Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
en:documentation:03_monitoring:06_web_monitoring [2021/05/18 19:02]
admscopia
en:documentation:03_monitoring:06_web_monitoring [2021/11/05 12:05] (current)
Line 263: Line 263:
  
 ==== Simple HTTP Authentication ==== ==== Simple HTTP Authentication ====
-Some websites might require [[https://en.wikipedia.org/wiki/Basic_access_authentication|simple HTTP authentication]]. Generaly it is used as a fast authentication, a "hi" of minimum security that allows accessing advanced security checks (encryption, data persistance, etc.) 
  
-{{wiki:conexion_http.png?650 }}+Some websites might require [[wp>Basic_access_authentication|simple HTTP authentication]]. Generally, it is used as quick authentication, a "hi" of minimum security that allows accessing advanced security checks (encryption, data persistance, etc.) 
 + 
 +{{  :wiki:conexion_http.png?650  }}
  
 It can be configured in the advanced check options (or directly in the WEB task definition) with the following configuration tokens: It can be configured in the advanced check options (or directly in the WEB task definition) with the following configuration tokens:
Line 271: Line 272:
 **Check type** **Check type**
  
- HTTP server check type. +HTTP server check type. 
-;http auth (login)HTTP user. + 
-;http auth (password)Password.+**http auth (login)** 
 + 
 +HTTP user. 
 + 
 +**http auth (password)** 
 + 
 +Password. 
 **Proxy auth realm** **Proxy auth realm**
  
- Auth realm's name. +Auth realm's name. 
-;Proxy auth (server)Domain and HTTP port on which to listen on.+ 
 +**Proxy auth (server)** 
 + 
 +Domain and HTTP port on which to listen on. 
 **Proxy URL** **Proxy URL**
  
- Proxy server url. +Proxy server url. 
-;Proxy auth (login)Proxy connection user. + 
-;Proxy auth (pass)Proxy connection password.+**Proxy auth (login)** 
 + 
 +Proxy connection user. 
 + 
 +**Proxy auth (pass)** 
 + 
 +Proxy connection password.
  
 Full example: Full example:
 +<code>
  
  task_begin  task_begin
Line 296: Line 315:
  http_auth_pass xxxx  http_auth_pass xxxx
  task_end  task_end
 +
 +</code>
 +
 +<WRAP center round important 60%>The use of quotation marks in the password for ''http_auth_pass'' is not supported. Avoid using single quotes '' ' ''.
 +
 +</WRAP>
 +
  
 ==== Webservice and API Monitoring ==== ==== Webservice and API Monitoring ====
 +
 With Pandora FMS and Goliat you may [[https://en.wikipedia.org/wiki/Representational_state_transfer|REST]] APIs, except for more complex APIs based on protocols such as SOAP or XML-RPC. With Pandora FMS and Goliat you may [[https://en.wikipedia.org/wiki/Representational_state_transfer|REST]] APIs, except for more complex APIs based on protocols such as SOAP or XML-RPC.
 +<code>
  
-To check an API with this specific call which returns a number (from '0' to 'n') if it works properly; and if not, it returns nothing, (using ''my_user'' and ''my_pass'' as credentials):+task_begin 
 +get http://artica.es/integria/include/api.php?user=my_user&pass=my_pass&op=get_stats¶ms=opened,,
 +check_string \n[0-9]+ 
 +task_end
  
- task_begin +</code>
- get http://artica.es/integria/include/api.php?user = my_user&pass = my_pass&op = get_stats&params = opened,,1 +
- check_string \n[0-9]+ +
- task_end+
  
 This will return a reply similar to this one: This will return a reply similar to this one:
  
