Difference between revisions of "Pandora: Documentation en: Web Monitoring"

From Pandora FMS Wiki
Jump to: navigation, search
(Simple HTTP Authentication)
(Creating Web Modules)
 
(61 intermediate revisions by 6 users not shown)
Line 1: Line 1:
 
[[Pandora:Documentation_en|Go back to Pandora FMS documentation index]]
 
[[Pandora:Documentation_en|Go back to Pandora FMS documentation index]]
  
= Monitoring User Browsing Behavior =
+
 
 +
= Classic Web Monitoring =
  
 
== Introduction ==
 
== Introduction ==
  
In the Enterprise version it is possible to monitor a Web using the WEB Server component, also called Goliat Server.
+
In the Enterprise version[[Image:icono-modulo-enterprise.png|Versión Enterprise.]], it is possible to monitor a Web using the WEB Server component(Goliat Server).
  
[[File: GoliatLogo 2.jpg|right]]
+
[[File: GoliatLogo 2.jpg|right|200px]]
  
This functionality comes from an old project of the founder of Pandora FMS. Goliat F.I.S.T. was an opensource project to perform dynamic load audits on web services. You can still find the source code (from 2002) whose up-keeping stopped  more or less in 2010  [https://sourceforge.net/projects/goliat/].
+
This feature comes from an old project of the founder of Pandora FMS: Goliat F.I.S.T. It was an open source project to perform dynamic load audits on web services. You can still find the [https://sourceforge.net/projects/goliat/ source code (from 2002)] whose updating stopped around 2010.
  
In Pandora FMS, it functions as an independent server, similar to the network server, WMI server or remote plugin server.  
+
In Pandora FMS, it works as an independent server, similar to the [[Pandora:Documentation_en:Architecture#The_Network_Server|Network server]], [[Pandora:Documentation_en:Architecture#The_WMI_Server|WMI Server]] or [[Pandora:Documentation_en:Architecture#The_Plugin_Server|remote plugin server]].  
This system operates under the principle of ''web transaction'', where each transaction is defined by one or more consecutive steps, which must be satisfactorily concluded in order to consider that the transaction has been successfully completed. The execution of a ''web transaction'' faithfully reproduces the complete browsing process that can include aspects such as authenticating yourself in a form, clicking on a menu option, filling in a form, verifying that each step returns a specific text string.  
+
This system operates under the principle of ''web transaction'', where each complete transaction against one or more WEB pages is defined by one or more consecutive steps, which must be successfully concluded in order to consider the transaction properly completed. The execution of a ''web transaction'' faithfully reproduces the complete browsing process that can include aspects such as authenticating yourself in a form, clicking on a menu option or filling in a form, verifying that each step returns a specific text string.  
  
Any failure at one point in the process would result in a checking failure. The complete transaction includes the downloading of all resources (graphics, animations, etc.) that the actual navigation includes. In addition to performing response time and performance checks, it is possible to extract values from the web pages and then process them.
+
Any failure at any point in the process would result in a checking failure. The complete transaction includes the downloading of all resources (graphics, animations, etc.) that the actual navigation includes. In addition to performing response time and performance checks, it is possible to extract values from the web pages and then process them.
  
Goliat is able to monitor both HTTP and HTTPS in a transparent way for the user, supports session management through cookies, parameter passage, and of course, downloading the resources associated with each page. It also has '''important limitations such as the dynamic management of javascript at runtime'''. For more complex web transactions, Pandora FMS has another much more powerful  (and complex) component called WUX Monitoring ('''Web User Experience'''), for more information follow the link  [https://wiki.pandorafms.com/index.php?title=Pandora:Documentation_en:Monitoring_WUX]
+
Goliat is able to monitor both HTTP and HTTPS in a transparent way for the user, supports session management through cookies, parameter passage, and of course, downloading the resources associated with each page. It also has '''important limitations such as the dynamic management of javascript at runtime'''. For more complex web transactions, Pandora FMS has another much more powerful  (and complex) component called [[Pandora:Documentation_en:User_Monitorization|WUX monitoring)]].
  
 
==Installation and Configuration==
 
==Installation and Configuration==
  
To be able to use Goliat, first you must activate it in the Pandora FMS Enterprise server:
+
To be able to use Goliat, [[Pandora:Documentation_en:Configuration#Configuration_File_Elements|activate]] it in the Pandora FMS Enterprise server:
  
 
  webserver 1
 
  webserver 1
Line 29: Line 30:
 
  web_timeout 60
 
  web_timeout 60
  
There is an advanced configuration token that will allow you to change the type of library you use under Goliat, LWP or CURL. By default LWP is used, although if you have any problems (SSL connections, long timeouts or concurrency problems in the case of many threads), you can switch to CURL:
+
There is an advanced configuration token that will allow you to change the type of library you use under Goliat, LWP or CURL. CURL is used by default, but you can change it at any time:
  
 
  web_engine curl
 
  web_engine curl
Line 35: Line 36:
 
== Creating Web Modules ==
 
== Creating Web Modules ==
  
To remotely monitor a web page, we have to click on the modules tab. Then, we'll select 'Create a new webserver module' and click on ''Create'':
+
To monitor a web page remotely, once the agent is created, click on the '''modules''' tab. Then, select '''Create a new webserver module''' and click on '''Create''':
  
<center>
+
[[Image:Gagita2.png|center|500px]]
[[image:Gagita2.png]]
 
</center>
 
  
Click ''Create'', to see a form appear in which you fill out the necessary fields to monitor a web page. The name and, above all, the type of WEB check-up, are the most basic:
+
Click on '''Create''' to see a form where to fill out the appropriate fields to monitor a web page.
  
<center>
+
[[Image:goliat_types.jpg|center|600px]]
[[image:goliat_types.jpg]]
 
</center>
 
  
There are various check types to choose from:
+
There are several check types to choose from:
  
* '''Remote HTTP module to check latency''': obtains the total time that elapses from the first request until the last one is checked (in a WEB test there are one or more intermediate requests that complete the transaction). If you have defined in the check definition that the transaction is carried out more than once, the average time of each request is used.
+
* '''Remote HTTP module to check latency''': It obtains the total time that elapses from the first request until the last one is checked (in a WEB test there are one or more intermediate requests that complete the transaction). If it is defined in the check definition that the transaction must be carried out more than once, the average time of each request is used.
  
