Simulate Login Checks with Nagios

If you wish to check that your web application is working fine (people are able to login), you can run a script to automate the login process. It is possible to use cron to do it but with nagios, you could do much more. Nagios is highly configurable and it makes perfect sense to write a plugin just to do that.

I wrote a perl script over the weekend to simulate logins into a website once every 2 mins. If login fails after 2 tries, an email alert will be sent to the administrator (Settings can be changed in Nagios). The script works by detecting a certain html pattern from the result generated by the login success webpage. An example of the command in action is something like this:

check_login -f 1 -u http://xxx.com/index.php -l xx -p xx -L Username -P Password -r ‘Logout.jsp’

* L is the Userid field in the form and P is the password field in the form.
* u is the FULL url including the http.
* l is the actual login name and p is the actual login password.
* r is the regex pattern to search for if the login is successful.
* f is the form number. If you have 2 forms in the login page, the 1 will be the first form.

For the script to work, you need perl and its mechanize library. Copy and paste this script into the default plugin folder – likely to be /usr/lib/nagios/plugins. Add ‘check_login’ to hosts.cfg and define it in commands.cfg (or checkcommands.cfg). Refer to the nagios doc if unsure. The script is backward compatible with netsaint.


#!/usr/bin/perl -Tw

use strict;
use Getopt::Long;
use WWW::Mechanize;
use vars qw($opt_v $opt_h $opt_u $opt_f $opt_r $opt_l $opt_L $opt_P $opt_p $PROGNAME);
use lib “/usr/lib/nagios/plugins” ;
use utils qw(%ERRORS &print_revision &support &usage);

my($PROGNAME) = $0 =~ m/([^\/]+)$/;

sub print_help ();
sub print_usage ();
delete $ENV{PATH};
delete $ENV{BASH_ENV};
delete $ENV{ENV};

Getopt::Long::Configure(‘bundling’);

GetOptions(
‘v|version’ => \$opt_v,
‘h|help’ => \$opt_h,
‘u|url=s’ => \$opt_u,
‘l|login=s’ => \$opt_l,
‘p|password=s’ => \$opt_p,
‘f|formnumber=s’ => \$opt_f,
‘r|logoutregex=s’ => \$opt_r,
‘L|loginfield=s’ => \$opt_L,
‘P|passwordfield=s’ => \$opt_P,
);

if ($opt_v) {
print_revision($PROGNAME,’$Revision: 1.0 $’);
exit $ERRORS{‘UNKNOWN’};
}
if ($opt_h) {
print_help(); exit $ERRORS{‘UNKNOWN’};
}

#### PREDEFINE FIELDS
$opt_L = ($opt_L ? $opt_L : “Username”);
$opt_P = ($opt_P ? $opt_P : “Password”);

#### CHECKING REQUIRED FIELDS
sub error($$)
{
my($code, $msg) = @_;
print($msg, “\n”);
exit $ERRORS{$code};
}
($opt_f) || error(‘UNKNOWN’, ‘You need to specify a form number.’);
($opt_u) || error(‘UNKNOWN’, ‘You need to specify a url.’);
($opt_l) || error(‘UNKNOWN’, ‘You need to specify a login name.’);
($opt_p) || error(‘UNKNOWN’, ‘You need to specify a passwd.’);
($opt_r) || error(‘UNKNOWN’, ‘You need to specify a logout regex.’);
my $agent = WWW::Mechanize->new();
$agent->get($opt_u);
$agent->form_number($opt_f);
$agent->field($opt_L,$opt_l);
$agent->field($opt_P,$opt_p);
$agent->click();

my $success = $agent->follow_link( url_regex => qr/$opt_r/i);
unless ($success) {
error(‘CRITICAL’, “$opt_u login failed.\n”);
}

error(‘OK’, “$opt_u login success.\n”);

sub print_usage ()
{
print <
Usage: $PROGNAME [-u URL] [-l login] [-p password] [-L loginfield] [-P=passwordfield] [-f formnumber] [-r logoutregex]

Required Arguments:
-u, –URL==STRING
URL of the site you want to login from.
-l, –login=STRING
login username.
-p, –password=STRING
login passwd.
-L, –loginfield=STRING
Name of the login field in the form.
-P, –passwordfield=STRING
Name of the passwd field in the form.
-f, –formnumber=INT
Form Number on the login page.
-r, –logoutregex=STRING
Regex URL to logout

END
}
sub print_help () {
print_revision($PROGNAME,’$Revision: 1.0 $’);
print <

Bernard Peh, November 2007

This nagios plugin simulates a remote login using perl mechanize library. It attempts to login from a url, check for a logout regex, then logout by itself.
This can be useful to make sure a website or database connection is alive.

END

print_usage();
support();
}

Author: bpeh

Bernard Peh is a great passioner of web technologies and one of the co-founder of Sitecritic.net Website Design and Reviews. He works with experienced web designers and developers everyday, developing and designing commercial websites. He specialises mainly in SEO and PHP programming.

1 thought on “Simulate Login Checks with Nagios”

  1. I love your blog.. very nice colors & theme. Did you create this website yourself or did you hire someone to do it for you? Plz reply as I’m looking to design my own blog and would like to know where u got this from. appreciate it

Comments are closed.