Sysdig Documentation

HTTP

The HTTP check monitors HTTP-based applications for URL availability.

This page describes the default configuration settings, how to edit the configuration to collect additional information, the metrics available for integration, and a sample result in the Sysdig Monitor UI.

HTTP Setup

You do not need to configure anything on HTTP-based applications for the Sysdig agent to connect.

Sysdig Agent Configuration

Review how to Edit dragent.yaml to Integrate or Modify Application Checks.

Default Configuration

No default entry is present in the dragent.default.yaml for the HTTP check. You need to add an entry in dragent.yaml as shown in following examples.

Warning

Never edit dragent.default.yaml directly; always edit only dragent.yaml.

Example 1

First you must identify the process pattern (comm:). It must match an actively running process for the HTTP check to work. Sysdig recommends the process be the one that is serving the URL being checked.

If the URL is is remote from the agent, the user should use a process that is always running, such as "systemd".

Confirm the "comm" value using the following command:

cat /proc/1/comm

Add the following entry to the dragent.yaml file and modify the 'name:''comm:' and 'url:' parameters as needed:

app_checks:
  - name: EXAMPLE_WEBSITE
    check_module: http_check
    pattern:
      comm:  systemd
    conf:
      url: https://www.MYEXAMPLE.com

Example 2

There are multiple configuration options available with the HTTP check. A full list is provided in the table following Example 2. These keys should be listed under the conf: section of the configuration in Example 1.

app_checks:
  - name: EXAMPLE_WEBSITE
    check_module: http_check
    pattern:
      comm:  systemd
    conf:
      url: https://www.MYEXAMPLE.com
      # timeout: 1
      #  method: get
      #  data:
      #    <KEY>: <VALUE>
      #  content_match: '<REGEX>''
      #  reverse_content_match: false
      #  username: <USERNAME>
      #  ntlm_domain: <DOMAIN>
      #  password: <PASSWORD>
      #  client_cert: /opt/client.crt
      #  client_key: /opt/client.key
      #  http_response_status_code: (1|2|3)\d\d
      #  include_content: false
      #  collect_response_time: true
      #  disable_ssl_validation: true
      #  ignore_ssl_warning: false
      #  ca_certs: /etc/ssl/certs/ca-certificates.crt
      #  check_certificate_expiration: true
      #  days_warning: <THRESHOLD_DAYS>
      #  check_hostname: true
      #  ssl_server_name: <HOSTNAME>
      #  headers:
      #    Host: alternative.host.example.com
      #    X-Auth-Token: <AUTH_TOKEN>
      #  skip_proxy: false
      #  allow_redirects: true
      #  include_default_headers: true
      #  tags:
      #    - <KEY_1>:<VALUE_1>
      #    - <KEY_2>:<VALUE_2>

Key

Description

url

The URL to test.

timeout

The time in seconds to allow for a response.

method

The HTTP method. This setting defaults to GET, though many other HTTP methods are supported, including POST and PUT.

data

The data option is only available when using the POST method. Data should be included as key-value pairs and will be sent in the body of the request.

content_match

A string or Python regular expression. The HTTP check will search for this value in the response and will report as DOWN if the string or expression is not found.

reverse_content_match

When true, reverses the behavior of the content_matchoption, i.e. the HTTP check will report as DOWN if the string or expression in content_match IS found. (default is false)

username & password

If your service uses basic authentication, you can provide the username and password here.

http_response_status_code

A string or Python regular expression for an HTTP status code. This check will report DOWN for any status code that does not match. This defaults to 1xx, 2xx and 3xx HTTP status codes. For example: 401 or 4\d\d.

include_content

When set to true, the check will include the first 200 characters of the HTTP response body in notifications. The default value is false.

collect_response_time

By default, the check will collect the response time (in seconds) as the metric network.http.response_time. To disable, set this value to false.

disable_ssl_validation

This setting will skip SSL certificate validation and is enabled by default. If you require SSL certificate validation, set this to false. This option is only used when gathering the response time/aliveness from the specified endpoint. Note this setting doesn’t apply to the check_certificate_expirationoption.

ignore_ssl_warning

When SSL certificate validation is enabled (see setting above), this setting allows you to disable security warnings.

ca_certs

This setting allows you to override the default certificate path as specified in init_config

check_certificate_expiration

When check_certificate_expiration is enabled, the service check will check the expiration date of the SSL certificate.

Note that this will cause the SSL certificate to be validated, regardless of the value of the disable_ssl_validation setting.

days_warning

When check_certificate_expiration is enabled, these settings will raise a warning alert when the SSL certificate is within the specified number of days from expiration.

check_hostname

When check_certificate_expiration is enabled, this setting will raise a warning if the hostname on the SSL certificate does not match the host of the given URL.

headers

This parameter allows you to send additional headers with the request. e.g. X-Auth-Token: <AUTH_TOKEN>

skip_proxy

If set, the check will bypass proxy settings and attempt to reach the check URL directly. This defaults to false.

allow_redirects

This setting allows the service check to follow HTTP redirects and defaults to true.

tags

A list of arbitrary tags that will be associated with the check.

Metrics Available

HTTP metrics concern response time and SSL certificate expiry information.

See HTTP Metrics.

Service Checks

http.can_connect:

Returns DOWN when any of the following occur:

  • the request to URL times out

  • the response code is 4xx/5xx, or it doesn’t match the pattern provided in the http_response_status_code

  • the response body does not contain the pattern in content_match

  • reverse_content_match is true and the response body does contain the pattern in content_match

  • URI contains https and disable_ssl_validation is false, and the SSL connection cannot be validated

  • Otherwise, returns UP.

Segmentation of the http.can_connect can be done by URL.

http.ssl_cert:

The check returns:

  • DOWN if the URL's certificate has already expired

  • WARNING if the URL's certificate expires in less than days_warning days

  • Otherwise, returns UP.

To disable this check, set check_certificate_expiration to false.

Result in the Monitor UI

373981860.png