* '''Remote HTTP module to check server response''': you get a 1 (OK) or 0 (CRITICAL) as a result of checking the entire transaction. If there are several attempts, but at least one of them has failed, the test as a whole is also considered to have failed. Precisely the number of attempts is sometimes used to avoid false positives. In case you want to perform the test several times in case of a failure, use the'' retries'' field (see advanced fields below).
+
* '''Remote HTTP module to check server response''': It shows the values 1 ( <code>OK</code> ) or 0 ( <code>CRITICAL</code> ) as a result from checking the entire transaction. If there are several attempts, but at least one of them has failed, the test as a whole is also considered to have failed. Precisely the number of attempts is sometimes used to avoid false positives. In case you may want to perform the test several times in case of a failure, use the'' retries'' field in advanced fields.
  
* '''Remote HTTP module to retrieve numeric data''': Retrieves a numeric value from an HTTP response using a regular expression.
+
* '''Remote HTTP module to retrieve numeric data''': It retrieves a numeric value from an HTTP response using a regular expression.
  
* '''Remote HTTP module to retrieve string data''': Retrieves a string from an HTTP response using a regular expression.
+
* '''Remote HTTP module to retrieve string data''': It retrieves a string from an HTTP response using a regular expression.
  
'''Web Checks'''
+
* '''Remote HTTP module to check server status code:''': By means of the '''curl''' tool properly enabled with the <code>web_engine curl</code> configuration token, HTTP headers can be returned.
  
This essential field defines the WEB check to be performed. This is defined in one or more steps, or simple requests. These simple requests must be written in a special format in the Web checks field. Checks start with the tab page ''task_begin'' and end with the tab page ''task_end''.
+
'''Web Checks''': This essential field defines the WEB check to be performed. This is defined in one or more steps, or simple requests. These simple requests must be written in a special format in the Web checks field. Checks start with the tab page <code>task_begin</code> and end with the tab page <code>task_end</code>.
  
 
A complete example of a simple transaction would be the following:
 
A complete example of a simple transaction would be the following:
 +
 +
task_begin
 +
head <nowiki>http://apache.org/</nowiki>
 +
task_end
 +
 +
[[Image:Resources-manage_agents-modules-remote_http_module_to_check_server_status_code.png|center|550px]]
 +
 +
After saving, you can force the execution of the Module and visualize its result:
 +
 +
[[Image:Resources-manage_agents-modules-remote_http_module_to_check_server_status_code-result.png|center|600px]]
 +
 +
Another example with more commands:
  
 
  task_begin  
 
  task_begin  
Line 70: Line 79:
 
  task_end
 
  task_end
  
In this basic example, we are checking if there is a string in a web page, for that there is the variable '''check_string'''. This variable does not allow you to check HTML itself, it only searches for sub-strings of text. We are looking for "Apache Software Foundation" on the web http://apache.org. If that text string exists, the check will return OK (if it is ''Remote HTTP module to check server response'')
+
In this basic example, it is being checked whether there is a string in a web page. To that end, there is the variable <code>check_string</code>. This variable does not allow you to check HTML itself, it only searches for text sub-strings. If you look for "Apache Software Foundation" on the <nowiki><http://apache.org></nowiki> and if that text string exists, the check will return OK (if it is ''Remote HTTP module to check server response'')
  
To ensure that a string does not exist on a web page, you can use the variable' check_not_string':
+
To ensure that a string does not exist on a web page, you can use the variable <code>check_not_string</code>:
  
<pre>
+
check_not_string Section 3
check_not_string Section 3
 
</pre>
 
  
 +
The arguments taken by the <code>check_string</code> syntax are not normal text strings, they are "regular expressions". That is to say, if you search for the string <code>Pandora FMS (4.0)</code> you will have to search for it with a regular expression, e.g. <code>Pandora FMS \(4.0\)</code>. This allows you to perform much more powerful researches, but you should be aware that any character other than a letter or number will have to be escaped with con <code>\</code>.
  
 
There are several extra variables to check forms:
 
There are several extra variables to check forms:
  
*'''resource (1 or 0)''': Download all the web resources (images, videos, etc).
+
*'''resource (1 or 0)''': It downloads all the web resources (images, videos, etc).
*'''cookie (1 or 0)''': Keeps a cookie or an open session for later checks.
+
*'''cookie (1 or 0)''': It keeps a cookie or an open session for later checks.
 
*'''variable_name''': The name of a variable in a form.
 
*'''variable_name''': The name of a variable in a form.
 
*'''variable_value''': The value of the previous variable on the form.
 
*'''variable_value''': The value of the previous variable on the form.
  
By using these variables, it's possible to send data to forms and check whether they work appropriately or not.
+
By using these variables, it is possible to send data to forms and check whether they work appropriately or not.
  
{{Warning|In some specific cases, the domain redirection may '''not''' work. To solve this problem, you're required to create a module which uses the final domain address after all redirections are completed.}}
+
{{Warning|In some specific cases, the domain redirection may '''not''' work. To solve this problem, create a module that uses the final domain address after all redirections are completed.}}
  
{{Warning|The arguments taken by the "check_string" syntax are not normal text strings, they are "regular expressions". That is to say, if you search for the string "Pandora FMS (4.0)" you will have to search for it with a regular expression, e. g. Pandora FMS \(4.0\). This allows you to do much more powerful searches, but you should be aware that any character other than a letter or number will have to be escaped with \.}}
+
For the previous case, the '''curl''' command has the parameter <code> -L</code> in its short version and <code>--location</code> in its long version, so when it receives HTTP 3XX redirections, it executes again against the redirected domain. '''However, the flexibility of Pandora FMS''' allows you to use the debug button.
  
