Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

Manual Nagios

Download as txt, pdf, or txt
Download as txt, pdf, or txt
You are on page 1of 7

Nagios check_http Plugin

check_http v2.3.1.git (nagios-plugins 2.3.1)


Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>
Copyright (c) 1999-2014 Nagios Plugin Development Team
<devel@nagios-plugins.org>

This plugin tests the HTTP service on the specified host. It can test
normal (http) and secure (https) servers, follow redirects, search for
strings and regular expressions, check connection times, and report on
certificate expiration times.

Usage:
check_http -H <vhost> | -I <IP-address> [-u <uri>] [-p <port>]
[-J <client certificate file>] [-K <private key>]
[-w <warn time>] [-c <critical time>] [-t <timeout>] [-L] [-E] [-U] [-a
auth]
[-b proxy_auth] [-f <ok|warning|critical|follow|sticky|stickyport>]
[-e <expect>] [-d string] [-s string] [-l] [-r <regex> | -R <case-
insensitive regex>]
[-P string] [-m <min_pg_size>:<max_pg_size>] [-4|-6] [-N] [-M <age>]
[-A string] [-k string] [-S <version>] [--sni] [-C
<warn_age>[,<crit_age>]]
[-T <content-type>] [-j method]
NOTE: One or both of -H and -I must be specified

Options:
-h, --help
Print detailed help screen
-V, --version
Print version information
--extra-opts=[section][@file]
Read options from an ini file. See
https://www.nagios-plugins.org/doc/extra-opts.html
for usage and examples.
-H, --hostname=ADDRESS
Host name argument for servers using host headers (virtual host)
Append a port to include it in the header (eg: example.com:5000)
-I, --IP-address=ADDRESS
IP address or name (use numeric address if possible to bypass DNS lookup).
-p, --port=INTEGER
Port number (default: 80)
-4, --use-ipv4
Use IPv4 connection
-6, --use-ipv6
Use IPv6 connection
-S, --ssl=VERSION[+]
Connect via SSL. Port defaults to 443. VERSION is optional, and prevents
auto-negotiation (2 = SSLv2, 3 = SSLv3, 1 = TLSv1, 1.1 = TLSv1.1,
1.2 = TLSv1.2). With a '+' suffix, newer versions are also accepted.
--sni
Enable SSL/TLS hostname extension support (SNI)
-C, --certificate=INTEGER[,INTEGER]
Minimum number of days a certificate has to be valid. Port defaults to 443
(When this option is used the URL is not checked by default. You can use
--continue-after-certificate to override this behavior)
--continue-after-certificate
Allows the HTTP check to continue after performing the certificate check.
Does nothing unless -C is used.
-J, --client-cert=FILE
Name of file that contains the client certificate (PEM format)
to be used in establishing the SSL session
-K, --private-key=FILE
Name of file containing the private key (PEM format)
matching the client certificate
-e, --expect=STRING
Comma-delimited list of strings, at least one of them is expected in
the first (status) line of the server response (default: HTTP/1.)
If specified skips all other status line logic (ex: 3xx, 4xx, 5xx
processing)
-d, --header-string=STRING
String to expect in the response headers
-s, --string=STRING
String to expect in the content
-u, --uri=PATH
URI to GET or POST (default: /)
--url=PATH
(deprecated) URL to GET or POST (default: /)
-P, --post=STRING
URL encoded http POST data
-j, --method=STRING (for example: HEAD, OPTIONS, TRACE, PUT, DELETE, CONNECT)
Set HTTP method.
-N, --no-body
Don't wait for document body: stop reading after headers.
(Note that this still does an HTTP GET or POST, not a HEAD.)
-M, --max-age=SECONDS
Warn if document is more than SECONDS old. the number can also be of
the form "10m" for minutes, "10h" for hours, or "10d" for days.
-T, --content-type=STRING
specify Content-Type header media type when POSTing

-l, --linespan
Allow regex to span newlines (must precede -r or -R)
-r, --regex, --ereg=STRING
Search page for regex STRING
-R, --eregi=STRING
Search page for case-insensitive regex STRING
--invert-regex
Return CRITICAL if found, OK if not

-a, --authorization=AUTH_PAIR
Username:password on sites with basic authentication
-b, --proxy-authorization=AUTH_PAIR
Username:password on proxy-servers with basic authentication
-A, --useragent=STRING
String to be sent in http header as "User Agent"
-k, --header=STRING
Any other tags to be sent in http header. Use multiple times for additional
headers
-E, --extended-perfdata
Print additional performance data
-U, --show-url
Print URL in msg output in plain text
-L, --link
Wrap output in HTML link (obsoleted by urlize)
-f, --onredirect=<ok|warning|critical|follow|sticky|stickyport>
How to handle redirected pages. sticky is like follow but stick to the
specified IP address. stickyport also ensures port stays the same.
-m, --pagesize=INTEGER<:INTEGER>
Minimum page size required (bytes) : Maximum page size required (bytes)
-w, --warning=DOUBLE
Response time to result in warning status (seconds)
-c, --critical=DOUBLE
Response time to result in critical status (seconds)
-t, --timeout=INTEGER:<timeout state>
Seconds before connection times out (default: 10)
Optional ":<timeout state>" can be a state integer (0,1,2,3) or a state
STRING
-v, --verbose
Show details for command-line debugging (Nagios may truncate output)