- HTTP/1.1 200 OK +<code> 
- Cache-Control: no-store, no-cache, must-revalidate, post-check =0, pre-check =0 +HTTP/1.1 200 OK 
- Connection: close +Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 
- Date: Mon, 13 May 2013 15:39:27 GMT +Connection: close 
- Pragma: no-cache +Date: Mon, 13 May 2013 15:39:27 GMT 
- Server: Apache +Pragma: no-cache 
- Vary: Accept-Encoding +Server: Apache 
- Content-Type: text/html +Vary: Accept-Encoding 
- Expires: Thu, 19 Nov 1981 08:52:00 GMT +Content-Type: text/html 
- Client-Date: Mon, 13 May 2013 15:39:27 GMT +Expires: Thu, 19 Nov 1981 08:52:00 GMT 
- Client-Peer: 64.90.57.215:80 +Client-Date: Mon, 13 May 2013 15:39:27 GMT 
- Client-Response-Num:+Client-Peer: 64.90.57.215:80 
- Client-Transfer-Encoding: chunked +Client-Response-Num:
- Set-Cookie: a81d4c5e530ad73e256b7729246d3d2c = pcasWqI6pZzT2x2AuWo602; path =/ +Client-Transfer-Encoding: chunked 
-  +Set-Cookie: a81d4c5e530ad73e256b7729246d3d2c=pcasWqI6pZzT2x2AuWo602; path=/ 
- 0+ 
 +0 
 + 
 +</code>
  
 By checking the output with a regular expression, you may verify that everything works properly. For more complex answers, use other regular expressions accordingly. By checking the output with a regular expression, you may verify that everything works properly. For more complex answers, use other regular expressions accordingly.
  
-More examples: +More examples:
  
 +<code>
  task_begin  task_begin
- get https://swapi.co/api/planets/1/+ get https://swapi.dev/api/planets/1/
  get_content Tatooine  get_content Tatooine
  task_end  task_end
  
-In this case, the module created to show data must be **Remote HTTP module to retrieve string data (web_content_string)**.+</code>
  
 +In this case, the module created to show data must be **Remote HTTP module to retrieve string data (web_content_string)**.
 +<code>
  task_begin  task_begin
  get https://pokeapi.co/api/v2/pokemon/ditto/  get https://pokeapi.co/api/v2/pokemon/ditto/
  get_content imposter  get_content imposter
  task_end  task_end
 +
 +</code>
  
 Just like the previous module, the type of data defined needs to be 'Remote HTTP module to retrieve string data (web_content_string)' for the module to work properly. Just like the previous module, the type of data defined needs to be 'Remote HTTP module to retrieve string data (web_content_string)' for the module to work properly.
  
 You may perform calls with **get_content_advanced**: You may perform calls with **get_content_advanced**:
 +<code>
 +task_begin
 +get https://api.hillbillysoftware.com/Awards/ByYear/1990
 +get_content_advanced "Nominee":"([A-Za-z ]+)","Year":"1990"
 +task_end
  
 +</code>
  
- task_begin +Result:
- get https://api.hillbillysoftware.com/Awards/ByYear/1990 +
- get_content_advanced "Nominee":"([A-Za-z]+)","Year":"1990" +
- task_end+
  
-Result+{{  :wiki:apiwiki1.png?600  }}
  
-{{ wiki:APIwiki1.png?600 }}+In Pandora FMS the result would be displayed as follows:
  
 +{{  :wiki:apiwiki2.png?400  }}
  
-In Pandora FMS the result would be displayed as follows: +<WRAP center round important 60%> It is important to properly define the capture groups within the parentheses so that the call is executed correctly. </WRAP>
  
-{{ wiki:APIwiki2.png?400 }}+<WRAP center round important 60%> When creating API calls, it is important to know if the destination API has the right permissions to allow calls</WRAP>
  
- 
-<WRAP center round important 60%> 
-It is important to properly define the capture groups within the parentheses so that the call is executed correctly. 
-</WRAP>  
- 
-<WRAP center round important 60%> 
-When creating API calls, it is important to know if the destination API has the right permissions to allow calls. 
-</WRAP> 
  
