Monit: search for text at a url with https protocol - monit

For some reason, monit configuration for monitoring the presence of text at a URL has been failing constantly in the last 48 hours. Here is the relevant config data:
if failed (url https://www.Example.com.com/where-to-buy/ and content == 'Online Retail Partners' and timeout 40 seconds)
then alert
if failed (url https://www.Example.com.com/products/high-absorption and content == 'You May Also Like' and timeout 20 seconds)
then alert
if failed (url https://www.Example.com.com/health-interests/bone-health and content == 'Refine' and timeout 20 seconds)
then alert
if failed (url https://www.Example.com.com/search?keywords=vitamin+d and content == 'Vegan D3' and timeout 20 seconds)
then alert
This all worked great for months/years.
We are getting inundated with monit alerts as follows:
Date: 21 Feb 12:11:32 -0600
Host: Example.com.
Service: httpd
Action: Alert
Description: connection succeeded to [www.Example.com]:443/health-interests/bone-health [TCP/IP TLS]
Date: 21 Feb 12:11:33 -0600
Host: Example.com
Service: httpd
Action: Alert
Description: failed protocol test [HTTP] at [www.Example.com]:443/products/high-absorption [TCP/IP TLS] -- Cannot resolve [www.Example.com]:443
Your faithful employee,
M/Monit
Date: 21 Feb 12:14:00 -0600
Host: Example.com
Service: httpd
Action: Alert
Description: connection succeeded to [www.Example.com]:443/products/high-absorption [TCP/IP TLS]
I'm not sur why we are failing the protocol tests.
Is there a different way to set port 443, https protocol while searching for text in a URL?

Cannot resolve [www.Example.com]
Monit is not able to resolve the IP of the remote service. Please investigate name resolution at the host level (DNS etc...)

Related

SSL for Phoenix working locally but not on production

I have an Phoenix/Elixir App that works fine with https locally, however when I try to change it to use the production certificates the server does not respond and no error messages are shown.
In my dev.exs this was made with the hostname localhost
In prod.exs here are the keys. These were made with my production URL
I have tried to change the localhost to production url on local by adding host into the https portion in the config
https: [port: 443,
host: "produrl.com"
keyfile: "priv/keys/domain.key",
certfile: "priv/keys/domain.crt"],
This throws an error
sudo MIX_ENV=prod mix phoenix.server
[info] Running LiteChartBe.Endpoint with Cowboy using http://localhost:80
[info] Application lite_chart_be exited: LiteChartBe.start(:normal, []) returned an error: shutdown: failed to start child: LiteChartBe.Endpoint
** (EXIT) shutdown: failed to start child: Phoenix.Endpoint.Server
** (EXIT) shutdown: failed to start child: {:ranch_listener_sup, LiteChartBe.Endpoint.HTTPS}
** (EXIT) shutdown: failed to start child: :ranch_acceptors_sup
** (EXIT) :badarg
{"Kernel pid terminated",application_controller,"{application_start_failure,lite_chart_be,{{shutdown,{failed_to_start_child,'Elixir.LiteChartBe.Endpoint',{shutdown,{failed_to_start_child,'Elixir.Phoenix.Endpoint.Server',{shutdown,{failed_to_start_child,{ranch_listener_sup,'Elixir.LiteChartBe.Endpoint.HTTPS'},{shutdown,{failed_to_start_child,ranch_acceptors_sup,badarg}}}}}}}},{'Elixir.LiteChartBe',start,[normal,[]]}}}"}
Kernel pid terminated (application_controller) ({application_start_failure,lite_chart_be,{{shutdown,{failed_to_start_child,'Elixir.LiteChartBe.Endpoint',{shutdown,{failed_to_start_child,'Elixir.Phoeni
If I simply forward localhost to produrl in my local hosts file, no errors are thrown and nothing connects to the server using https.
The error states that you provided a wrong argument for the configuration of your Endpoint (** (EXIT) :badarg). I suppose that is beacause you are missing a comma behind your host url.
This does probably not solve your problem, but that is supposedly the reason for the error message shown after your change.