Notes:
This plugin will attempt to open an HTTP connection with the host.
Successful connects return STATE_OK, refusals and timeouts return
STATE_CRITICAL
other errors return STATE_UNKNOWN. Successful connects, but incorrect
response
messages from the host result in STATE_WARNING return values. If you are
checking a virtual server that uses 'host headers' you must supply the FQDN
(fully qualified domain name) as the [host_name] argument.
You may also need to give a FQDN or IP address using -I (or --IP-Address).

This plugin can also check whether an SSL enabled web server is able to
serve content (optionally within a specified time) or whether the X509
certificate is still valid for the specified number of days.

Please note that this plugin does not check if the presented server
certificate matches the hostname of the server, or if the certificate
has a valid chain of trust to one of the locally installed CAs.

Examples:
CHECK CONTENT: check_http -w 5 -c 10 --ssl -H www.verisign.com

When the 'www.verisign.com' server returns its content within 5 seconds,


a STATE_OK will be returned. When the server returns its content but exceeds
the 5-second threshold, a STATE_WARNING will be returned. When an error
occurs,
a STATE_CRITICAL will be returned.

CHECK CERTIFICATE: check_http -H www.verisign.com -C 14

When the certificate of 'www.verisign.com' is valid for more than 14 days,


a STATE_OK is returned. When the certificate is still valid, but for less than
14 days, a STATE_WARNING is returned. A STATE_CRITICAL will be returned when
the certificate is expired.

CHECK CERTIFICATE: check_http -H www.verisign.com -C 30,14

When the certificate of 'www.verisign.com' is valid for more than 30 days,


a STATE_OK is returned. When the certificate is still valid, but for less than
30 days, but more than 14 days, a STATE_WARNING is returned.
A STATE_CRITICAL will be returned when certificate expires in less than 14
days
CHECK SSL WEBSERVER CONTENT VIA PROXY USING HTTP 1.1 CONNECT:
check_http -I 192.168.100.35 -p 80 -u https://www.verisign.com/ -S -j CONNECT
-H www.verisign.com
all these options are needed: -I <proxy> -p <proxy-port> -u <check-url> -S(sl)
-j CONNECT -H <webserver>
a STATE_OK will be returned. When the server returns its content but exceeds
the 5-second threshold, a STATE_WARNING will be returned. When an error
occurs,
a STATE_CRITICAL will be returned.

Send email to help@nagios-plugins.org if you have questions regarding use


of this software. To submit patches or suggest improvements, send email to
devel@nagios-plugins.org

Nagios check_by_ssh Plugin

check_by_ssh v2.3.1.git (nagios-plugins 2.3.1)


Copyright (c) 1999 Karl DeBisschop <kdebisschop@users.sourceforge.net>
Copyright (c) 2000-2014 Nagios Plugin Development Team
<devel@nagios-plugins.org>

This plugin uses SSH to execute commands on a remote host

Usage:
check_by_ssh -H <host> -C <command> [-fqv] [-1|-2] [-4|-6]
[-S [lines]] [-E [lines]] [-t timeout] [-i identity]
[-l user] [-n name] [-s servicelist] [-O outputfile]
[-p port] [-o ssh-option] [-F configfile]

Options:
-h, --help
Print detailed help screen
-V, --version
Print version information
--extra-opts=[section][@file]
Read options from an ini file. See
https://www.nagios-plugins.org/doc/extra-opts.html
for usage and examples.
-H, --hostname=ADDRESS
Host name, IP Address, or unix socket (must be an absolute path)
-p, --port=INTEGER
Port number (default: none)
-4, --use-ipv4
Use IPv4 connection
-6, --use-ipv6
Use IPv6 connection
-1, --proto1
tell ssh to use Protocol 1 [optional]
-2, --proto2
tell ssh to use Protocol 2 [optional]
-S, --skip-stdout[=n]
Ignore all or (if specified) first n lines on STDOUT [optional]
-E, --skip-stderr[=n]
Ignore all or (if specified) first n lines on STDERR [optional]
-f
tells ssh to fork rather than create a tty [optional]. This will always
return OK if ssh is executed
-C, --command='COMMAND STRING'
command to execute on the remote machine
-l, --logname=USERNAME
SSH user name on remote host [optional]
-i, --identity=KEYFILE
identity of an authorized key [optional]
-O, --output=FILE
external command file for nagios [optional]
-s, --services=LIST
list of nagios service names, separated by ':' [optional]
-n, --name=NAME
short name of host in nagios configuration [optional]
-o, --ssh-option=OPTION
Call ssh with '-o OPTION' (may be used multiple times) [optional]
-F, --configfile
Tell ssh to use this configfile [optional]
-q, --quiet
Tell ssh to suppress warning and diagnostic messages [optional]
-w, --warning=DOUBLE
Response time to result in warning status (seconds)
-c, --critical=DOUBLE
Response time to result in critical status (seconds)
-t, --timeout=INTEGER:<timeout state>
Seconds before connection times out (default: 10)
Optional ":<timeout state>" can be a state integer (0,1,2,3) or a state
STRING
-v, --verbose
Show details for command-line debugging (Nagios may truncate output)