== Checking the Latency of a Website ==
+
[[Image:Resources-manage agents-modules-remote http debug.png|center|700px]]
  
If you want to check the latency of a website, you're just required to select the module type named ''Remote HTTP module to check latency''. If you want to learn the latency of the website ''http://pandorafms.com'' , the code should look like the one below.
+
At the moment of creating the Module, it is inactive and you will be able to make use of it after you have done the first check, which you can force to run to save time.
 +
 
 +
When you modify this Module, click on the '''Debug''' button and you can enter debug mode to edit the '''Query''':
 +
 
 +
[[Image:Resources-manage agents-modules-remote http debug-curl parameters.png|center|800px]]
 +
 
 +
You can execute the query that the module has with the button '''Execute query''' as well as modify and re-execute it with other values until you get the desired result.
 +
 
 +
[[Image:Resources-manage agents-modules-remote http debug-curl parameters pfms.png|center|700px]]
 +
 
 +
== Checking website loading time ==
 +
 
 +
If you want to check the latency of a website, select the module type named '''Remote HTTP module to check latency'''. If you want to find out the latency of the <nowiki><https://pandorafms.com></nowiki>:
  
 
  task_begin
 
  task_begin
  get http://pandorafms.com
+
  get <nowiki>https://pandorafms.com</nowiki>
 
  task_end
 
  task_end
  
We can add the configuration token '''resource 1''' so that the download time you calculate is downloading all resources (javascript, CSS, images, etc.), thus calculating a more real data.  
+
Add the <code>resource 1</code> configuration token so that the download time you calculate includes the download of all resources (javascript, CSS, images, etc.), thus calculating a more real data.  
<br><br>
 
  
{{Tip|The download time of the web site is NOT the time it takes to view a web site in a browser, as this usually depends on the loading time of Javascript, and Goliat downloads the javascript, but does not run it.}}
+
 
 +
{{Tip|The download time of the website is NOT the time it takes to see a web site in a browser, as this usually depends on the loading time of Javascript, and Goliat downloads the javascript, but does not run it.}}
  
 
== Website Checks through a Proxy==
 
== Website Checks through a Proxy==
  
You're also able to conduct website checks by using a proxy. To configure the proxy, you're required to add the proxy URL in the field 'Proxy URL' which is located under 'Advanced options':
+
You can also carry out website checks by using a proxy. To configure the proxy, add the proxy URL in the 'Proxy URL' field which is located under '''Advanced options''':
  
<center>
 
<br><br>
 
[[Image:Goliat_proxy_conf.png|center]]
 
<br><br>
 
</center>
 
  
 
An example of the URL could be:
 
An example of the URL could be:
  
  http://proxy.domain.com:8080
+
  <nowiki>http://proxy.domain.com:8080</nowiki>
  
If the proxy requires an authentication, you may use an URL like this:
+
If the proxy requires an authentication, you may use the following where <code>my-user</code> is the username and <code>my_pwd</code> is the password:
  
  http://my_user:[email protected]:8080
+
  <nowiki>http://my-user:[email protected]:8080</nowiki>
 +
 
 +
[[Image:Goliat_proxy_conf.png|center|700px]]
  
 
== Retrieving data from a website ==
 
== Retrieving data from a website ==
  
We may not want to know if a specific Web site is working or how long it takes, but to get a real time value, such as Google's stock market value. To do this, we will use a ''Remote HTTP module to retrieve numeric data'' with the appropriate regular expression:
+
Sometimes monitoring does not consist of finding out whether a specific Web site is working or how long it takes, but to get a real time value, such as Google's stock market value. To that end, use a '''Remote HTTP module to retrieve numeric data''' with the appropriate regular expression:
  
<pre>
+
task_begin
task_begin
+
get <nowiki>http://finance.google.com/finance/info?client=ig&q=NASDAQ%3aGOOG</nowiki>
get http://finance.google.com/finance/info?client=ig&q=NASDAQ%3aGOOG
+
get_content \d+\.\d+
get_content \d+\.\d+
+
task_end
task_end
 
</pre>
 
  
The output is going to be something like this:
+
The output will look like this:
  
<br><br><center>
+
[[image:Google_stock_quote.png|center|700px]]
[[image:Google_stock_quote.png|center|600px]]
 
</center><br><br>
 
  
It is also possible to specify a more complex regular expression for collecting data from more complex HTTP responses with the configuration token'' get_content_advanced'':
 
  
 +
It is also possible to specify a more complex regular expression for collecting data from more complex HTTP responses with the <code>get_content_advanced</code> configuration token:
  
<pre>
 
task_begin
 
get http://finance.yahoo.com/q?s=GOOG
 
get_content_advanced <span id="yfs_l84_goog">([\d\.]+)</span>
 
task_end
 
</pre>
 
  
{{Warning|The part of the regular expression to be returned (which is defined in ''get_content_advanced'') must be enclosed in brackets.}}
+
task_begin
 +
<nowiki>get http://finance.yahoo.com/q?s=GOOG</nowiki>
 +
<nowiki>get_content_advanced <span id="yfs_l84_goog">([\d\.]+)</span></nowiki>
 +
task_end
  
To configure the thresholds that trigger the warning or critical status, we will use the module configuration to verify that the received string matches what is expected.
+
{{Warning|The part of the regular expression defined in <code>get_content_advanced</code> must be enclosed in brackets.}}
  
== Form Checking on a Website ==
+
To configure the thresholds that will trigger warning or critical status, use the module configuration to verify that the received string matches what is expected.
  
A more interesting check is that of a web form. However, which is much more complex than simply checking a text on a web page. This example check will use Pandora's own console, log in, and will verify that it has been able to do it, verifying a text in the workspace section where it shows the data of the user who has logged in. If it is a default console, the admin user contains the description "Admin Pandora".
+
== Website form checking ==
  
To be able to perform this type of checks you must have the necessary credentials to be able to log in (since we use these values to "send" them to the HTML form. In addition, you must go to the page and get the HTML code to be able to see the names of the variables, then it is necessary to have minimal knowledge of HTML to understand how Goliat works. In this example we are using "admin" with the password "pandora" which is the default credentials. I should have changed them, if you haven't already, this is a good time to do it!
+
Web form checking is much more complex than simply checking a text on a website. This example check will use Pandora FMS Console, log in, and verify that it has been able to do it. It verifies a text in the '''workspace''' section where it shows the data of the user who has logged in. If it is a default console, the admin user contains the description "Admin Pandora".
  
{{Tip|The ideal thing to do when designing a WEB transactional test with several steps is to test it step by step, in case we missed something in one of the steps.}}
+
To be able to perform this type of checks, you must have the necessary credentials. In addition, go to the page and get the HTML code to be able to see the names of the variables. Then, it is necessary to have a basic knowledge of HTML to understand how Goliat works.
  
