check_http
Basic Usage
check_http -V
check_http v2.0.3 (nagios-plugins 2.0.3)
check_http <-H hostname | -I <IP> [-p <port>] [-u <uri>]
-I, --IP-address=ADDRESS
use numeric address if possible to bypass DNS lookup
-H, --hostname=ADDRESS
Hostname argument for servers using host headers
Append a port to include it in the header (eg: example.com:5000)
-u, --url=PATH
URL to GET or POST (default: /)
i.e.
./check_http -H datahunter.org
HTTP OK: HTTP/1.1 301 Moved Permanently - 348 bytes in 0.256 second response time | time=0.256357s;;;0.000000 size=348B;;;0
./check_http -I 192.168.123.11 -p 80 -H datahunter.org -u /systemcheck.php
define command{ command_name check_http_by_url command_line $USER1$/check_http -I $HOSTADDRESS$ -H $ARG1$ -u $ARG2$ } define service{ use service-medium host_name mydomain service_description HTTP check_command check_http_by_url!mydomain!/systemcheck.php }
Adv. Opts
# SSL
-S, --ssl=VERSION # TLS Version: 1.1 = TLSv1.1, 1.2 = TLSv1.2
# With a '+' suffix, newer versions are also accepted.
# Port: 443/tcp
* 在遇到 "CRITICAL - Socket timeout" 情況, 可以加入 "-S 1.1" 及 "-S 1.2" 測試
--sni # Enable SSL/TLS hostname extension support (SNI)
i.e.
./check_http -S -H datahunter.org
# Header
-N, --no-body # Don't wait for document body: stop reading after headers.
-k, --header=STRING # Any other tags to be sent in http header. (sent to http server)
-d, --header-string=STRING # String to expect in the response headers (在 V2.2 唔 work)
-e, --expect=STRING # Comma-delimited list of strings, at least one of them is expected in the response first line
i.e.
curl -I https://datahunter.org
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 15 Oct 2020 07:08:19 GMT
Content-Type: text/html; charset=utf-8
...
Status Code 與 String
i.e. http reponse header:
HTTP/1.1 200 OK
# 用 status code. 可以用 string 的, 比如
-e 200
# plugin output msg
HTTP OK: Status line output matched "200" - HTTP/1.1 200 OK - 7946 bytes in 0.210 second response time
-e 'OK' # 大細階係有分別的, 不能寫做 'ok'
# plugin output msg
HTTP OK: Status line output matched "OK" - HTTP/1.1 200 OK - 7946 bytes in 5.360 second response time
# Content
-s, --string=STRING # String to expect in the content
-r, --regex, --ereg=STRING # Search page for regex STRING
--invert-regex # Return CRITICAL if found, OK if not
-P, --post=STRING # URL encoded http POST data
# auth
-a, --authorization=AUTH_PAIR # Username:password on sites with basic authentication
# time
-t, --timeout=INTEGER # Default: 10
# other
-E, --extended-perfdata # Print additional performance data
Default 有
HTTP WARNING: HTTP/1.1 426 Upgrade header MUST be provided - 235 bytes in 0.078 second response time |time=0.077948s;;;0.000000 size=235B;;;0 time_connect=0.013786s;;;
多了
time_ssl=0.044961s;;; time_headers=0.000024s;;; time_firstbyte=0.018999s;;; time_transfer=0.019029s;;;
ie.
./check_http -S -p 8889 -N -e 400 -I n.n.n.n -H datahunter.org
Example
websocket
# 要加 hostname, 因為有機會有 SNI
# Usage: check_wss_by_hostname_port!hostname!port define command{ command_name check_wss_by_hostname_port command_line $USER1$/check_http -S 1.2 --sni -k "Connection: Upgrade" -k "Upgrade: websocket" -e 400 -N -I $HOSTADDRESS$ -H $ARG1$ -p $ARG2$ }
softether
# Usage: check_softether_by_port!port define command{ command_name check_softether_by_port command_line $USER1$/check_http -S 1.2 -e 403 -N -I $HOSTADDRESS$ -p $ARG1$ }