The most common mode of use is to refer to a local identity file with
the '-i' option. In this mode, the identity pair should have a null
passphrase and the public key should be listed in the authorized_keys
file of the remote host. Usually the key will be restricted to running
only one command on the remote server. If the remote SSH server tracks
invocation arguments, the one remote program may be an agent that can
execute additional commands as proxy

To use passive mode, provide multiple '-C' options, and provide


all of -O, -s, and -n options (servicelist order must match '-C'options)

Examples:
$ check_by_ssh -H localhost -n lh -s c1:c2:c3 -C uptime -C uptime -C uptime -O
/tmp/foo
$ cat /tmp/foo
[1080933700] PROCESS_SERVICE_CHECK_RESULT;flint;c1;0; up 2 days
[1080933700] PROCESS_SERVICE_CHECK_RESULT;flint;c2;0; up 2 days
[1080933700] PROCESS_SERVICE_CHECK_RESULT;flint;c3;0; up 2 days

Send email to help@nagios-plugins.org if you have questions regarding use


of this software. To submit patches or suggest improvements, send email to
devel@nagios-plugins.org

Nagios check_ftp Plugin

check_ftp v2.3.1.git (nagios-plugins 2.3.1)


Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>
Copyright (c) 1999-2014 Nagios Plugin Development Team
<devel@nagios-plugins.org>
This plugin tests FTP connections with the specified host (or unix socket).

Usage:
check_ftp -H host -p port [-w <warning time>] [-c <critical time>] [-s <send
string>]
[-e <expect string>] [-q <quit string>][-m <maximum bytes>] [-d <delay>]
[-t <timeout seconds>] [-r <refuse state>] [-M <mismatch state>] [-v] [-4|-6]
[-j]
[-D <warn days cert expire>[,<crit days cert expire>]] [-S <use SSL>] [-E]
[-N <server name indication>]

Options:
-h, --help
Print detailed help screen
-V, --version
Print version information
--extra-opts=[section][@file]
Read options from an ini file. See
https://www.nagios-plugins.org/doc/extra-opts.html
for usage and examples.
-H, --hostname=ADDRESS
Host name, IP Address, or unix socket (must be an absolute path)
-p, --port=INTEGER
Port number (default: none)
-4, --use-ipv4
Use IPv4 connection
-6, --use-ipv6
Use IPv6 connection
-E, --escape
Can use \n, \r, \t or \\ in send or quit string. Must come before send or
quit option
Default: nothing added to send, \r\n added to end of quit
-s, --send=STRING
String to send to the server
-e, --expect=STRING
String to expect in server response (may be repeated)
-A, --all
All expect strings need to occur in server response. Default is any
-q, --quit=STRING
String to send server to initiate a clean close of the connection
-r, --refuse=ok|warn|crit
Accept TCP refusals with states ok, warn, crit (default: crit)
-M, --mismatch=ok|warn|crit
Accept expected string mismatches with states ok, warn, crit (default:
warn)
-j, --jail
Hide output from TCP socket
-m, --maxbytes=INTEGER
Close connection once more than this number of bytes are received
-d, --delay=INTEGER
Seconds to wait between sending string and polling for response
-D, --certificate=INTEGER[,INTEGER]
Minimum number of days a certificate has to be valid.
1st is #days for warning, 2nd is critical (if not specified - 0).
-S, --ssl
Use SSL for the connection.
-w, --warning=DOUBLE
Response time to result in warning status (seconds)
-c, --critical=DOUBLE
Response time to result in critical status (seconds)
-t, --timeout=INTEGER:<timeout state>
Seconds before connection times out (default: 10)
Optional ":<timeout state>" can be a state integer (0,1,2,3) or a state
STRING
-v, --verbose
Show details for command-line debugging (Nagios may truncate output)

Send email to help@nagios-plugins.org if you have questions regarding use


of this software. To submit patches or suggest improvements, send email to
devel@nagios-plugins.org

You might also like