Suppose that the login URL of our Pandora Console is:
+
{{Tip|The ideal procedure when designing a WEB transactional test with several steps is to test it step by step, in case something was missed in one of the steps.}}
http://192.168.70.116/pandora_console/
 
Analyzing the HTML code, it is observed that the variables of the login form are:
 
  
*''nick'': user name
+
The example Console is:
*''pass'': user password
 
  
The variables variable_name and variable_value should be used tpgether to validate the form.  
+
<nowiki>http://192.168.70.116/pandora_console/</nowiki>
  
The first step is to access the form, send the user and password and authenticate (determining the success of that authentication we will see in the second step).
+
Analyzing the HTML code, it is observed that the variables of the login form are:
  
<pre>
+
* <code>nick</code>: user name
task_begin
+
* <code>pass</code>: user password
post http://192.168.70.116/pandora_console/index.php?login=1
 
variable_name nick
 
variable_value admin
 
variable_name pass
 
variable_value pandora
 
cookie 1
 
resource 1
 
task_end
 
</pre>
 
  
With the previous task, it would have been possible to access and validate the website, now it will be verified that you are actually registered in the website by searching for something on it that you can only see when you are registered. We use the cookie 1 token to maintain the persistence of cookies obtained in the previous step. Without them, we will not be able to "simulate" a session.
+
The variables <code>variable_name</code> and <code>variable_value</code> should be used together to validate the form. Pandora FMS Console has by default the <code>admin</code> and <code>pandora</code> values.
  
In the second step we will access the user details page and look for the phone, which by default for the user "admin" is 555-555-555. If we can see it is that we have logged in correctly on the console:
+
Firstly, access the form, send the user and password and authenticate (determining the success of that authentication will be seen in the following step).
  
<pre>
+
task_begin
task_begin
+
post <nowiki>http://192.168.70.116/pandora_console/index.php?  
get http://192.168.70.116/pandora_console/index.php?sec=workspace&sec2=operation/users/user_edit
+
login=1</nowiki>
cookie 1
+
variable_name nick
resource 1
+
variable_value admin
check_string 555-555-5555
+
variable_name pass
task_end
+
variable_value pandora
</pre>
+
cookie 1
 +
resource 1
 +
task_end
  
And finally, we will disconnect from the console and look for the logout message:
+
The ''token'' <code>cookie 1</code> is used to keep the persistence of values obtained in the previous step, after a successful authentication. Then go to the page of user details and look for the phone, which by default for the "admin" user is 555-555-555. If you can see it, it means that you have logged in correctly in the console (note the use of the <code>check_string</code> command):
  
<pre>
+
task_begin
task_begin
+
get <nowiki>http://192.168.70.116/pandora_console/index.php?  
get http://192.168.70.116/pandora_console/index.php?bye=bye
+
sec=workspace&sec2=operation/users/user_edit</nowiki>
cookie 1
+
cookie 1
resource 1
+
resource 1
check_string Logged out
+
check_string 555-555-5555
task_end
+
task_end
</pre>
 
  
With which the total check would remain in Pandora FMS as follows:
+
And finally, log out from the Console and look for the logout message <code>Logged out</code>:
  
<center>
+
task_begin
[[Image:goliat_full_sample.jpg]]
+
get <nowiki>http://192.168.70.116/pandora_console/index.php? bye=bye</nowiki>
</center>
+
cookie 1
 
+
resource 1
== Comportamiento de las peticiones WEB ==
+
check_string Logged out
 
+
task_end
The fields of the advanced properties are similar to those of other types of modules, although there are some different and specific fields of the WEB checks:
 
  
'''Timeout'''
+
Total ''script'' check:
  
This is the expiry time during the request, if this time is exceeded the request for verification will be discarded.
+
[[Image:goliat_full_sample.jpg|800px]]
  
'''Agent browser id'''
+
== WEB query performance ==
  
This is the web browser identifier to use, as certain pages only accept some web browsers (see zytrax.com for more information).
+
The fields of the advanced properties are similar to those of other types of modules, although there are some different and specific fields of WEB checks:
  
'''Requests'''
+
;Timeout: This is the expiry time during the request. If it is exceeded, the request for verification will be discarded.
  
Pandora FMS will repeat the check the number of times indicated in this parameter. If one of the checks fails, the check will be considered erroneous. Depending on the number of checks in the module, a certain number of pages will be obtained; that is, if the module consists of three checks, three pages will be downloaded, and if some value has been set in the Requests field, then the number of downloads will be multiplied by it. It is important to keep this in mind to know the total time it will take the module to complete the operations.
+
;Agent browser id: This is the web browser identifier to be used, since certain pages only accept some web browsers (see https://www.zytrax.com/tech/web/browser_ids.htm for more information).
  
'''Retries'''
+
;Requests: Pandora FMS will repeat the check the amount of times indicated in this parameter. If one of the checks fails, the check will be considered erroneous. Depending on the number of checks in the module, a certain number of pages will be obtained. That means that if the module consists of three checks, three pages will be downloaded, and if some value has been set in the '''Requests''' field, then the number of downloads will be multiplied by it. It is important to keep this in mind to know the total time it will take for the module to complete the operations.
  
It has nothing to do with requests and implies the opposite, i. e. if its value is > 1, and fails the first time, it will retry a certain number of times until it succeeds. For example with retries = 2 and Requests = 1, if the first test failed, it would retry it once more, and if the second one works, the check would be considered as valid. If it was Requests = 2, and Retries = 1, it would perform two checks, but if either failed, it would consider the test as failed.
+
;Retries: The number of times it does a '''Request''' until getting a successful result. Examples:
 +
* retries = 2 and Requests = 1: If the first test fails, it will retry once more and if the second one works, the check is valid.
 +
* Retries = 1 and Requests = 2: It performs two checks, but if any of them fails, it will result in a failed check.
  
 
== Simple HTTP Authentication ==
 
== Simple HTTP Authentication ==
  
Some websites might require HTTP authentication. This authentication method doesn't consist of the 'normal' user / password form. HTTP authentication is the one in which a pop-up appears, informing that the site "xxxx" asks us for credentials.
+
Some websites might require [https://en.wikipedia.org/wiki/Basic_access_authentication simple HTTP authentication]. Generaly it is used as a fast authentication, a "hi" of minimum security that allows accessing advanced security checks (encryption, data persistance, etc.)
 
