>
> [chop]
>
> -P, --post=STRING
> URL encoded http POST data
>
>
> check_http -I -H www.venu.com -u /autorize.do -P
> "usernamefield=username&passwordfield=password"
>
> If you need something more complex than that you might want to search
> for past posts about use of perl's WWW::Mechanize or
> Nagios::WebTransact to help create a custom plugin.
>
> Note for future readers, if the site uses standard htaccess
> authentication then '-a username:password' if the format.
>
> --
> Marc
>
>
> --
> This SF.net email is sponsored by:
> SourcForge Community
> SourceForge wants to tell your story.
> http://p.sf.net/sfu/sf-spreadtheword
> ___
> Nagios-users mailing list
> Nagios-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
> This email message and its attachments may contain CONFIDENTIAL AND
PRIVILEGED INFORMATION intended for the sole use of the addressee(s). If
you have received it in error, please contact the sender by return
email, notify your system manager and destroy the original message and
any copies thereof. Any review, use, disclosure or distribution is
unlawful. Please check this email and any attachments for the presence
of viruses. The Company accepts no liability for any damage caused by
any virus transmitted by this email. The views or opinions presented in
this e-mail are solely those of the author and do not necessarily
represent those of the company.
> The Company reserves the right to monitor, review and store the
content of all messages sent to or from this e-mail address.
>
> www.aztecsoft.com
>
>
--
> This SF.net email is sponsored by:
> SourcForge Community
> SourceForge wants to tell your story.
> http://p.sf.net/sfu/sf-spreadtheword
> ___
> Nagios-users mailing list
> Nagios-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
--
BOFH excuse #184:
loop found in loop in redundant loopback
This email message and its attachments may contain CONFIDENTIAL AND PRIVILEGED
INFORMATION intended for