How to pass SSO using selenium2+phantomjs webdriver?

I am using selenium2 (selenium-java:3.0.1) and phantomjs-2.1.1-linux-x86_64. What I am trying to do is getting to a page that needs SSO. When using browser to access the website, it will popup a login dialog to input username and password.
When using wget to get the URL. it stopped at the auth part.
test#ubu-test:wget https://www.example.com/details
--2016-11-15 05:18:02-- https://www.example.com/details
Resolving www.example.com (www.example.com)... 10.20.30.40
Connecting to www.example.com (www.example.com)|10.20.30.40|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: /detaisl [following]
--2016-11-15 05:18:02-- https://www.example.com/login
Reusing existing connection to www.example.com:443.
HTTP request sent, awaiting response... 302 Found
Location: https://sso.example.com/idp/SSO.saml2?SAMLRequest=...something not related... [following]
--2016-11-15 05:18:02-- https://sso.example.com/idp/SSO.saml2?SAMLRequest=...something not related...
Resolving sso.example.com (sso.example.com)... 11.22.33.44
Connecting to sso.example.com (sso.example.com)|11.22.33.44|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://sso.example.com/idp/95wM4/resumeSAML20/idp/SSO.ping [following]
--2016-11-15 05:18:02-- https://sso.example.com/idp/95wM4/resumeSAML20/idp/SSO.ping
Reusing existing connection to sso.example.com:443.
HTTP request sent, awaiting response... 401 Unauthorized
Username/Password Authentication Failed.
When using selenium2 (selenium-java:3.0.1) and phantomjs-2.1.1-linux-x86_64 with the following code
WebDriver webdriver = new PhantomJSDriver();
webdriver.get("https://www.example.com/details");
System.out.println(webdriver.getCurrentUrl());
System.out.println(webdriver.getTitle());
System.out.println(webdriver.getPageSource());
The output is:
Nov 15, 2016 5:36:07 AM org.openqa.selenium.phantomjs.PhantomJSDriverService <init>
INFO: executable: ./phantomjs-2.1.1-linux-x86_64/bin/phantomjs
Nov 15, 2016 5:36:07 AM org.openqa.selenium.phantomjs.PhantomJSDriverService <init>
INFO: port: 27571
Nov 15, 2016 5:36:07 AM org.openqa.selenium.phantomjs.PhantomJSDriverService <init>
INFO: arguments: [--webdriver=27571, --webdriver-logfile=./phantomjsdriver.log]
Nov 15, 2016 5:36:07 AM org.openqa.selenium.phantomjs.PhantomJSDriverService <init>
INFO: environment: {}
[INFO - 2016-11-15T13:36:07.904Z] GhostDriver - Main - running on port 27571
[INFO - 2016-11-15T13:36:08.113Z] Session [76cd8ec0-ab38-11e6-bceb-256426a0974e] - page.settings - {"XSSAuditingEnabled":false,"javascriptCanCloseWindows":true,"javascriptCanOpenWindows":true,"javascriptEnabled":true,"loadImages":true,"localToRemoteUrlAccessEnabled":false,"userAgent":"Mozilla/5.0 (Unknown; Linux x86_64) AppleWebKit/538.1 (KHTML, like Gecko) PhantomJS/2.1.1 Safari/538.1","webSecurityEnabled":true}
[INFO - 2016-11-15T13:36:08.113Z] Session [76cd8ec0-ab38-11e6-bceb-256426a0974e] - page.customHeaders: - {}
[INFO - 2016-11-15T13:36:08.113Z] Session [76cd8ec0-ab38-11e6-bceb-256426a0974e] - Session.negotiatedCapabilities - {"browserName":"phantomjs","version":"2.1.1","driverName":"ghostdriver","driverVersion":"1.2.0","platform":"linux-unknown-64bit","javascriptEnabled":true,"takesScreenshot":true,"handlesAlerts":false,"databaseEnabled":false,"locationContextEnabled":false,"applicationCacheEnabled":false,"browserConnectionEnabled":false,"cssSelectorsEnabled":true,"webStorageEnabled":false,"rotatable":false,"acceptSslCerts":false,"nativeEvents":true,"proxy":{"proxyType":"direct"}}
[INFO - 2016-11-15T13:36:08.115Z] SessionManagerReqHand - _postNewSessionCommand - New Session Created: 76cd8ec0-ab38-11e6-bceb-256426a0974e
about:blank
<html><head></head><body></body></html>
So it happens like it just opens an about:blank page and nothing more. Is there a way to input user name and password into popup dialog, and continue the access?
Use this code for handling such type of errors, most of the time we get SSL handshake errors,i will suggest you to use the following code to handle such type of errors.
DesiredCapabilities caps = new DesiredCapabilities();
caps.setJavascriptEnabled(true);
caps.setCapability("takesScreenshot", true);
caps.setCapability(PhantomJSDriverService.PHANTOMJS_EXECUTABLE_PATH_PROPERTY,**Path**//phantomjs.exe" );
//For Handling SSL errors
caps.setCapability(PhantomJSDriverService.PHANTOMJS_CLI_ARGS, new String[]{"--ignore-ssl-errors=true"});
//To Disable Logs
caps.setCapability(PhantomJSDriverService.PHANTOMJS_CLI_ARGS, new String[]{"--webdriver-loglevel=NONE"});
driver = new PhantomJSDriver(caps);
If you are using WebDriverWait , i will suggest you to disable log from PhantomJS.