 
<center>
 
[[Image:Conexion http.png]]
 
</center>
 
  
It can be configured in the advanced options (as seen in the previous screenshot) or directly in the WEB task definition with the following configuration tokens:
+
[[Image:conexion_http.png|650px]]
  
* Check type - HTTP server check type.
+
It can be configured in the advanced check options (or directly in the WEB task definition) with the following configuration tokens:
  
* http auth (login) - The user.
+
;Check type: HTTP server check type.
* http auth (password) - The password.
+
;http auth (login): HTTP user.
* Proxy realm - The realm's name.
+
;http auth (password): Password.
* Proxy URL - Proxy server url
+
;Proxy auth realm: Auth realm's name.
* Proxy auth (server) - The domain and HTTP port on which to listen on.
+
;Proxy auth (server): Domain and HTTP port on which to listen on.
* Proxy auth (login) - Proxy connection user
+
;Proxy URL: Proxy server url.
* Proxy auth (pass) - Proxy connection password
+
;Proxy auth (login): Proxy connection user.
 +
;Proxy auth (pass): Proxy connection password.
  
This is a full example:
+
Full example:
  
 
  task_begin
 
  task_begin
  get http://artica.es/pandoraupdate4/ui/
+
  get <nowiki>http://artica.es/pandoraupdate4/ui/</nowiki>
 
  cookie 1
 
  cookie 1
 
  resource 1
 
  resource 1
Line 268: Line 265:
 
  task_end
 
  task_end
  
== Webservice Monitoring ==
+
== Webservice and API Monitoring ==
  
With Pandora FMS and Goliat's Web Surveillance features, you're also able to monitor web services and APIs which are based on the REST specification, but you're unable to conduct such a surveillance on SOAP or XML-RPC based web services.
+
With Pandora FMS and Goliat you may [https://en.wikipedia.org/wiki/Representational_state_transfer REST] APIs, except for more complex APIs based on protocols such as SOAP or XML-RPC.
  
Let's assume for a moment that you want to check a web API by a specific call which returns a number (from '0' to 'n') if it works properly. If not, it's not going to return anything, which will be considered a failure by Pandora FMS:
+
To check an API with this specific call which returns a number (from '0' to 'n') if it works properly; and if not, it returns nothing, (using <code>my_user</code> and <code>my_pass</code> as credentials):
  
 
  task_begin
 
  task_begin
  get http://artica.es/integria/include/api.php?user=slerena&pass=xxxx&op=get_stats&params=opened,,1
+
  get <nowiki>http://artica.es/integria/include/api.php?user=my_user&pass=my_pass&op=get_stats&params=opened,,1</nowiki>
 
  check_string \n[0-9]+
 
  check_string \n[0-9]+
 
  task_end
 
  task_end
  
This is going to return a reply like this:
+
This will return a reply similar to this one:
 +
 
 +
HTTP/1.1 200 OK
 +
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
 +
Connection: close
 +
Date: Mon, 13 May 2013 15:39:27 GMT
 +
Pragma: no-cache
 +
Server: Apache
 +
Vary: Accept-Encoding
 +
Content-Type: text/html
 +
Expires: Thu, 19 Nov 1981 08:52:00 GMT
 +
Client-Date: Mon, 13 May 2013 15:39:27 GMT
 +
Client-Peer: 64.90.57.215:80
 +
Client-Response-Num: 1
 +
Client-Transfer-Encoding: chunked
 +
Set-Cookie: a81d4c5e530ad73e256b7729246d3d2c=pcasWqI6pZzT2x2AuWo602; path=/
 +
 +
0
 +
 
 +
By checking the output with a regular expression, you may verify that everything works properly. For more complex answers, use other regular expressions accordingly.
 +
 
 +
More examples:
 +
 
 +
task_begin
 +
get <nowiki>https://swapi.co/api/planets/1/</nowiki>
 +
get_content Tatooine
 +
task_end
 +
 
 +
In this case, the module created to show data must be '''Remote HTTP module to retrieve string data (web_content_string)'''.
 +
 
 +
task_begin
 +
get <nowiki>https://pokeapi.co/api/v2/pokemon/ditto/</nowiki>
 +
get_content imposter
 +
task_end
 +
 
 +
Just like the previous module, the type of data defined needs to be 'Remote HTTP module to retrieve string data (web_content_string)' for the module to work properly.
 +
 
 +
You may perform calls with '''get_content_advanced''':
 +
 
 +
 
 +
task_begin
 +
get <nowiki>https://api.hillbillysoftware.com/Awards/ByYear/1990</nowiki>
 +
get_content_advanced "Nominee":"([A-Za-z ]+)","Year":"1990"
 +
task_end
 +
 
 +
Result:
 +
 
 +
[[Image:APIwiki1.png|center|600px]]
 +
 
 +
 
 +
In Pandora FMS the result would be displayed as follows:
 +
 
 +
[[Image:APIwiki2.png|center|400px]]
  
<pre>
 
HTTP/1.1 200 OK
 
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
 
Connection: close
 
Date: Mon, 13 May 2013 15:39:27 GMT
 
Pragma: no-cache
 
Server: Apache
 
Vary: Accept-Encoding
 
Content-Type: text/html
 
Expires: Thu, 19 Nov 1981 08:52:00 GMT
 
Client-Date: Mon, 13 May 2013 15:39:27 GMT
 
Client-Peer: 64.90.57.215:80
 
Client-Response-Num: 1
 
Client-Transfer-Encoding: chunked
 
Set-Cookie: a81d4c5e530ad73e256b7729246d3d2c=pcasWqI6pZzT2x2AuWo602; path=/
 
  
0
+
{{Warning|It is important to properly define the capture groups within the parentheses so that the call is executed correctly.}}
</pre>
 
  
This is going to produce an 'OK' (Green) module status, because the regular expression matching ('regexp') found the '0' just before a carriage return. It's important to check the entire response data - not just the 'data' section, so you can match the HTTP headers, too. For other responses, a different regular expression is required.
+
{{Warning|When creating API calls, it is important to know if the destination API has the right permissions to allow calls.}}
  
 
== HTTPS Monitoring ==
 
== HTTPS Monitoring ==
  
Goliat is able to check both HTTP and HTTPS. To conduct checks on secured websites which are utilizing HTTPS, you only have to incorporate the protocol into its URL, e.g.:
+
Goliat is able to check both HTTP and HTTPS. To carry out checks on secured websites which use HTTPS, incorporate the protocol into its URL, e.g.:
  
 
<pre>
 
<pre>
Line 314: Line 347:
 
task_end
 
task_end
 
</pre>
 
</pre>
 
== IPv6 Support ==
 
 
Goliat supports IPv6, although it needs to use FQDN addresses, this means that URLs must have full names (e.g. ipv6.google.com). The numerical representation of IPv6 addresses (pe:[:: 1],[2404:6800:4004:4004:803::1014] etc.) is not valid for IPv6 checks with Goliat.
 