 ==== HTTPS Monitoring ==== ==== HTTPS Monitoring ====
 +
 Goliat is able to check both HTTP and HTTPS. To carry out checks on secured websites which use HTTPS, incorporate the protocol into its URL, e.g.: Goliat is able to check both HTTP and HTTPS. To carry out checks on secured websites which use HTTPS, incorporate the protocol into its URL, e.g.:
  
-''0@@''+<code> 
 +task_begin 
 +get https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=https%3A%2F%2Fmail.google.com%2Fmail%2F%3Fui%3Dhtml%26zy%3Dl&bsv=zpwhtygjntrz&ss=1&scc=1<mpl=default<mplcache=2 
 +cookie 1 
 +resource 0 
 +check_string Google 
 +task_end 
 + 
 +</code> 
  
 ==== Advanced Options ==== ==== Advanced Options ====
 === Modifying HTTP Headers === === Modifying HTTP Headers ===
-With the //header// option, you are able to modify HTTP headers or create your own. The example below changes the //Host// HTTP header: 
  
 +With the //header// option, you are able to modify HTTP headers or create your own. The example below changes the //Host// HTTP header:
 +<code>
  task_begin  task_begin
  get http://192.168.1.5/index.php  get http://192.168.1.5/index.php
  header Host 192.168.1.1  header Host 192.168.1.1
  task_end  task_end
 +
 +</code>
 +
  
 === Debugging Web checks === === Debugging Web checks ===
-If you want to debug Web checks, add the ''debug <log_file>'' option. The files ''log_file.req'' and ''log_file.res'' will be created along with the contents of the HTTP request and response: 
  
 +If you want to debug Web checks, add the ''debug <log_file>'' option. The files ''log_file.req'' and ''log_file.res'' will be created along with the contents of the HTTP request and response:
 +<code>
  task_begin  task_begin
  get http://192.168.1.5/index.php  get http://192.168.1.5/index.php
  debug /tmp/request.log  debug /tmp/request.log
  task_end  task_end
 +
 +</code>
 +
  
 === Using CURL instead of LWP === === Using CURL instead of LWP ===
-LWP library sometimes crashes when multiple threads issue HTTPS requests simultaneously (due to an OpenSSL constraint). The alternative is to use the [[https://curl.se/dlwiz/|**curl** tool]] To solve this problem, edit the file named ''/etc/pandora/pandora_server.conf'' and the following line: 
  
- web_engine curl+LWP library sometimes crashes when multiple threads issue HTTPS requests simultaneously (due to an OpenSSL constraint). The alternative is to use the [[https://curl.se/dlwiz/|curl tool]] To solve this problem, edit the file named ''/etc/pandora/pandora_server.conf'' and the following line: 
 +<code> 
 + 
 +web_engine curl 
 + 
 +</code>
  
 Restart Pandora FMS Server, and the CURL binary will be used to perform web checks instead of LWP. Restart Pandora FMS Server, and the CURL binary will be used to perform web checks instead of LWP.
 +
  
 ===== Advanced Transactional Monitoring ===== ===== Advanced Transactional Monitoring =====
  
-In addition to the feature offered by Goliath, there are other ways to carry out web transactional monitoring.  +In addition to the feature offered by Goliath, there are other ways to carry out web transactional monitoring. 
-  * In a distributed way (UX), deployed as an "agent" in systems different to that of the server, even in unaccessible networks.  + 
-  * In a [[en:documentation:03_monitoring:13_user_monitorization|centralized way (WUX)]]+  * [[:en:documentation:03_monitoring:13_user_monitorization#differences_between_ux_and_wux_monitoring|In a distributed way (UX)]], deployed as an "agent" in systems different to that of the server, even in unaccessible networks. 
 +  * In a centralized way (WUX) 
 + 
 +[[:en:documentation:start|Go back to Pandora FMS documentation index]]
  
-[[en:documentation:start|Go back to Pandora FMS documentation index]] 
  
ºº