How to configure apache server to allow wget with proxy?

I'm totally new to the apache httpd stuff
I setup my host ServerHost1 as a file server with httpd
# httpd -v
Server version: Apache/2.4.6 (Red Hat Enterprise Linux)
Server built: Dec 2 2014 08:09:42
I have put the file TestFile.txt under /var/www/html/TestDir/TestFile.txt
I modified part of the httpd.conf as follow
<Directory />
Order deny,allow
Allow from all
</Directory>
On a test host TestHost1 with full Internet access, I can downloaded my file with wget
TestHost1]# wget http://ServerHost1/TestDir/TestFile.txt
--2016-03-17 13:39:12-- http://ServerHost1/TestDir/TestFile.txt
Resolving ServerHost1 (ServerHost1)... <IP address>
Connecting to ServerHost1 (ServerHost1)|<IP address>|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2859976598 (2.7G) [application/octet-stream]
Saving to: ‘TestFile.txt’
2% [> ] 60,645,376 24.0MB/s
On the host sitting on a semi-isolated network TestHost2, I have to use proxy for wget to work. It works fine with google
TestHost2]# wget google.ca
--2016-03-17 13:53:26-- http://google.ca/
Resolving proxy.com (proxy.com)... <ProxyIP>
Connecting to proxy.com (proxy.com)|<ProxyIP>|:3128... connected.
Proxy request sent, awaiting response... 301 Moved Permanently
Location: http://www.google.ca/ [following]
--2016-03-17 13:53:26-- http://www.google.ca/
Reusing existing connection to proxy.com:3128.
Proxy request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘index.html’
[ <=> ] 19,928 --.-K/s in 0.1s
2016-03-17 13:53:27 (159 KB/s) - ‘index.html’ saved [19928]
However when I try to get my file from ServerHost1, it gets ERROR 503: Service Unavailable
TestHost2]# wget http://ServerHost1/TestDir/TestFile.txt
--2016-03-17 13:57:13-- http://ServerHost1/TestDir/TestFile.txt
Resolving proxy.com (proxy.com)...<ProxyIP>
Connecting to proxy.com (proxy.com)|<ProxyIP>|:3128... connected.
Proxy request sent, awaiting response... 503 Service Unavailable
2016-03-17 13:57:13 ERROR 503: Service Unavailable.
So the question is
(1) Why am I seeing 503 ServiceUnavailable when the file is apparently available (since I can downloaded from testhost1)?
(2) How do I configure my httpd.conf file so that TestHost2 can wget the file from ServerHost1?
Maybe try with ProxyRequests as described in Apache docs https://httpd.apache.org/docs/2.4/mod/mod_proxy.html