  
 
== Advanced Options ==
 
== Advanced Options ==
  
=== Modifying HTTP Headers (available from versions 4.0.2 and above) ===
+
=== Modifying HTTP Headers ===
  
With the ''header'' option, you're able to modify HTTP headers or create your own. The example below e.g. changes the ''Host'' HTTP header:
+
With the ''header'' option, you are able to modify HTTP headers or create your own. The example below changes the ''Host'' HTTP header:
  
 
  task_begin
 
  task_begin
  get http://192.168.1.5/index.php
+
  get <nowiki>http://192.168.1.5/index.php</nowiki>
 
  header Host 192.168.1.1
 
  header Host 192.168.1.1
 
  task_end
 
  task_end
  
=== Debugging Web Surveillance (available from versions 4.0.2 and above) ===
+
=== Debugging Web checks ===
  
If you want to debug a website check, please add the ''debug <log_file>'' option. The files log_file.req and log_file.res are going to be created along with the contents of the HTTP request and response:
+
If you want to debug Web checks, add the <code>debug <log_file></code> option. The files <code>log_file.req</code> and <code>log_file.res</code> will be created along with the contents of the HTTP request and response:
  
 
  task_begin
 
  task_begin
  get http://192.168.1.5/index.php
+
  get <nowiki>http://192.168.1.5/index.php</nowiki>
 
  debug /tmp/request.log
 
  debug /tmp/request.log
 
  task_end
 
  task_end
 
The website check above is going to generate the files ''/tmp/request.log.req'' and ''/tmp/request.log.res''.
 
  
 
=== Using CURL instead of LWP ===
 
=== Using CURL instead of LWP ===
  
LWP sometimes crashes when multiple threads issue HTTPS requests simultaneously. To solve this problem, you just have to edit the file named '/etc/pandora/pandora_server.conf' and to add the below mentioned line to it:
+
LWP library sometimes crashes when multiple threads issue HTTPS requests simultaneously (due to an OpenSSL constraint). The alternative is to use the [https://curl.se/dlwiz/ '''curl''' tool] To solve this problem, edit the file named <code>/etc/pandora/pandora_server.conf</code> and the following line:
  
 
  web_engine curl
 
  web_engine curl
  
After you've restarted the Pandora FMS Server, the CURL binary is going to be used to perform website checks instead of LWP.
+
Restart Pandora FMS Server, and the CURL binary will be used to perform web checks instead of LWP.
 
 
= Distributed Transactional WEB Monitoring by Selenium =
 
 
 
[[file:selenium_logo.png|right]]
 
 
 
In addition to the features of Goliat, which is integral part of all Pandora FMS Enterprise versions, there is another way to perform Transactional Monitoring by Pandora FMS. This method is using an agent-like approach instead of a centralized system. It allows you to distribute the load and to use servers in remote networks to monitor different websites or applications.
 
 
 
In such a case, [http://docs.seleniumhq.org/ 'Selenium'] is used as the back end instead of Goliat. It supports a navigation 'by clicks' which is much more precise than the ones offered by Goliat. The Selenium plug-in agent interacts with the Selenium Server - and this in turn with the system's browser. This method offers the possibility to browse the web using Chrome, Firefox or the Internet Explorer. It runs on Windows and Linux, enables latency and session checks and '''supports navigation with heavy implementations of JavaScript and Java applets, Flash or any other technology, supported by browsers today'''.
 
  
The Selenium plug-in Documentation is very extensive and specific and can be found in the [http://library.pandorafms.com/Library/repository/en Pandora FMS Module Library], along with the Enterprise Selenium Plug in.
+
= Advanced Transactional Monitoring =
  
'''This functionality had been improved, now you have Pandora UX to automatize and monitor both desktop and web User eXperience sessions'''
+
In addition to the feature offered by Goliath, there are other ways to carry out web transactional monitoring.
 +
* In a distributed way (UX), deployed as an "agent" in systems different to that of the server, even in unaccessible networks.
 +
* In a [[Pandora:Documentation_en:User_Monitorization|centralized way (WUX)]]
  
[[Pandora:Documentation_en|Go back to the Pandora FMS Documentation Index]]
+
[[Pandora:Documentation_en|Go back to Pandora FMS documentation index]]
  
 
[[Category:Pandora FMS]]
 
[[Category:Pandora FMS]]
 
[[Category:Documentation]]
 
[[Category:Documentation]]

Latest revision as of 12:05, 18 February 2021

Go back to Pandora FMS documentation index


1 Classic Web Monitoring

1.1 Introduction

In the Enterprise versionVersión Enterprise., it is possible to monitor a Web using the WEB Server component(Goliat Server).

GoliatLogo 2.jpg

This feature comes from an old project of the founder of Pandora FMS: Goliat F.I.S.T. It was an open source project to perform dynamic load audits on web services. You can still find the source code (from 2002) whose updating stopped around 2010.

In Pandora FMS, it works as an independent server, similar to the Network server, WMI Server or remote plugin server. This system operates under the principle of web transaction, where each complete transaction against one or more WEB pages is defined by one or more consecutive steps, which must be successfully concluded in order to consider the transaction properly completed. The execution of a web transaction faithfully reproduces the complete browsing process that can include aspects such as authenticating yourself in a form, clicking on a menu option or filling in a form, verifying that each step returns a specific text string.

Any failure at any point in the process would result in a checking failure. The complete transaction includes the downloading of all resources (graphics, animations, etc.) that the actual navigation includes. In addition to performing response time and performance checks, it is possible to extract values from the web pages and then process them.

Goliat is able to monitor both HTTP and HTTPS in a transparent way for the user, supports session management through cookies, parameter passage, and of course, downloading the resources associated with each page. It also has important limitations such as the dynamic management of javascript at runtime. For more complex web transactions, Pandora FMS has another much more powerful (and complex) component called WUX monitoring).

1.2 Installation and Configuration

To be able to use Goliat, activate it in the Pandora FMS Enterprise server:

webserver 1

Depending on the number of requests you want to make, you may have to increase the number of threads and the default timeout:

web_threads 1 
web_timeout 60

There is an advanced configuration token that will allow you to change the type of library you use under Goliat, LWP or CURL. CURL is used by default, but you can change it at any time:

web_engine curl

1.3 Creating Web Modules

To monitor a web page remotely, once the agent is created, click on the modules tab. Then, select Create a new webserver module and click on Create:

Gagita2.png

Click on Create to see a form where to fill out the appropriate fields to monitor a web page.

Goliat types.jpg

There are several check types to choose from:

  • Remote HTTP module to check latency: It obtains the total time that elapses from the first request until the last one is checked (in a WEB test there are one or more intermediate requests that complete the transaction). If it is defined in the check definition that the transaction must be carried out more than once, the average time of each request is used.
  • Remote HTTP module to check server response: It shows the values 1 ( OK ) or 0 ( CRITICAL ) as a result from checking the entire transaction. If there are several attempts, but at least one of them has failed, the test as a whole is also considered to have failed. Precisely the number of attempts is sometimes used to avoid false positives. In case you may want to perform the test several times in case of a failure, use the retries field in advanced fields.
  • Remote HTTP module to retrieve numeric data: It retrieves a numeric value from an HTTP response using a regular expression.
  • Remote HTTP module to retrieve string data: It retrieves a string from an HTTP response using a regular expression.
  • Remote HTTP module to check server status code:: By means of the curl tool properly enabled with the web_engine curl configuration token, HTTP headers can be returned.

Web Checks: This essential field defines the WEB check to be performed. This is defined in one or more steps, or simple requests. These simple requests must be written in a special format in the Web checks field. Checks start with the tab page task_begin and end with the tab page task_end.

A complete example of a simple transaction would be the following:

task_begin
head http://apache.org/
task_end
Resources-manage agents-modules-remote http module to check server status code.png

After saving, you can force the execution of the Module and visualize its result:

Resources-manage agents-modules-remote http module to check server status code-result.png

Another example with more commands:

task_begin 
get http://apache.org/
cookie 0
resource 0
check_string Apache Software Foundation
task_end

In this basic example, it is being checked whether there is a string in a web page. To that end, there is the variable check_string. This variable does not allow you to check HTML itself, it only searches for text sub-strings. If you look for "Apache Software Foundation" on the <http://apache.org> and if that text string exists, the check will return OK (if it is Remote HTTP module to check server response)

To ensure that a string does not exist on a web page, you can use the variable check_not_string:

check_not_string Section 3

The arguments taken by the check_string syntax are not normal text strings, they are "regular expressions". That is to say, if you search for the string Pandora FMS (4.0) you will have to search for it with a regular expression, e.g. Pandora FMS \(4.0\). This allows you to perform much more powerful researches, but you should be aware that any character other than a letter or number will have to be escaped with con \.

There are several extra variables to check forms:

  • resource (1 or 0): It downloads all the web resources (images, videos, etc).
  • cookie (1 or 0): It keeps a cookie or an open session for later checks.
  • variable_name: The name of a variable in a form.
  • variable_value: The value of the previous variable on the form.

By using these variables, it is possible to send data to forms and check whether they work appropriately or not.

Template warning.png

In some specific cases, the domain redirection may not work. To solve this problem, create a module that uses the final domain address after all redirections are completed.

 


For the previous case, the curl command has the parameter -L in its short version and --location in its long version, so when it receives HTTP 3XX redirections, it executes again against the redirected domain. However, the flexibility of Pandora FMS allows you to use the debug button.

Resources-manage agents-modules-remote http debug.png

At the moment of creating the Module, it is inactive and you will be able to make use of it after you have done the first check, which you can force to run to save time.

When you modify this Module, click on the Debug button and you can enter debug mode to edit the Query:

Resources-manage agents-modules-remote http debug-curl parameters.png

You can execute the query that the module has with the button Execute query as well as modify and re-execute it with other values until you get the desired result.

Resources-manage agents-modules-remote http debug-curl parameters pfms.png

1.4 Checking website loading time

If you want to check the latency of a website, select the module type named Remote HTTP module to check latency. If you want to find out the latency of the <https://pandorafms.com>:

task_begin
get https://pandorafms.com
task_end

Add the resource 1 configuration token so that the download time you calculate includes the download of all resources (javascript, CSS, images, etc.), thus calculating a more real data.


Info.png

The download time of the website is NOT the time it takes to see a web site in a browser, as this usually depends on the loading time of Javascript, and Goliat downloads the javascript, but does not run it.

 


1.5 Website Checks through a Proxy

You can also carry out website checks by using a proxy. To configure the proxy, add the proxy URL in the 'Proxy URL' field which is located under Advanced options:


An example of the URL could be:

http://proxy.domain.com:8080

If the proxy requires an authentication, you may use the following where my-user is the username and my_pwd is the password:

http://my-user:[email protected]:8080
Goliat proxy conf.png

1.6 Retrieving data from a website

Sometimes monitoring does not consist of finding out whether a specific Web site is working or how long it takes, but to get a real time value, such as Google's stock market value. To that end, use a Remote HTTP module to retrieve numeric data with the appropriate regular expression:

task_begin
get http://finance.google.com/finance/info?client=ig&q=NASDAQ%3aGOOG
get_content \d+\.\d+
task_end

The output will look like this:

Google stock quote.png


It is also possible to specify a more complex regular expression for collecting data from more complex HTTP responses with the get_content_advanced configuration token:


task_begin
get http://finance.yahoo.com/q?s=GOOG
get_content_advanced <span id="yfs_l84_goog">([\d\.]+)</span>
task_end

Template warning.png

The part of the regular expression defined in get_content_advanced must be enclosed in brackets.

 


To configure the thresholds that will trigger warning or critical status, use the module configuration to verify that the received string matches what is expected.

1.7 Website form checking

Web form checking is much more complex than simply checking a text on a website. This example check will use Pandora FMS Console, log in, and verify that it has been able to do it. It verifies a text in the workspace section where it shows the data of the user who has logged in. If it is a default console, the admin user contains the description "Admin Pandora".

To be able to perform this type of checks, you must have the necessary credentials. In addition, go to the page and get the HTML code to be able to see the names of the variables. Then, it is necessary to have a basic knowledge of HTML to understand how Goliat works.

Info.png

The ideal procedure when designing a WEB transactional test with several steps is to test it step by step, in case something was missed in one of the steps.

 


The example Console is:

http://192.168.70.116/pandora_console/

Analyzing the HTML code, it is observed that the variables of the login form are:

  • nick: user name
  • pass: user password

The variables variable_name and variable_value should be used together to validate the form. Pandora FMS Console has by default the admin and pandora values.