Monit / restart service when failed

I have a service, which is a server which listening to port: 7000.
I want to verify that the service is always up, and when it fails I want to start it again.
I wrote the next script in /etc/monit.d/myserver
check process myserver with pidfile /var/run/myserver.pid
start program = "/etc/init.d/myserver start" with timeout 5 seconds
stop program = "/etc/init.d/myserver stop" with timeout 5 seconds
if failed host 127.0.0.1 port 7000
protocol HTTP request /testcheck then restart
if 5 restarts within 5 cycles then timeout
But I notice that even when the process is running, it restart the service, and give the next information on the log:
EST Dec 18 03:05:13] error : HTTP: error receiving data -- Resource temporarily unavailable
[EST Dec 18 03:05:13] error : 'myserver ' failed protocol test [HTTP] at INET[127.0.0.1:7000] via TCP
[EST Dec 18 03:05:13] info : 'myserver ' trying to restart
[EST Dec 18 03:05:13] info : 'myserver ' stop: /etc/init.d/myserver
[EST Dec 18 03:05:14] info : 'myserver ' start: /etc/init.d/myserver
How can I check it correctly so just when the service is down, it will restart it?
I had the same problem and at the end I found out that I'm not running monit daemon properly take look at this post: Rerun a process in Monit if process stops

Monit cannot open connection errors resulting in alerts from M/Monit that server is down

I'm using monit and M/Monit to monitor my application infrastructure. But every once in a while, M/Monit will show a "No report" error from a server and mark it down. A few seconds later, the issue clears at the next check in for the server to M/Monit.
The monit logs on some of the servers have these events in them:
Oct 14 12:19:11 ip-10-203-51-199 monit[30307]: M/Monit: cannot open a
connection to http://example.com:8080/collector -- Connection timed out
Oct 14 12:20:16 ip-10-203-51-199 monit[30307]: M/Monit: cannot open a
connection to http://example.com:8080/collector -- Connection timed out
Oct 14 12:22:21 ip-10-203-51-199 monit[30307]: M/Monit: cannot open a
connection to http://example.com:8080/collector -- Connection timed out
What config do I need to tune to increase the threshold until M/Monit considers the server actually down?
Here is the config from the server that has the most trouble:
set httpd port 2812 and
allow xxx:xxx
set mailserver xxx.xxx.xxx port xxx username "xxx" password "xxx" using tlsv1 with timeout 15 seconds
set daemon 30
with start delay 120
set logfile syslog facility log_daemon
set alert xxx
set mail-format {
subject: $EVENT $SERVICE on $HOST
from: monit#$HOST
message: Monit $ACTION $SERVICE at $DATE on $HOST: $DESCRIPTION.
}
set mmonit http://xxx:xxx#example.com:8080/collector
There doesn't appear to be any problem with config file.
The intermittent problem you are experiencing is because monit is failing to open a socket on the port and timing out. See the source code for reference (handle_mmonit()):
http://fossies.org/linux/privat/monit-5.6.tar.gz:a/monit-5.6/src/collector.c
Search for the string "M/Monit: cannot open a connection to".
The timeout value appears to be fixed at 5 seconds in the code. But 5 seconds is ample time to open a socket connection on that port.
How often does monit post events to mmonit?
Had the same problem
[MST Apr 5 11:24:11] error : 'apache' failed protocol test [APACHESTATUS] at [phoenix.example.com]:80 [TCP/IP] -- APACHE-STATUS: error -- no scoreboard found
[MST Apr 5 11:24:16] error : Cannot create socket to [10x.xx.xx.x4]:8080 -- Connection timed out
We had another firewall on top of iptables. Opened up the 8080 in the input and the output side and it fixed it!