Firstly, access the form, send the user and password and authenticate (determining the success of that authentication will be seen in the following step).

task_begin
post http://192.168.70.116/pandora_console/index.php? 
 login=1
variable_name nick
variable_value admin
variable_name pass
variable_value pandora
cookie 1
resource 1
task_end

The token cookie 1 is used to keep the persistence of values obtained in the previous step, after a successful authentication. Then go to the page of user details and look for the phone, which by default for the "admin" user is 555-555-555. If you can see it, it means that you have logged in correctly in the console (note the use of the check_string command):

task_begin
get http://192.168.70.116/pandora_console/index.php? 
sec=workspace&sec2=operation/users/user_edit
cookie 1
resource 1
check_string 555-555-5555
task_end

And finally, log out from the Console and look for the logout message Logged out:

task_begin
get http://192.168.70.116/pandora_console/index.php? bye=bye
cookie 1
resource 1
check_string Logged out
task_end

Total script check:

Goliat full sample.jpg

1.8 WEB query performance

The fields of the advanced properties are similar to those of other types of modules, although there are some different and specific fields of WEB checks:

Timeout
This is the expiry time during the request. If it is exceeded, the request for verification will be discarded.
Agent browser id
This is the web browser identifier to be used, since certain pages only accept some web browsers (see https://www.zytrax.com/tech/web/browser_ids.htm for more information).
Requests
Pandora FMS will repeat the check the amount of times indicated in this parameter. If one of the checks fails, the check will be considered erroneous. Depending on the number of checks in the module, a certain number of pages will be obtained. That means that if the module consists of three checks, three pages will be downloaded, and if some value has been set in the Requests field, then the number of downloads will be multiplied by it. It is important to keep this in mind to know the total time it will take for the module to complete the operations.
Retries
The number of times it does a Request until getting a successful result. Examples:
  • retries = 2 and Requests = 1: If the first test fails, it will retry once more and if the second one works, the check is valid.
  • Retries = 1 and Requests = 2: It performs two checks, but if any of them fails, it will result in a failed check.

1.9 Simple HTTP Authentication

Some websites might require simple HTTP authentication. Generaly it is used as a fast authentication, a "hi" of minimum security that allows accessing advanced security checks (encryption, data persistance, etc.)

Conexion http.png

It can be configured in the advanced check options (or directly in the WEB task definition) with the following configuration tokens:

Check type
HTTP server check type.
http auth (login)
HTTP user.
http auth (password)
Password.
Proxy auth realm
Auth realm's name.
Proxy auth (server)
Domain and HTTP port on which to listen on.
Proxy URL
Proxy server url.
Proxy auth (login)
Proxy connection user.
Proxy auth (pass)
Proxy connection password.

Full example:

task_begin
get http://artica.es/pandoraupdate4/ui/
cookie 1
resource 1
check_string Pandora FMS Update Manager \(4.0\)
http_auth_serverport artica.es:80
http_auth_realm Private area
http_auth_user admin
http_auth_pass xxxx
task_end

1.10 Webservice and API Monitoring

With Pandora FMS and Goliat you may REST APIs, except for more complex APIs based on protocols such as SOAP or XML-RPC.

To check an API with this specific call which returns a number (from '0' to 'n') if it works properly; and if not, it returns nothing, (using my_user and my_pass as credentials):

task_begin
get http://artica.es/integria/include/api.php?user=my_user&pass=my_pass&op=get_stats&params=opened,,1
check_string \n[0-9]+
task_end

This will return a reply similar to this one:

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Date: Mon, 13 May 2013 15:39:27 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Client-Date: Mon, 13 May 2013 15:39:27 GMT
Client-Peer: 64.90.57.215:80
Client-Response-Num: 1
Client-Transfer-Encoding: chunked
Set-Cookie: a81d4c5e530ad73e256b7729246d3d2c=pcasWqI6pZzT2x2AuWo602; path=/

0

By checking the output with a regular expression, you may verify that everything works properly. For more complex answers, use other regular expressions accordingly.

More examples:

task_begin
get https://swapi.co/api/planets/1/
get_content Tatooine
task_end

In this case, the module created to show data must be Remote HTTP module to retrieve string data (web_content_string).

task_begin
get https://pokeapi.co/api/v2/pokemon/ditto/
get_content imposter
task_end

Just like the previous module, the type of data defined needs to be 'Remote HTTP module to retrieve string data (web_content_string)' for the module to work properly.

You may perform calls with get_content_advanced:


task_begin
get https://api.hillbillysoftware.com/Awards/ByYear/1990
get_content_advanced "Nominee":"([A-Za-z ]+)","Year":"1990"
task_end

Result:

APIwiki1.png


In Pandora FMS the result would be displayed as follows:

APIwiki2.png


Template warning.png

It is important to properly define the capture groups within the parentheses so that the call is executed correctly.

 


Template warning.png

When creating API calls, it is important to know if the destination API has the right permissions to allow calls.

 


1.11 HTTPS Monitoring

Goliat is able to check both HTTP and HTTPS. To carry out checks on secured websites which use HTTPS, incorporate the protocol into its URL, e.g.:

task_begin
get https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=https%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=zpwhtygjntrz&ss=1&scc=1&ltmpl=default&ltmplcache=2
cookie 1
resource 0
check_string Google
task_end

1.12 Advanced Options

1.12.1 Modifying HTTP Headers

With the header option, you are able to modify HTTP headers or create your own. The example below changes the Host HTTP header:

task_begin
get http://192.168.1.5/index.php
header Host 192.168.1.1
task_end

1.12.2 Debugging Web checks

If you want to debug Web checks, add the debug <log_file> option. The files log_file.req and log_file.res will be created along with the contents of the HTTP request and response:

task_begin
get http://192.168.1.5/index.php
debug /tmp/request.log
task_end

1.12.3 Using CURL instead of LWP

LWP library sometimes crashes when multiple threads issue HTTPS requests simultaneously (due to an OpenSSL constraint). The alternative is to use the curl tool To solve this problem, edit the file named /etc/pandora/pandora_server.conf and the following line:

web_engine curl

Restart Pandora FMS Server, and the CURL binary will be used to perform web checks instead of LWP.

2 Advanced Transactional Monitoring

In addition to the feature offered by Goliath, there are other ways to carry out web transactional monitoring.

  • In a distributed way (UX), deployed as an "agent" in systems different to that of the server, even in unaccessible networks.
  • In a centralized way (WUX)

Go back to Pandora FMS documentation index